| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_ | 5 #ifndef NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_ |
| 6 #define NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_ | 6 #define NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "net/cert/cert_verify_result.h" | 10 #include "net/cert/cert_verify_result.h" |
| 11 #include "net/cert/x509_certificate.h" | 11 #include "net/cert/x509_certificate.h" |
| 12 #include "net/quic/crypto/crypto_handshake.h" | 12 #include "net/quic/crypto/crypto_handshake.h" |
| 13 #include "net/quic/crypto/proof_verifier.h" |
| 13 #include "net/quic/quic_config.h" | 14 #include "net/quic/quic_config.h" |
| 14 #include "net/quic/quic_crypto_stream.h" | 15 #include "net/quic/quic_crypto_stream.h" |
| 15 | 16 |
| 16 namespace net { | 17 namespace net { |
| 17 | 18 |
| 19 class ProofVerifyDetails; |
| 18 class QuicSession; | 20 class QuicSession; |
| 19 class SSLInfo; | 21 class SSLInfo; |
| 20 | 22 |
| 21 namespace test { | 23 namespace test { |
| 22 class CryptoTestUtils; | 24 class CryptoTestUtils; |
| 23 } // namespace test | 25 } // namespace test |
| 24 | 26 |
| 25 class NET_EXPORT_PRIVATE QuicCryptoClientStream : public QuicCryptoStream { | 27 class NET_EXPORT_PRIVATE QuicCryptoClientStream : public QuicCryptoStream { |
| 26 public: | 28 public: |
| 27 QuicCryptoClientStream(const string& server_hostname, | 29 QuicCryptoClientStream(const string& server_hostname, |
| (...skipping 12 matching lines...) Expand all Loading... |
| 40 | 42 |
| 41 // num_sent_client_hellos returns the number of client hello messages that | 43 // num_sent_client_hellos returns the number of client hello messages that |
| 42 // have been sent. If the handshake has completed then this is one greater | 44 // have been sent. If the handshake has completed then this is one greater |
| 43 // than the number of round-trips needed for the handshake. | 45 // than the number of round-trips needed for the handshake. |
| 44 int num_sent_client_hellos() const; | 46 int num_sent_client_hellos() const; |
| 45 | 47 |
| 46 // Gets the SSL connection information. | 48 // Gets the SSL connection information. |
| 47 bool GetSSLInfo(SSLInfo* ssl_info); | 49 bool GetSSLInfo(SSLInfo* ssl_info); |
| 48 | 50 |
| 49 private: | 51 private: |
| 52 // ProofVerifierCallbackImpl is passed as the callback method to VerifyProof. |
| 53 // The ProofVerifier calls this class with the result of proof verification |
| 54 // when verification is performed asynchronously. |
| 55 class ProofVerifierCallbackImpl : public ProofVerifierCallback { |
| 56 public: |
| 57 explicit ProofVerifierCallbackImpl(QuicCryptoClientStream* stream); |
| 58 virtual ~ProofVerifierCallbackImpl(); |
| 59 |
| 60 // ProofVerifierCallback interface. |
| 61 virtual void Run(bool ok, |
| 62 const string& error_details, |
| 63 scoped_ptr<ProofVerifyDetails>* details) OVERRIDE; |
| 64 |
| 65 // Cancel causes any future callbacks to be ignored. It must be called on |
| 66 // the same thread as the callback will be made on. |
| 67 void Cancel(); |
| 68 |
| 69 private: |
| 70 QuicCryptoClientStream* stream_; |
| 71 }; |
| 72 |
| 50 friend class test::CryptoTestUtils; | 73 friend class test::CryptoTestUtils; |
| 74 friend class ProofVerifierCallbackImpl; |
| 51 | 75 |
| 52 enum State { | 76 enum State { |
| 53 STATE_IDLE, | 77 STATE_IDLE, |
| 54 STATE_SEND_CHLO, | 78 STATE_SEND_CHLO, |
| 55 STATE_RECV_REJ, | 79 STATE_RECV_REJ, |
| 56 STATE_VERIFY_PROOF, | 80 STATE_VERIFY_PROOF, |
| 57 STATE_VERIFY_PROOF_COMPLETE, | 81 STATE_VERIFY_PROOF_COMPLETE, |
| 58 STATE_RECV_SHLO, | 82 STATE_RECV_SHLO, |
| 59 }; | 83 }; |
| 60 | 84 |
| 61 // DoHandshakeLoop performs a step of the handshake state machine. Note that | 85 // DoHandshakeLoop performs a step of the handshake state machine. Note that |
| 62 // |in| is NULL for the first call. OnVerifyProofComplete passes the |result| | 86 // |in| may be NULL if the call did not result from a received message |
| 63 // it has received from VerifyProof call (from all other places |result| is | 87 void DoHandshakeLoop(const CryptoHandshakeMessage* in); |
| 64 // set to OK). | |
| 65 void DoHandshakeLoop(const CryptoHandshakeMessage* in, int result); | |
| 66 | |
| 67 // OnVerifyProofComplete is passed as the callback method to VerifyProof. | |
| 68 // ProofVerifier calls this method with the result of proof verification when | |
| 69 // verification is performed asynchronously. | |
| 70 void OnVerifyProofComplete(int result); | |
| 71 | |
| 72 base::WeakPtrFactory<QuicCryptoClientStream> weak_factory_; | |
| 73 | 88 |
| 74 State next_state_; | 89 State next_state_; |
| 75 // num_client_hellos_ contains the number of client hello messages that this | 90 // num_client_hellos_ contains the number of client hello messages that this |
| 76 // connection has sent. | 91 // connection has sent. |
| 77 int num_client_hellos_; | 92 int num_client_hellos_; |
| 78 | 93 |
| 79 QuicCryptoClientConfig* const crypto_config_; | 94 QuicCryptoClientConfig* const crypto_config_; |
| 80 | 95 |
| 81 // Client's connection nonce (4-byte timestamp + 28 random bytes) | 96 // Client's connection nonce (4-byte timestamp + 28 random bytes) |
| 82 std::string nonce_; | 97 std::string nonce_; |
| 83 // Server's hostname | 98 // Server's hostname |
| 84 std::string server_hostname_; | 99 std::string server_hostname_; |
| 85 | 100 |
| 86 // Generation counter from QuicCryptoClientConfig's CachedState. | 101 // Generation counter from QuicCryptoClientConfig's CachedState. |
| 87 uint64 generation_counter_; | 102 uint64 generation_counter_; |
| 88 | 103 |
| 89 // The result of certificate verification. | 104 // proof_verify_callback_ contains the callback object that we passed to an |
| 90 // TODO(rtenneti): should we change CertVerifyResult to be | 105 // asynchronous proof verification. The ProofVerifier owns this object. |
| 91 // RefCountedThreadSafe object to avoid copying. | 106 ProofVerifierCallbackImpl* proof_verify_callback_; |
| 92 CertVerifyResult cert_verify_result_; | |
| 93 | 107 |
| 94 // Error details for ProofVerifier's VerifyProof call. | 108 // These members are used to store the result of an asynchronous proof |
| 95 std::string error_details_; | 109 // verification. |
| 110 bool verify_ok_; |
| 111 string verify_error_details_; |
| 112 scoped_ptr<ProofVerifyDetails> verify_details_; |
| 96 | 113 |
| 97 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientStream); | 114 DISALLOW_COPY_AND_ASSIGN(QuicCryptoClientStream); |
| 98 }; | 115 }; |
| 99 | 116 |
| 100 } // namespace net | 117 } // namespace net |
| 101 | 118 |
| 102 #endif // NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_ | 119 #endif // NET_QUIC_QUIC_CRYPTO_CLIENT_STREAM_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 20047002:
net: make QUIC ProofVerifier more generic. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src