src/net/quic/crypto/proof_verifier_chromium.h

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
   6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
   7
   8 #include <set>
   9 #include <string>
  10 #include <vector>
  11
  12 #include "base/basictypes.h"
  13 #include "base/compiler_specific.h"
  14 #include "base/memory/scoped_ptr.h"
  15 #include "net/base/net_export.h"
  16 #include "net/base/net_log.h"
  17 #include "net/cert/cert_verify_result.h"
  18 #include "net/cert/x509_certificate.h"
  19 #include "net/quic/crypto/proof_verifier.h"
  20
  21 namespace net {
  22
  23 class CertVerifier;
  24 class SingleRequestCertVerifier;
  25 class TransportSecurityState;
  26
  27 // ProofVerifyDetailsChromium is the implementation-specific information that a
  28 // ProofVerifierChromium returns about a certificate verification.
  29 struct ProofVerifyDetailsChromium : public ProofVerifyDetails {
  30  public:
  31   CertVerifyResult cert_verify_result;
  32
  33   // pinning_failure_log contains a message produced by
  34   // TransportSecurityState::DomainState::CheckPublicKeyPins in the event of a
  35   // pinning failure. It is a (somewhat) human-readable string.
  36   std::string pinning_failure_log;
  37 };
  38
  39 // ProofVerifyContextChromium is the implementation-specific information that a
  40 // ProofVerifierChromium needs in order to log correctly.
  41 struct ProofVerifyContextChromium : public ProofVerifyContext {
  42  public:
  43   explicit ProofVerifyContextChromium(const BoundNetLog& net_log)
  44       : net_log(net_log) {}
  45
  46   BoundNetLog net_log;
  47 };
  48
  49 // ProofVerifierChromium implements the QUIC ProofVerifier interface.  It is
  50 // capable of handling multiple simultaneous requests.
  51 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier {
  52  public:
  53   ProofVerifierChromium(CertVerifier* cert_verifier,
  54                         TransportSecurityState* transport_security_state);
  55   virtual ~ProofVerifierChromium();
  56
  57   // ProofVerifier interface
  58   virtual QuicAsyncStatus VerifyProof(
  59       const std::string& hostname,
  60       const std::string& server_config,
  61       const std::vector<std::string>& certs,
  62       const std::string& signature,
  63       const ProofVerifyContext* verify_context,
  64       std::string* error_details,
  65       scoped_ptr<ProofVerifyDetails>* verify_details,
  66       ProofVerifierCallback* callback) OVERRIDE;
  67
  68  private:
  69   class Job;
  70
  71   void OnJobComplete(Job* job);
  72
  73   // Set owning pointers to active jobs.
  74   typedef std::set<Job*> JobSet;
  75   JobSet active_jobs_;
  76
  77   // Underlying verifier used to verify certificates.
  78   CertVerifier* const cert_verifier_;
  79
  80   TransportSecurityState* transport_security_state_;
  81
  82   DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium);
  83 };
  84
  85 }  // namespace net
  86
  87 #endif  // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_