diff options
| author | rtenneti@chromium.org <rtenneti@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-04-23 20:18:55 +0000 |
|---|---|---|
| committer | rtenneti@chromium.org <rtenneti@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-04-23 20:18:55 +0000 |
| commit | fe053f9301b7003d0bbe82baf9001d5b95564b9e (patch) | |
| tree | c5356ff0f9fa4754f00d30944f60544edbf20c46 /net/quic/crypto/proof_source.h | |
| parent | 7252963941dffa25e28168c82ab262ae889ffe1d (diff) | |
| download | chromium_src-fe053f9301b7003d0bbe82baf9001d5b95564b9e.zip chromium_src-fe053f9301b7003d0bbe82baf9001d5b95564b9e.tar.gz chromium_src-fe053f9301b7003d0bbe82baf9001d5b95564b9e.tar.bz2 | |
Land Recent QUIC Changes
QUIC: step 8, server certificate support.
Merge internal change: 44460951
Returning early from framer callbacks on error.
Merge internal change: 44428665
Rename QUIC_VERSION_NOT_SUPPORTED to QUIC_CRYPTO_VERSION_NOT_SUPPORTED.
Merge internal change: 44422561
QUIC: split the server config into its own file.
This change moves QuicCryptoServerConfig into a separate file so that Chromium
need only link it into tests.
Merge internal change: 44397707
QUIC: remove ifs around error_details
They were never needed and clutter up the code.
Merge internal change: 44275147
QUIC: add tests for 0-RTT handshaking using strike-register.
This change fixes a couple of issues and adds a test that performs a 0-RTT
handshake.
Merge internal change: 44272981
R=rch@chromium.org
Review URL: https://codereview.chromium.org/14411004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@195897 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/quic/crypto/proof_source.h')
| -rw-r--r-- | net/quic/crypto/proof_source.h | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/net/quic/crypto/proof_source.h b/net/quic/crypto/proof_source.h new file mode 100644 index 0000000..75b2ba0 --- /dev/null +++ b/net/quic/crypto/proof_source.h @@ -0,0 +1,48 @@ +// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_QUIC_CRYPTO_PROOF_SOURCE_H_ +#define NET_QUIC_CRYPTO_PROOF_SOURCE_H_ + +#include <string> +#include <vector> + +#include "net/base/net_export.h" + +namespace net { + +// ProofSource is an interface by which a QUIC server can obtain certificate +// chains and signatures that prove its identity. +class NET_EXPORT_PRIVATE ProofSource { + public: + virtual ~ProofSource() {} + + // GetProof finds a certificate chain for |hostname|, sets |out_certs| to + // point to it (in leaf-first order), calculates a signature of + // |server_config| using that chain and puts the result in |out_signature|. + // + // The signature uses SHA-256 as the hash function and PSS padding when the + // key is RSA. + // + // |out_certs| is a pointer to a pointer, not a pointer to an array. + // + // The number of certificate chains is expected to be small and fixed thus + // the ProofSource retains ownership of the contents of |out_certs|. The + // expectation is that they will be cached forever. + // + // The signature values should be cached because |server_config| will be + // somewhat static. However, since they aren't bounded, the ProofSource may + // wish to evicit entries from that cache, thus the caller takes ownership of + // |*out_signature|. + // + // This function may be called concurrently. + virtual bool GetProof(const std::string& hostname, + const std::string& server_config, + const std::vector<std::string>** out_certs, + std::string* out_signature) = 0; +}; + +} // namespace net + +#endif // NET_QUIC_CRYPTO_PROOF_SOURCE_H_ |