1// Copyright 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 6#define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 7 8#include <set> 9#include <string> 10#include <vector> 11 12#include "base/basictypes.h" 13#include "base/compiler_specific.h" 14#include "base/memory/scoped_ptr.h" 15#include "net/base/net_export.h" 16#include "net/base/net_log.h" 17#include "net/cert/cert_verify_result.h" 18#include "net/cert/x509_certificate.h" 19#include "net/quic/crypto/proof_verifier.h" 20 21namespace net { 22 23class CertVerifier; 24class TransportSecurityState; 25 26// ProofVerifyDetailsChromium is the implementation-specific information that a 27// ProofVerifierChromium returns about a certificate verification. 28class NET_EXPORT_PRIVATE ProofVerifyDetailsChromium 29 : public ProofVerifyDetails { 30 public: 31 32 // ProofVerifyDetails implementation 33 virtual ProofVerifyDetails* Clone() const OVERRIDE; 34 35 CertVerifyResult cert_verify_result; 36 37 // pinning_failure_log contains a message produced by 38 // TransportSecurityState::DomainState::CheckPublicKeyPins in the event of a 39 // pinning failure. It is a (somewhat) human-readable string. 40 std::string pinning_failure_log; 41}; 42 43// ProofVerifyContextChromium is the implementation-specific information that a 44// ProofVerifierChromium needs in order to log correctly. 45struct ProofVerifyContextChromium : public ProofVerifyContext { 46 public: 47 explicit ProofVerifyContextChromium(const BoundNetLog& net_log) 48 : net_log(net_log) {} 49 50 BoundNetLog net_log; 51}; 52 53// ProofVerifierChromium implements the QUIC ProofVerifier interface. It is 54// capable of handling multiple simultaneous requests. 55class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { 56 public: 57 ProofVerifierChromium(CertVerifier* cert_verifier, 58 TransportSecurityState* transport_security_state); 59 virtual ~ProofVerifierChromium(); 60 61 // ProofVerifier interface 62 virtual QuicAsyncStatus VerifyProof( 63 const std::string& hostname, 64 const std::string& server_config, 65 const std::vector<std::string>& certs, 66 const std::string& signature, 67 const ProofVerifyContext* verify_context, 68 std::string* error_details, 69 scoped_ptr<ProofVerifyDetails>* verify_details, 70 ProofVerifierCallback* callback) OVERRIDE; 71 72 private: 73 class Job; 74 typedef std::set<Job*> JobSet; 75 76 void OnJobComplete(Job* job); 77 78 // Set owning pointers to active jobs. 79 JobSet active_jobs_; 80 81 // Underlying verifier used to verify certificates. 82 CertVerifier* const cert_verifier_; 83 84 TransportSecurityState* const transport_security_state_; 85 86 DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); 87}; 88 89} // namespace net 90 91#endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 92