1eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch// Copyright 2013 The Chromium Authors. All rights reserved. 2eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch// Use of this source code is governed by a BSD-style license that can be 3eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch// found in the LICENSE file. 4eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 5eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 6eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#define NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 7eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 8a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)#include <set> 9eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include <string> 10eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include <vector> 11eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 12eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "base/basictypes.h" 13eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "base/compiler_specific.h" 14eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "base/memory/scoped_ptr.h" 15eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "net/base/net_export.h" 16eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "net/base/net_log.h" 17eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "net/cert/cert_verify_result.h" 18effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch#include "net/cert/x509_certificate.h" 19eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "net/quic/crypto/proof_verifier.h" 20eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 21eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdochnamespace net { 22eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 23eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdochclass CertVerifier; 245f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)class TransportSecurityState; 25eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 26d3868032626d59662ff73b372b5d584c1d144c53Ben Murdoch// ProofVerifyDetailsChromium is the implementation-specific information that a 27d3868032626d59662ff73b372b5d584c1d144c53Ben Murdoch// ProofVerifierChromium returns about a certificate verification. 285f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)class NET_EXPORT_PRIVATE ProofVerifyDetailsChromium 295f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) : public ProofVerifyDetails { 30d3868032626d59662ff73b372b5d584c1d144c53Ben Murdoch public: 315f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 325f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // ProofVerifyDetails implementation 335f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual ProofVerifyDetails* Clone() const OVERRIDE; 345f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 35d3868032626d59662ff73b372b5d584c1d144c53Ben Murdoch CertVerifyResult cert_verify_result; 365f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 375f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // pinning_failure_log contains a message produced by 385f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // TransportSecurityState::DomainState::CheckPublicKeyPins in the event of a 395f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // pinning failure. It is a (somewhat) human-readable string. 405f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) std::string pinning_failure_log; 41d3868032626d59662ff73b372b5d584c1d144c53Ben Murdoch}; 42d3868032626d59662ff73b372b5d584c1d144c53Ben Murdoch 43effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch// ProofVerifyContextChromium is the implementation-specific information that a 44effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch// ProofVerifierChromium needs in order to log correctly. 45effb81e5f8246d0db0270817048dc992db66e9fbBen Murdochstruct ProofVerifyContextChromium : public ProofVerifyContext { 46effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch public: 47effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch explicit ProofVerifyContextChromium(const BoundNetLog& net_log) 48effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch : net_log(net_log) {} 49effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 50effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch BoundNetLog net_log; 51effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch}; 52effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 53a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)// ProofVerifierChromium implements the QUIC ProofVerifier interface. It is 54a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)// capable of handling multiple simultaneous requests. 55eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdochclass NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { 56eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch public: 575f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) ProofVerifierChromium(CertVerifier* cert_verifier, 585f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) TransportSecurityState* transport_security_state); 59eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch virtual ~ProofVerifierChromium(); 60eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 61eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch // ProofVerifier interface 6246d4c2bc3267f3f028f39e7e311b0f89aba2e4fdTorne (Richard Coles) virtual QuicAsyncStatus VerifyProof( 6346d4c2bc3267f3f028f39e7e311b0f89aba2e4fdTorne (Richard Coles) const std::string& hostname, 6446d4c2bc3267f3f028f39e7e311b0f89aba2e4fdTorne (Richard Coles) const std::string& server_config, 6546d4c2bc3267f3f028f39e7e311b0f89aba2e4fdTorne (Richard Coles) const std::vector<std::string>& certs, 6646d4c2bc3267f3f028f39e7e311b0f89aba2e4fdTorne (Richard Coles) const std::string& signature, 6746d4c2bc3267f3f028f39e7e311b0f89aba2e4fdTorne (Richard Coles) const ProofVerifyContext* verify_context, 6846d4c2bc3267f3f028f39e7e311b0f89aba2e4fdTorne (Richard Coles) std::string* error_details, 6946d4c2bc3267f3f028f39e7e311b0f89aba2e4fdTorne (Richard Coles) scoped_ptr<ProofVerifyDetails>* verify_details, 7046d4c2bc3267f3f028f39e7e311b0f89aba2e4fdTorne (Richard Coles) ProofVerifierCallback* callback) OVERRIDE; 71eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 72eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch private: 73a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) class Job; 74116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch typedef std::set<Job*> JobSet; 75eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 76a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) void OnJobComplete(Job* job); 77eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 78a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) // Set owning pointers to active jobs. 79a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) JobSet active_jobs_; 80eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 81a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) // Underlying verifier used to verify certificates. 82a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) CertVerifier* const cert_verifier_; 83eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 8403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) TransportSecurityState* const transport_security_state_; 855f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 86eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); 87eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch}; 88eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 89eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch} // namespace net 90eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 91eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_CHROMIUM_H_ 92