Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(171)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/proof_source.h

Issue 22311013: Removing QUIC's VERSION_6, now that QUIC no longer needs to support the (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Sync with trunk Created 7 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/quic/quic_connection_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_QUIC_CRYPTO_PROOF_SOURCE_H_ 5 #ifndef NET_QUIC_CRYPTO_PROOF_SOURCE_H_
6 #define NET_QUIC_CRYPTO_PROOF_SOURCE_H_ 6 #define NET_QUIC_CRYPTO_PROOF_SOURCE_H_
7 7
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
(...skipping 10 matching lines...) Expand all
21 21
22 // GetProof finds a certificate chain for |hostname|, sets |out_certs| to 22 // GetProof finds a certificate chain for |hostname|, sets |out_certs| to
23 // point to it (in leaf-first order), calculates a signature of 23 // point to it (in leaf-first order), calculates a signature of
24 // |server_config| using that chain and puts the result in |out_signature|. 24 // |server_config| using that chain and puts the result in |out_signature|.
25 // 25 //
26 // The signature uses SHA-256 as the hash function and PSS padding when the 26 // The signature uses SHA-256 as the hash function and PSS padding when the
27 // key is RSA. 27 // key is RSA.
28 // 28 //
29 // The signature uses SHA-256 as the hash function when the key is ECDSA. 29 // The signature uses SHA-256 as the hash function when the key is ECDSA.
30 // 30 //
31 // |version| is the QUIC version for the connection. TODO(wtc): Remove once
32 // QUIC_VERSION_7 and before are removed.
33 //
31 // If |ecdsa_ok| is true, the signature may use an ECDSA key. Otherwise, the 34 // If |ecdsa_ok| is true, the signature may use an ECDSA key. Otherwise, the
32 // signature must use an RSA key. 35 // signature must use an RSA key.
33 // 36 //
34 // |version| is the QUIC version for the connection. TODO(wtc): Remove once
35 // QUIC_VERSION_7 and before are removed.
36 //
37 // |out_certs| is a pointer to a pointer, not a pointer to an array. 37 // |out_certs| is a pointer to a pointer, not a pointer to an array.
38 // 38 //
39 // The number of certificate chains is expected to be small and fixed thus 39 // The number of certificate chains is expected to be small and fixed thus
40 // the ProofSource retains ownership of the contents of |out_certs|. The 40 // the ProofSource retains ownership of the contents of |out_certs|. The
41 // expectation is that they will be cached forever. 41 // expectation is that they will be cached forever.
42 // 42 //
43 // The signature values should be cached because |server_config| will be 43 // The signature values should be cached because |server_config| will be
44 // somewhat static. However, since they aren't bounded, the ProofSource may 44 // somewhat static. However, since they aren't bounded, the ProofSource may
45 // wish to evicit entries from that cache, thus the caller takes ownership of 45 // wish to evicit entries from that cache, thus the caller takes ownership of
46 // |*out_signature|. 46 // |*out_signature|.
47 // 47 //
48 // |hostname| may be empty to signify that a default certificate should be 48 // |hostname| may be empty to signify that a default certificate should be
49 // used. 49 // used.
50 // 50 //
51 // This function may be called concurrently. 51 // This function may be called concurrently.
52 virtual bool GetProof(QuicVersion version, 52 virtual bool GetProof(QuicVersion version,
53 const std::string& hostname, 53 const std::string& hostname,
54 const std::string& server_config, 54 const std::string& server_config,
55 bool ecdsa_ok, 55 bool ecdsa_ok,
56 const std::vector<std::string>** out_certs, 56 const std::vector<std::string>** out_certs,
57 std::string* out_signature) = 0; 57 std::string* out_signature) = 0;
58 }; 58 };
59 59
60 } // namespace net 60 } // namespace net
61 61
62 #endif // NET_QUIC_CRYPTO_PROOF_SOURCE_H_ 62 #endif // NET_QUIC_CRYPTO_PROOF_SOURCE_H_
OLDNEW
« no previous file with comments | « no previous file | net/quic/quic_connection_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698