Index: net/quic/crypto/proof_verifier_chromium.h |
diff --git a/net/quic/crypto/proof_verifier_chromium.h b/net/quic/crypto/proof_verifier_chromium.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..2466507d50f03e3328c22d4b689fc334c224537d |
--- /dev/null |
+++ b/net/quic/crypto/proof_verifier_chromium.h |
@@ -0,0 +1,89 @@ |
+// Copyright 2013 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |
+#define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |
+ |
+#include <string> |
+#include <vector> |
+ |
+#include "base/basictypes.h" |
+#include "base/compiler_specific.h" |
+#include "base/memory/scoped_ptr.h" |
+#include "net/base/completion_callback.h" |
+#include "net/base/net_export.h" |
+#include "net/base/net_log.h" |
+#include "net/cert/cert_verify_result.h" |
+#include "net/cert/x509_certificate.h" |
+#include "net/quic/crypto/proof_verifier.h" |
+ |
+namespace net { |
+ |
+class BoundNetLog; |
+class CertVerifier; |
+class CertVerifyResult; |
+class SingleRequestCertVerifier; |
+class X509Certificate; |
+ |
+// ProofVerifierChromium implements the QUIC ProofVerifier interface. |
+// TODO(rtenneti): Add support for multiple requests for one ProofVerifier. |
+class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { |
+ public: |
+ explicit ProofVerifierChromium(CertVerifier* cert_verifier, |
+ const BoundNetLog& net_log); |
+ virtual ~ProofVerifierChromium(); |
+ |
+ // ProofVerifier interface |
+ virtual int VerifyProof(const std::string& hostname, |
+ const std::string& server_config, |
+ const std::vector<std::string>& certs, |
+ const std::string& signature, |
+ std::string* error_details, |
+ const CompletionCallback& callback) OVERRIDE; |
+ |
+ private: |
+ enum State { |
+ STATE_NONE, |
+ STATE_VERIFY_CERT, |
+ STATE_VERIFY_CERT_COMPLETE, |
+ }; |
+ |
+ int DoLoop(int last_io_result); |
+ void OnIOComplete(int result); |
+ int DoVerifyCert(int result); |
+ int DoVerifyCertComplete(int result); |
+ |
+ bool VerifySignature(const std::string& signed_data, |
+ const std::string& signature, |
+ const std::string& cert); |
+ |
+ // |cert_verifier_| and |verifier_| are used for verifying certificates. |
+ CertVerifier* const cert_verifier_; |
+ scoped_ptr<SingleRequestCertVerifier> verifier_; |
+ |
+ // |hostname| specifies the hostname for which |certs| is a valid chain. |
+ std::string hostname_; |
+ |
+ CompletionCallback callback_; |
+ |
+ // The result of certificate verification. |
+ CertVerifyResult cert_verify_result_; |
+ std::string* error_details_; |
+ |
+ // X509Certificate from a chain of DER encoded certificates. |
+ scoped_refptr<X509Certificate> cert_; |
+ |
+ // |generation_counter| passed to VerifyProof call. |
+ uint64 generation_counter_; |
+ |
+ State next_state_; |
+ |
+ BoundNetLog net_log_; |
+ |
+ DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); |
+}; |
+ |
+} // namespace net |
+ |
+#endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ |