#include "net/base/completion_callback.h"
#include "net/base/io_buffer.h"
#include "net/cert/cert_verify_result.h"
+#include "net/cert/ct_verify_result.h"
#include "net/socket/client_socket_handle.h"
#include "net/socket/ssl_client_socket.h"
#include "net/ssl/channel_id_service.h"
namespace net {
class CertVerifier;
+class CTVerifier;
class SingleRequestCertVerifier;
class SSLCertRequestInfo;
class SSLInfo;
}
// SSLClientSocket implementation.
+ virtual std::string GetSessionCacheKey() const OVERRIDE;
virtual bool InSessionCache() const OVERRIDE;
virtual void SetHandshakeCompletionCallback(
const base::Closure& callback) OVERRIDE;
void DoReadCallback(int result);
void DoWriteCallback(int result);
- // Compute a unique key string for the SSL session cache.
- std::string GetSessionCacheKey() const;
void OnHandshakeCompletion();
bool DoTransportIO();
int DoVerifyCert(int result);
int DoVerifyCertComplete(int result);
void DoConnectCallback(int result);
- X509Certificate* UpdateServerCert();
+ void UpdateServerCert();
+ void VerifyCT();
void OnHandshakeIOComplete(int result);
void OnSendComplete(int result);
void OnRecvComplete(int result);
int DoHandshakeLoop(int last_io_result);
- int DoReadLoop(int result);
- int DoWriteLoop(int result);
+ int DoReadLoop();
+ int DoWriteLoop();
int DoPayloadRead();
int DoPayloadWrite();
void CheckIfHandshakeFinished();
+ // Adds the SignedCertificateTimestamps from ct_verify_result_ to |ssl_info|.
+ // SCTs are held in three separate vectors in ct_verify_result, each
+ // vetor representing a particular verification state, this method associates
+ // each of the SCTs with the corresponding SCTVerifyStatus as it adds it to
+ // the |ssl_info|.signed_certificate_timestamps list.
+ void AddSCTInfoToSSLInfo(SSLInfo* ssl_info) const;
+
bool transport_send_busy_;
bool transport_recv_busy_;
CompletionCallback user_read_callback_;
CompletionCallback user_write_callback_;
- base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_;
-
// Used by Read function.
scoped_refptr<IOBuffer> user_read_buf_;
int user_read_buf_len_;
CertVerifier* const cert_verifier_;
scoped_ptr<SingleRequestCertVerifier> verifier_;
+ base::TimeTicks start_cert_verification_time_;
+
+ // Certificate Transparency: Verifier and result holder.
+ ct::CTVerifyResult ct_verify_result_;
+ CTVerifier* cert_transparency_verifier_;
// The service for retrieving Channel ID keys. May be NULL.
ChannelIDService* channel_id_service_;
std::string pinning_failure_log_;
BoundNetLog net_log_;
+ base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_;
};
} // namespace net