OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 5 #ifndef NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 6 #define NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
7 | 7 |
8 #include <map> | 8 #include <map> |
9 #include <string> | 9 #include <string> |
10 #include <vector> | 10 #include <vector> |
(...skipping 250 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
261 | 261 |
262 // SetProof stores a certificate chain and signature. | 262 // SetProof stores a certificate chain and signature. |
263 void SetProof(const std::vector<std::string>& certs, | 263 void SetProof(const std::vector<std::string>& certs, |
264 base::StringPiece signature); | 264 base::StringPiece signature); |
265 | 265 |
266 // SetProofValid records that the certificate chain and signature have been | 266 // SetProofValid records that the certificate chain and signature have been |
267 // validated and that it's safe to assume that the server is legitimate. | 267 // validated and that it's safe to assume that the server is legitimate. |
268 // (Note: this does not check the chain or signature.) | 268 // (Note: this does not check the chain or signature.) |
269 void SetProofValid(); | 269 void SetProofValid(); |
270 | 270 |
| 271 // If the server config or the proof has changed then it needs to be |
| 272 // revalidated. Helper function to keep server_config_valid_ and |
| 273 // generation_counter_ in sync. |
| 274 void SetProofInvalid(); |
| 275 |
271 const std::string& server_config() const; | 276 const std::string& server_config() const; |
272 const std::string& source_address_token() const; | 277 const std::string& source_address_token() const; |
273 const std::vector<std::string>& certs() const; | 278 const std::vector<std::string>& certs() const; |
274 const std::string& signature() const; | 279 const std::string& signature() const; |
275 bool proof_valid() const; | 280 bool proof_valid() const; |
276 uint64 generation_counter() const; | 281 uint64 generation_counter() const; |
277 | 282 |
278 void set_source_address_token(base::StringPiece token); | 283 void set_source_address_token(base::StringPiece token); |
279 | 284 |
280 private: | 285 private: |
281 std::string server_config_id_; // An opaque id from the server. | 286 std::string server_config_id_; // An opaque id from the server. |
282 std::string server_config_; // A serialized handshake message. | 287 std::string server_config_; // A serialized handshake message. |
283 std::string source_address_token_; // An opaque proof of IP ownership. | 288 std::string source_address_token_; // An opaque proof of IP ownership. |
284 std::vector<std::string> certs_; // A list of certificates in leaf-first | 289 std::vector<std::string> certs_; // A list of certificates in leaf-first |
285 // order. | 290 // order. |
286 std::string server_config_sig_; // A signature of |server_config_|. | 291 std::string server_config_sig_; // A signature of |server_config_|. |
287 bool server_config_valid_; // True if |server_config_| is correctly | 292 bool server_config_valid_; // True if |server_config_| is correctly |
288 // signed and |certs_| has been | 293 // signed and |certs_| has been |
289 // validated. | 294 // validated. |
290 uint64 generation_counter_; // Generation counter associated with | 295 // Generation counter associated with the |server_config_|, |certs_| and |
291 // the |server_config_|, |certs_| and | 296 // |server_config_sig_| combination. It is incremented whenever we set |
292 // |server_config_sig_| combination. | 297 // server_config_valid_ to false. |
| 298 uint64 generation_counter_; |
293 | 299 |
294 // scfg contains the cached, parsed value of |server_config|. | 300 // scfg contains the cached, parsed value of |server_config|. |
295 mutable scoped_ptr<CryptoHandshakeMessage> scfg_; | 301 mutable scoped_ptr<CryptoHandshakeMessage> scfg_; |
296 }; | 302 }; |
297 | 303 |
298 QuicCryptoClientConfig(); | 304 QuicCryptoClientConfig(); |
299 ~QuicCryptoClientConfig(); | 305 ~QuicCryptoClientConfig(); |
300 | 306 |
301 // Sets the members to reasonable, default values. | 307 // Sets the members to reasonable, default values. |
302 void SetDefaults(); | 308 void SetDefaults(); |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
375 | 381 |
376 scoped_ptr<ProofVerifier> proof_verifier_; | 382 scoped_ptr<ProofVerifier> proof_verifier_; |
377 scoped_ptr<ChannelIDSigner> channel_id_signer_; | 383 scoped_ptr<ChannelIDSigner> channel_id_signer_; |
378 | 384 |
379 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); | 385 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientConfig); |
380 }; | 386 }; |
381 | 387 |
382 } // namespace net | 388 } // namespace net |
383 | 389 |
384 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ | 390 #endif // NET_QUIC_CRYPTO_CRYPTO_HANDSHAKE_H_ |
OLD | NEW |