src/net/quic/crypto/proof_verifier_chromium.h

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
   6 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_
   7
   8 #include <set>
   9 #include <string>
  10 #include <vector>
  11
  12 #include "base/basictypes.h"
  13 #include "base/compiler_specific.h"
  14 #include "base/memory/scoped_ptr.h"
  15 #include "net/base/net_export.h"
  16 #include "net/base/net_log.h"
  17 #include "net/cert/cert_verify_result.h"
  18 #include "net/cert/x509_certificate.h"
  19 #include "net/quic/crypto/proof_verifier.h"
  20
  21 namespace net {
  22
  23 class CertVerifier;
  24 class TransportSecurityState;
  25
  26 // ProofVerifyDetailsChromium is the implementation-specific information that a
  27 // ProofVerifierChromium returns about a certificate verification.
  28 class NET_EXPORT_PRIVATE ProofVerifyDetailsChromium
  29     : public ProofVerifyDetails {
  30  public:
  31
  32   // ProofVerifyDetails implementation
  33   ProofVerifyDetails* Clone() const override;
  34
  35   CertVerifyResult cert_verify_result;
  36
  37   // pinning_failure_log contains a message produced by
  38   // TransportSecurityState::DomainState::CheckPublicKeyPins in the event of a
  39   // pinning failure. It is a (somewhat) human-readable string.
  40   std::string pinning_failure_log;
  41 };
  42
  43 // ProofVerifyContextChromium is the implementation-specific information that a
  44 // ProofVerifierChromium needs in order to log correctly.
  45 struct ProofVerifyContextChromium : public ProofVerifyContext {
  46  public:
  47   explicit ProofVerifyContextChromium(const BoundNetLog& net_log)
  48       : net_log(net_log) {}
  49
  50   BoundNetLog net_log;
  51 };
  52
  53 // ProofVerifierChromium implements the QUIC ProofVerifier interface.  It is
  54 // capable of handling multiple simultaneous requests.
  55 class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier {
  56  public:
  57   ProofVerifierChromium(CertVerifier* cert_verifier,
  58                         TransportSecurityState* transport_security_state);
  59   ~ProofVerifierChromium() override;
  60
  61   // ProofVerifier interface
  62   QuicAsyncStatus VerifyProof(const std::string& hostname,
  63                               const std::string& server_config,
  64                               const std::vector<std::string>& certs,
  65                               const std::string& signature,
  66                               const ProofVerifyContext* verify_context,
  67                               std::string* error_details,
  68                               scoped_ptr<ProofVerifyDetails>* verify_details,
  69                               ProofVerifierCallback* callback) override;
  70
  71  private:
  72   class Job;
  73   typedef std::set<Job*> JobSet;
  74
  75   void OnJobComplete(Job* job);
  76
  77   // Set owning pointers to active jobs.
  78   JobSet active_jobs_;
  79
  80   // Underlying verifier used to verify certificates.
  81   CertVerifier* const cert_verifier_;
  82
  83   TransportSecurityState* const transport_security_state_;
  84
  85   DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium);
  86 };
  87
  88 }  // namespace net
  89
  90 #endif  // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_