1// Copyright 2014 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_ 6#define EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_ 7 8#include <string> 9 10namespace extensions { 11namespace core_api { 12namespace cast_channel { 13 14class CastMessage; 15 16struct AuthResult { 17 public: 18 enum ErrorType { 19 ERROR_NONE, 20 ERROR_PEER_CERT_EMPTY, 21 ERROR_WRONG_PAYLOAD_TYPE, 22 ERROR_NO_PAYLOAD, 23 ERROR_PAYLOAD_PARSING_FAILED, 24 ERROR_MESSAGE_ERROR, 25 ERROR_NO_RESPONSE, 26 ERROR_FINGERPRINT_NOT_FOUND, 27 ERROR_NSS_CERT_PARSING_FAILED, 28 ERROR_NSS_CERT_NOT_SIGNED_BY_TRUSTED_CA, 29 ERROR_NSS_CANNOT_EXTRACT_PUBLIC_KEY, 30 ERROR_NSS_SIGNED_BLOBS_MISMATCH 31 }; 32 33 // Constructs a AuthResult that corresponds to success. 34 AuthResult(); 35 ~AuthResult(); 36 37 static AuthResult Create(const std::string& error_message, 38 ErrorType error_type); 39 static AuthResult CreateWithNSSError(const std::string& error_message, 40 ErrorType error_type, 41 int nss_error_code); 42 43 bool success() const { return error_type == ERROR_NONE; } 44 45 std::string error_message; 46 ErrorType error_type; 47 int nss_error_code; 48 49 private: 50 AuthResult(const std::string& error_message, 51 ErrorType error_type, 52 int nss_error_code); 53}; 54 55// Authenticates the given |challenge_reply|: 56// 1. Signature contained in the reply is valid. 57// 2. Certficate used to sign is rooted to a trusted CA. 58AuthResult AuthenticateChallengeReply(const CastMessage& challenge_reply, 59 const std::string& peer_cert); 60 61} // namespace cast_channel 62} // namespace core_api 63} // namespace extensions 64 65#endif // EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_ 66