| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_QUIC_CRYPTO_CERT_COMPRESSOR_H_ | 5 #ifndef NET_QUIC_CRYPTO_CERT_COMPRESSOR_H_ |
| 6 #define NET_QUIC_CRYPTO_CERT_COMPRESSOR_H_ | 6 #define NET_QUIC_CRYPTO_CERT_COMPRESSOR_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
| 12 #include "base/strings/string_piece.h" | 12 #include "base/strings/string_piece.h" |
| 13 #include "net/base/net_export.h" | 13 #include "net/base/net_export.h" |
| 14 #include "net/quic/crypto/common_cert_set.h" | 14 #include "net/quic/crypto/common_cert_set.h" |
| 15 #include "net/quic/crypto/crypto_protocol.h" | 15 #include "net/quic/crypto/crypto_protocol.h" |
| 16 | 16 |
| 17 namespace net { | 17 namespace net { |
| 18 | 18 |
| 19 // CertCompressor provides functions for compressing and decompressing | 19 // CertCompressor provides functions for compressing and decompressing |
| 20 // certificate chains using three techniquies: | 20 // certificate chains using three techniquies: |
| 21 // 1) The peer may provide a list of a 64-bit, FNV-1a hashes of certificates | 21 // 1) The peer may provide a list of a 64-bit, FNV-1a hashes of certificates |
| 22 // that they already have. In the event that one of them is to be | 22 // that they already have. In the event that one of them is to be |
| 23 // compressed, it can be replaced with just the hash. | 23 // compressed, it can be replaced with just the hash. |
| 24 // 2) The peer may provide a number of hashes that represent sets of | 24 // 2) The peer may provide a number of hashes that represent sets of |
| 25 // pre-shared certificates (CommonCertSets). If one of those certificates | 25 // pre-shared certificates. If one of those certificates is to be |
| 26 // is to be compressed, and it's known to the given CommonCertSets, then it | 26 // compressed, and it's known to the given CommonCertSets, then it can be |
| 27 // can be replaced with a set hash and certificate index. | 27 // replaced with a set hash and certificate index. |
| 28 // 3) Otherwise the certificates are compressed with zlib using a pre-shared | 28 // 3) Otherwise the certificates are compressed with zlib using a pre-shared |
| 29 // dictionary that consists of the certificates handled with the above | 29 // dictionary that consists of the certificates handled with the above |
| 30 // methods and a small chunk of common substrings. | 30 // methods and a small chunk of common substrings. |
| 31 class NET_EXPORT_PRIVATE CertCompressor { | 31 class NET_EXPORT_PRIVATE CertCompressor { |
| 32 public: | 32 public: |
| 33 // CompressChain compresses the certificates in |certs| and returns a | 33 // CompressChain compresses the certificates in |certs| and returns a |
| 34 // compressed representation. |common_set| contains the common certificate | 34 // compressed representation. |common_sets| contains the common certificate |
| 35 // sets known locally and |client_common_set_hashes| contains the hashes of | 35 // sets known locally and |client_common_set_hashes| contains the hashes of |
| 36 // the common sets known to the peer. |client_cached| contains 64-bit, FNV-1a | 36 // the common sets known to the peer. |client_cached_cert_hashes| contains |
| 37 // hashes of certificates that the peer already possesses. | 37 // 64-bit, FNV-1a hashes of certificates that the peer already possesses. |
| 38 static std::string CompressChain(const std::vector<std::string>& certs, | 38 static std::string CompressChain(const std::vector<std::string>& certs, |
| 39 base::StringPiece client_common_set_hashes, | 39 base::StringPiece client_common_set_hashes, |
| 40 base::StringPiece client_cached_cert_hashes, | 40 base::StringPiece client_cached_cert_hashes, |
| 41 const CommonCertSets* common_set); | 41 const CommonCertSets* common_sets); |
| 42 | 42 |
| 43 // DecompressChain decompresses the result of |CompressChain|, given in |in|, | 43 // DecompressChain decompresses the result of |CompressChain|, given in |in|, |
| 44 // into a series of certificates that are written to |out_certs|. | 44 // into a series of certificates that are written to |out_certs|. |
| 45 // |cached_certs| contains certificates that the peer may have omitted and | 45 // |cached_certs| contains certificates that the peer may have omitted and |
| 46 // |common_set| contains the common certificate sets known locally. | 46 // |common_sets| contains the common certificate sets known locally. |
| 47 static bool DecompressChain(base::StringPiece in, | 47 static bool DecompressChain(base::StringPiece in, |
| 48 const std::vector<std::string>& cached_certs, | 48 const std::vector<std::string>& cached_certs, |
| 49 const CommonCertSets* common_set, | 49 const CommonCertSets* common_sets, |
| 50 std::vector<std::string>* out_certs); | 50 std::vector<std::string>* out_certs); |
| 51 }; | 51 }; |
| 52 | 52 |
| 53 } // namespace net | 53 } // namespace net |
| 54 | 54 |
| 55 #endif // NET_QUIC_CRYPTO_CERT_COMPRESSOR_H_ | 55 #endif // NET_QUIC_CRYPTO_CERT_COMPRESSOR_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 15074007:
Land Recent QUIC changes. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src