| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
| 6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 250 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 261 | 261 |
| 262 // SetProof stores a certificate chain and signature. | 262 // SetProof stores a certificate chain and signature. |
| 263 void SetProof(const std::vector<std::string>& certs, | 263 void SetProof(const std::vector<std::string>& certs, |
| 264 base::StringPiece signature); | 264 base::StringPiece signature); |
| 265 | 265 |
| 266 // SetProofValid records that the certificate chain and signature have been | 266 // SetProofValid records that the certificate chain and signature have been |
| 267 // validated and that it's safe to assume that the server is legitimate. | 267 // validated and that it's safe to assume that the server is legitimate. |
| 268 // (Note: this does not check the chain or signature.) | 268 // (Note: this does not check the chain or signature.) |
| 269 void SetProofValid(); | 269 void SetProofValid(); |
| 270 | 270 |
| 271 // If the server config or the proof has changed then it needs to be |
| 272 // revalidated. Helper function to keep server_config_valid_ and |
| 273 // generation_counter_ in sync. |
| 274 void SetProofInvalid(); |
| 275 |
| 271 const std::string& server_config() const; | 276 const std::string& server_config() const; |
| 272 const std::string& source_address_token() const; | 277 const std::string& source_address_token() const; |
| 273 const std::vector<std::string>& certs() const; | 278 const std::vector<std::string>& certs() const; |
| 274 const std::string& signature() const; | 279 const std::string& signature() const; |
| 275 bool proof_valid() const; | 280 bool proof_valid() const; |
| 276 uint64 generation_counter() const; | 281 uint64 generation_counter() const; |
| 277 | 282 |
| 278 void set_source_address_token(base::StringPiece token); | 283 void set_source_address_token(base::StringPiece token); |
| 279 | 284 |
| 280 private: | 285 private: |
| 281 std::string server_config_id_; // An opaque id from the server. | 286 std::string server_config_id_; // An opaque id from the server. |
| 282 std::string server_config_; // A serialized handshake message. | 287 std::string server_config_; // A serialized handshake message. |
| 283 std::string source_address_token_; // An opaque proof of IP ownership. | 288 std::string source_address_token_; // An opaque proof of IP ownership. |
| 284 std::vector<std::string> certs_; // A list of certificates in leaf-first | 289 std::vector<std::string> certs_; // A list of certificates in leaf-first |
| 285 // order. | 290 // order. |
| 286 std::string server_config_sig_; // A signature of |server_config_|. | 291 std::string server_config_sig_; // A signature of |server_config_|. |
| 287 bool server_config_valid_; // True if |server_config_| is correctly | 292 bool server_config_valid_; // True if |server_config_| is correctly |
| 288 // signed and |certs_| has been | 293 // signed and |certs_| has been |
| 289 // validated. | 294 // validated. |
| 290 uint64 generation_counter_; // Generation counter associated with | 295 // Generation counter associated with the |server_config_|, |certs_| and |
| 291 // the |server_config_|, |certs_| and | 296 // |server_config_sig_| combination. It is incremented whenever we set |
| 292 // |server_config_sig_| combination. | 297 // server_config_valid_ to false. |
| 298 uint64 generation_counter_; |
| 293 | 299 |
| 294 // scfg contains the cached, parsed value of |server_config|. | 300 // scfg contains the cached, parsed value of |server_config|. |
| 295 mutable scoped_ptr<CryptoHandshakeMessage> scfg_; | 301 mutable scoped_ptr<CryptoHandshakeMessage> scfg_; |
| 296 }; | 302 }; |
| 297 | 303 |
| 298 QuicCryptoClientConfig(); | 304 QuicCryptoClientConfig(); |
| 299 ~QuicCryptoClientConfig(); | 305 ~QuicCryptoClientConfig(); |
| 300 | 306 |
| 301 // Sets the members to reasonable, default values. | 307 // Sets the members to reasonable, default values. |
| 302 void SetDefaults(); | 308 void SetDefaults(); |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 375 | 381 |
| 376 scoped_ptr<ProofVerifier> proof_verifier_; | 382 scoped_ptr<ProofVerifier> proof_verifier_; |
| 377 scoped_ptr<ChannelIDSigner> channel_id_signer_; | 383 scoped_ptr<ChannelIDSigner> channel_id_signer_; |
| 378 | 384 |
| 379 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); | 385 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); |
| 380 }; | 386 }; |
| 381 | 387 |
| 382 } // namespace net | 388 } // namespace net |
| 383 | 389 |
| 384 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 390 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 18033005:
Cleanup of OpenSSL/NSS implementation of ProofVerfifier release. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src