OLD | NEW |
---|---|
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
7 | 7 |
8 #include <map> | 8 #include <map> |
9 #include <string> | 9 #include <string> |
10 #include <vector> | 10 #include <vector> |
(...skipping 250 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
261 | 261 |
262 // SetProof stores a certificate chain and signature. | 262 // SetProof stores a certificate chain and signature. |
263 void SetProof(const std::vector<std::string>& certs, | 263 void SetProof(const std::vector<std::string>& certs, |
264 base::StringPiece signature); | 264 base::StringPiece signature); |
265 | 265 |
266 // SetProofValid records that the certificate chain and signature have been | 266 // SetProofValid records that the certificate chain and signature have been |
267 // validated and that it's safe to assume that the server is legitimate. | 267 // validated and that it's safe to assume that the server is legitimate. |
268 // (Note: this does not check the chain or signature.) | 268 // (Note: this does not check the chain or signature.) |
269 void SetProofValid(); | 269 void SetProofValid(); |
270 | 270 |
271 // If the proof has changed then it needs to be revalidated. Helper function | |
wtc
2013/07/03 19:06:58
"the proof has changed" is just one reason we need
ramant (doing other things)
2013/07/03 20:31:35
Done.
| |
272 // to keep server_config_valid_and generation_counter_ in sync. | |
wtc
2013/07/03 19:06:58
Nit: server_config_valid_and => server_config_vali
ramant (doing other things)
2013/07/03 20:31:35
Done.
| |
273 void SetProofInvalid(); | |
274 | |
271 const std::string& server_config() const; | 275 const std::string& server_config() const; |
272 const std::string& source_address_token() const; | 276 const std::string& source_address_token() const; |
273 const std::vector<std::string>& certs() const; | 277 const std::vector<std::string>& certs() const; |
274 const std::string& signature() const; | 278 const std::string& signature() const; |
275 bool proof_valid() const; | 279 bool proof_valid() const; |
276 uint64 generation_counter() const; | 280 uint64 generation_counter() const; |
277 | 281 |
278 void set_source_address_token(base::StringPiece token); | 282 void set_source_address_token(base::StringPiece token); |
279 | 283 |
280 private: | 284 private: |
281 std::string server_config_id_; // An opaque id from the server. | 285 std::string server_config_id_; // An opaque id from the server. |
282 std::string server_config_; // A serialized handshake message. | 286 std::string server_config_; // A serialized handshake message. |
283 std::string source_address_token_; // An opaque proof of IP ownership. | 287 std::string source_address_token_; // An opaque proof of IP ownership. |
284 std::vector<std::string> certs_; // A list of certificates in leaf-first | 288 std::vector<std::string> certs_; // A list of certificates in leaf-first |
285 // order. | 289 // order. |
286 std::string server_config_sig_; // A signature of |server_config_|. | 290 std::string server_config_sig_; // A signature of |server_config_|. |
287 bool server_config_valid_; // True if |server_config_| is correctly | 291 bool server_config_valid_; // True if |server_config_| is correctly |
288 // signed and |certs_| has been | 292 // signed and |certs_| has been |
289 // validated. | 293 // validated. |
290 uint64 generation_counter_; // Generation counter associated with | 294 // Generation counter associated with the |server_config_|, |certs_| and |
291 // the |server_config_|, |certs_| and | 295 // |server_config_sig_| combination. It is incremented whenever we set |
292 // |server_config_sig_| combination. | 296 // server_config_valid_ to false. |
wtc
2013/07/03 19:06:58
Nit: it looks a little weird that the comment bloc
ramant (doing other things)
2013/07/03 20:31:35
The above was the reason. Comment was too big.
| |
297 uint64 generation_counter_; | |
293 | 298 |
294 // scfg contains the cached, parsed value of |server_config|. | 299 // scfg contains the cached, parsed value of |server_config|. |
295 mutable scoped_ptr<CryptoHandshakeMessage> scfg_; | 300 mutable scoped_ptr<CryptoHandshakeMessage> scfg_; |
296 }; | 301 }; |
297 | 302 |
298 QuicCryptoClientConfig(); | 303 QuicCryptoClientConfig(); |
299 ~QuicCryptoClientConfig(); | 304 ~QuicCryptoClientConfig(); |
300 | 305 |
301 // Sets the members to reasonable, default values. | 306 // Sets the members to reasonable, default values. |
302 void SetDefaults(); | 307 void SetDefaults(); |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
375 | 380 |
376 scoped_ptr<ProofVerifier> proof_verifier_; | 381 scoped_ptr<ProofVerifier> proof_verifier_; |
377 scoped_ptr<ChannelIDSigner> channel_id_signer_; | 382 scoped_ptr<ChannelIDSigner> channel_id_signer_; |
378 | 383 |
379 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); | 384 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); |
380 }; | 385 }; |
381 | 386 |
382 } // namespace net | 387 } // namespace net |
383 | 388 |
384 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 389 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
OLD | NEW |