net/quic/crypto/proof_verifier.h - platform/external/chromium_org - Git at Google

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_H_
 #define NET_QUIC_CRYPTO_PROOF_VERIFIER_H_

 #include <string>
 #include <vector>

 #include "net/base/completion_callback.h"
 #include "net/base/net_export.h"
 #include "net/quic/quic_protocol.h"

 namespace net {

 class CertVerifyResult;

 // ProofVerifyDetails is an abstract class that acts as a container for any
 // implementation specific details that a ProofVerifier wishes to return. These
 // details are saved in the CachedInfo for the origin in question.
 class ProofVerifyDetails {
  public:
   virtual ~ProofVerifyDetails();
 };

 // ProofVerifierCallback provides a generic mechanism for a ProofVerifier to
 // call back after an asynchronous verification.
 class NET_EXPORT_PRIVATE ProofVerifierCallback {
  public:
   virtual ~ProofVerifierCallback();

   // Run is called on the original thread to mark the completion of an
   // asynchonous verification. If |ok| is true then the certificate is valid
   // and |*error_details| is unused. Otherwise, |*error_details| contains a
   // description of the error. |details| contains implementation-specific
   // details of the verification. |Run| may take ownership of |details| by
   // calling |release| on it.
   virtual void Run(bool ok,
                    const std::string& error_details,
                    scoped_ptr<ProofVerifyDetails>* details) = 0;
 };

 // A ProofVerifier checks the signature on a server config, and the certificate
 // chain that backs the public key.
 class NET_EXPORT_PRIVATE ProofVerifier {
  public:
   // Status enumerates the possible results of verifying a proof.
   enum Status {
     SUCCESS = 0,
     FAILURE = 1,
     // PENDING results from a verification which will occur asynchonously. When
     // the verification is complete, |callback|'s |Run| method will be called.
     PENDING = 2,
   };

   virtual ~ProofVerifier();

   // VerifyProof checks that |signature| is a valid signature of
   // |server_config| by the public key in the leaf certificate of |certs|, and
   // that |certs| is a valid chain for |hostname|. On success, it returns
   // SUCCESS. On failure, it returns ERROR and sets |*error_details| to a
   // description of the problem. In either case it may set |*details|, which the
   // caller takes ownership of.
   //
   // This function may also return PENDING, in which case the ProofVerifier
   // will call back, on the original thread, via |callback| when complete.
   //
   // This function takes ownership of |callback|. It will be deleted even if
   // the call returns immediately.
   //
   // The signature uses SHA-256 as the hash function and PSS padding in the
   // case of RSA.
   //
   // |version| is the QUIC version for the connection. TODO(wtc): Remove once
   // QUIC_VERSION_7 and before are removed.
   virtual Status VerifyProof(QuicVersion version,
                              const std::string& hostname,
                              const std::string& server_config,
                              const std::vector<std::string>& certs,
                              const std::string& signature,
                              std::string* error_details,
                              scoped_ptr<ProofVerifyDetails>* details,
                              ProofVerifierCallback* callback) = 0;
 };

 }  // namespace net

 #endif  // NET_QUIC_CRYPTO_PROOF_VERIFIER_H_
	// Copyright (c) 2013 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef NET_QUIC_CRYPTO_PROOF_VERIFIER_H_
	#define NET_QUIC_CRYPTO_PROOF_VERIFIER_H_

	#include <string>
	#include <vector>

	#include "net/base/completion_callback.h"
	#include "net/base/net_export.h"
	#include "net/quic/quic_protocol.h"

	namespace net {

	class CertVerifyResult;

	// ProofVerifyDetails is an abstract class that acts as a container for any
	// implementation specific details that a ProofVerifier wishes to return. These
	// details are saved in the CachedInfo for the origin in question.
	class ProofVerifyDetails {
	public:
	virtual ~ProofVerifyDetails();
	};

	// ProofVerifierCallback provides a generic mechanism for a ProofVerifier to
	// call back after an asynchronous verification.
	class NET_EXPORT_PRIVATE ProofVerifierCallback {
	public:
	virtual ~ProofVerifierCallback();

	// Run is called on the original thread to mark the completion of an
	// asynchonous verification. If \|ok\| is true then the certificate is valid
	// and \|error_details\| is unused. Otherwise, \|error_details\| contains a
	// description of the error. \|details\| contains implementation-specific
	// details of the verification. \|Run\| may take ownership of \|details\| by
	// calling \|release\| on it.
	virtual void Run(bool ok,
	const std::string& error_details,
	scoped_ptr<ProofVerifyDetails>* details) = 0;
	};

	// A ProofVerifier checks the signature on a server config, and the certificate
	// chain that backs the public key.
	class NET_EXPORT_PRIVATE ProofVerifier {
	public:
	// Status enumerates the possible results of verifying a proof.
	enum Status {
	SUCCESS = 0,
	FAILURE = 1,
	// PENDING results from a verification which will occur asynchonously. When
	// the verification is complete, \|callback\|'s \|Run\| method will be called.
	PENDING = 2,
	};

	virtual ~ProofVerifier();

	// VerifyProof checks that \|signature\| is a valid signature of
	// \|server_config\| by the public key in the leaf certificate of \|certs\|, and
	// that \|certs\| is a valid chain for \|hostname\|. On success, it returns
	// SUCCESS. On failure, it returns ERROR and sets \|*error_details\| to a
	// description of the problem. In either case it may set \|*details\|, which the
	// caller takes ownership of.
	//
	// This function may also return PENDING, in which case the ProofVerifier
	// will call back, on the original thread, via \|callback\| when complete.
	//
	// This function takes ownership of \|callback\|. It will be deleted even if
	// the call returns immediately.
	//
	// The signature uses SHA-256 as the hash function and PSS padding in the
	// case of RSA.
	//
	// \|version\| is the QUIC version for the connection. TODO(wtc): Remove once
	// QUIC_VERSION_7 and before are removed.
	virtual Status VerifyProof(QuicVersion version,
	const std::string& hostname,
	const std::string& server_config,
	const std::vector<std::string>& certs,
	const std::string& signature,
	std::string* error_details,
	scoped_ptr<ProofVerifyDetails>* details,
	ProofVerifierCallback* callback) = 0;
	};

	} // namespace net

	#endif // NET_QUIC_CRYPTO_PROOF_VERIFIER_H_