src/net/quic/crypto/proof_verifier_chromium.h

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
   6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
   7
   8 #include <set>
   9 #include <string>
  10 #include <vector>
  11
  12 #include "base/basictypes.h"
  13 #include "base/compiler_specific.h"
  14 #include "base/memory/scoped_ptr.h"
  15 #include "net/base/net_export.h"
  16 #include "net/base/net_log.h"
  17 #include "net/cert/cert_verify_result.h"
  18 #include "net/cert/x509_certificate.h"
  19 #include "net/quic/crypto/proof_verifier.h"
  20
  21 namespace net {
  22
  23 class CertVerifier;
  24 class TransportSecurityState;
  25
  26 // ProofVerifyDetailsChromium is the implementation-specific information that a
  27 // ProofVerifierChromium returns about a certificate verification.
  28 class NET_EXPORT_PRIVATE ProofVerifyDetailsChromium
  29     : public ProofVerifyDetails {
  30  public:
  31
  32   // ProofVerifyDetails implementation
  33   virtual ProofVerifyDetails* Clone() const OVERRIDE;
  34
  35   CertVerifyResult cert_verify_result;
  36
  37   // pinning_failure_log contains a message produced by
  38   // TransportSecurityState::DomainState::CheckPublicKeyPins in the event of a
  39   // pinning failure. It is a (somewhat) human-readable string.
  40   std::string pinning_failure_log;
  41 };
  42
  43 // ProofVerifyContextChromium is the implementation-specific information that a
  44 // ProofVerifierChromium needs in order to log correctly.
  45 struct ProofVerifyContextChromium : public ProofVerifyContext {
  46  public:
  47   explicit ProofVerifyContextChromium(const BoundNetLog& net_log)
  48       : net_log(net_log) {}
  49
  50   BoundNetLog net_log;
  51 };
  52
  53 // ProofVerifierChromium implements the QUIC ProofVerifier interface.  It is
  54 // capable of handling multiple simultaneous requests.
  55 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier {
  56  public:
  57   ProofVerifierChromium(CertVerifier* cert_verifier,
  58                         TransportSecurityState* transport_security_state);
  59   virtual ~ProofVerifierChromium();
  60
  61   // ProofVerifier interface
  62   virtual QuicAsyncStatus VerifyProof(
  63       const std::string& hostname,
  64       const std::string& server_config,
  65       const std::vector<std::string>& certs,
  66       const std::string& signature,
  67       const ProofVerifyContext* verify_context,
  68       std::string* error_details,
  69       scoped_ptr<ProofVerifyDetails>* verify_details,
  70       ProofVerifierCallback* callback) OVERRIDE;
  71
  72  private:
  73   class Job;
  74   typedef std::set<Job*> JobSet;
  75
  76   void OnJobComplete(Job* job);
  77
  78   // Set owning pointers to active jobs.
  79   JobSet active_jobs_;
  80
  81   // Underlying verifier used to verify certificates.
  82   CertVerifier* const cert_verifier_;
  83
  84   TransportSecurityState* const transport_security_state_;
  85
  86   DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium);
  87 };
  88
  89 }  // namespace net
  90
  91 #endif  // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_