diff options
Diffstat (limited to 'net/quic/crypto')
-rw-r--r-- | net/quic/crypto/proof_test.cc | 20 | ||||
-rw-r--r-- | net/quic/crypto/proof_verifier.h | 12 | ||||
-rw-r--r-- | net/quic/crypto/proof_verifier_chromium.cc | 36 | ||||
-rw-r--r-- | net/quic/crypto/proof_verifier_chromium.h | 19 |
4 files changed, 28 insertions, 59 deletions
diff --git a/net/quic/crypto/proof_test.cc b/net/quic/crypto/proof_test.cc index 4aa7bac..df68dd0 100644 --- a/net/quic/crypto/proof_test.cc +++ b/net/quic/crypto/proof_test.cc @@ -38,7 +38,6 @@ TEST(ProofTest, Verify) { const vector<string>* first_certs; string error_details, signature, first_signature; CertVerifyResult cert_verify_result; - ProofVerifyContext verify_context; ASSERT_TRUE(source->GetProof(hostname, server_config, false /* no ECDSA */, &first_certs, &first_signature)); @@ -53,8 +52,7 @@ TEST(ProofTest, Verify) { TestCompletionCallback callback; rv = verifier->VerifyProof(hostname, server_config, *certs, signature, &error_details, &cert_verify_result, - verify_context, callback.callback()); - + callback.callback()); rv = callback.GetResult(rv); ASSERT_EQ(OK, rv); ASSERT_EQ("", error_details); @@ -62,15 +60,14 @@ TEST(ProofTest, Verify) { rv = verifier->VerifyProof("foo.com", server_config, *certs, signature, &error_details, &cert_verify_result, - verify_context, callback.callback()); + callback.callback()); rv = callback.GetResult(rv); ASSERT_EQ(ERR_FAILED, rv); ASSERT_NE("", error_details); rv = verifier->VerifyProof(hostname, server_config.substr(1, string::npos), *certs, signature, &error_details, - &cert_verify_result, verify_context, - callback.callback()); + &cert_verify_result, callback.callback()); rv = callback.GetResult(rv); ASSERT_EQ(ERR_FAILED, rv); ASSERT_NE("", error_details); @@ -78,8 +75,7 @@ TEST(ProofTest, Verify) { const string corrupt_signature = "1" + signature; rv = verifier->VerifyProof(hostname, server_config, *certs, corrupt_signature, &error_details, - &cert_verify_result, verify_context, - callback.callback()); + &cert_verify_result, callback.callback()); rv = callback.GetResult(rv); ASSERT_EQ(ERR_FAILED, rv); ASSERT_NE("", error_details); @@ -90,7 +86,7 @@ TEST(ProofTest, Verify) { } rv = verifier->VerifyProof("foo.com", server_config, wrong_certs, signature, &error_details, &cert_verify_result, - verify_context, callback.callback()); + callback.callback()); rv = callback.GetResult(rv); ASSERT_EQ(ERR_FAILED, rv); ASSERT_NE("", error_details); @@ -136,14 +132,12 @@ static void RunVerification(ProofVerifier* verifier, TestCompletionCallback comp_callback; bool ok; string error_details; - scoped_ptr<ProofVerifyContext> verify_context( - CryptoTestUtils::ProofVerifyContextForTesting()); TestProofVerifierCallback* callback = new TestProofVerifierCallback(&comp_callback, &ok, &error_details); ProofVerifier::Status status = verifier->VerifyProof( - hostname, server_config, certs, proof, verify_context.get(), - &error_details, &details, callback); + hostname, server_config, certs, proof, &error_details, &details, + callback); switch (status) { case ProofVerifier::FAILURE: diff --git a/net/quic/crypto/proof_verifier.h b/net/quic/crypto/proof_verifier.h index 50d1635..3b47776 100644 --- a/net/quic/crypto/proof_verifier.h +++ b/net/quic/crypto/proof_verifier.h @@ -21,13 +21,6 @@ class NET_EXPORT_PRIVATE ProofVerifyDetails { virtual ~ProofVerifyDetails() {} }; -// ProofVerifyContext is an abstract class that acts as a container for any -// implementation specific context that a ProofVerifier needs. -class NET_EXPORT_PRIVATE ProofVerifyContext { - public: - virtual ~ProofVerifyContext() {} -}; - // ProofVerifierCallback provides a generic mechanism for a ProofVerifier to // call back after an asynchronous verification. class NET_EXPORT_PRIVATE ProofVerifierCallback { @@ -67,10 +60,6 @@ class NET_EXPORT_PRIVATE ProofVerifier { // description of the problem. In either case it may set |*details|, which the // caller takes ownership of. // - // |context| specifies an implementation specific struct (which may be NULL - // for some implementations) that provides useful information for the - // verifier, e.g. logging handles. - // // This function may also return PENDING, in which case the ProofVerifier // will call back, on the original thread, via |callback| when complete. // In this case, the ProofVerifier will take ownership of |callback|. @@ -81,7 +70,6 @@ class NET_EXPORT_PRIVATE ProofVerifier { const std::string& server_config, const std::vector<std::string>& certs, const std::string& signature, - const ProofVerifyContext* context, std::string* error_details, scoped_ptr<ProofVerifyDetails>* details, ProofVerifierCallback* callback) = 0; diff --git a/net/quic/crypto/proof_verifier_chromium.cc b/net/quic/crypto/proof_verifier_chromium.cc index fdb6a0d..8584aed 100644 --- a/net/quic/crypto/proof_verifier_chromium.cc +++ b/net/quic/crypto/proof_verifier_chromium.cc @@ -47,7 +47,7 @@ class ProofVerifierChromium::Job { const std::vector<std::string>& certs, const std::string& signature, std::string* error_details, - scoped_ptr<ProofVerifyDetails>* verify_details, + scoped_ptr<ProofVerifyDetails>* details, ProofVerifierCallback* callback); private: @@ -104,10 +104,10 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof( const vector<string>& certs, const string& signature, std::string* error_details, - scoped_ptr<ProofVerifyDetails>* verify_details, + scoped_ptr<ProofVerifyDetails>* details, ProofVerifierCallback* callback) { DCHECK(error_details); - DCHECK(verify_details); + DCHECK(details); DCHECK(callback); callback_.reset(callback); @@ -125,7 +125,7 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof( *error_details = "Failed to create certificate chain. Certs are empty."; DLOG(WARNING) << *error_details; verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID; - verify_details->reset(verify_details_.release()); + details->reset(verify_details_.release()); return FAILURE; } @@ -139,7 +139,7 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof( *error_details = "Failed to create certificate chain"; DLOG(WARNING) << *error_details; verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID; - verify_details->reset(verify_details_.release()); + details->reset(verify_details_.release()); return FAILURE; } @@ -149,7 +149,7 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof( *error_details = "Failed to verify signature of server config"; DLOG(WARNING) << *error_details; verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID; - verify_details->reset(verify_details_.release()); + details->reset(verify_details_.release()); return FAILURE; } @@ -158,13 +158,13 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof( next_state_ = STATE_VERIFY_CERT; switch (DoLoop(OK)) { case OK: - verify_details->reset(verify_details_.release()); + details->reset(verify_details_.release()); return SUCCESS; case ERR_IO_PENDING: return PENDING; default: *error_details = error_details_; - verify_details->reset(verify_details_.release()); + details->reset(verify_details_.release()); return FAILURE; } } @@ -310,8 +310,11 @@ bool ProofVerifierChromium::Job::VerifySignature(const string& signed_data, return true; } -ProofVerifierChromium::ProofVerifierChromium(CertVerifier* cert_verifier) - : cert_verifier_(cert_verifier) {} +ProofVerifierChromium::ProofVerifierChromium(CertVerifier* cert_verifier, + const BoundNetLog& net_log) + : cert_verifier_(cert_verifier), + net_log_(net_log) { +} ProofVerifierChromium::~ProofVerifierChromium() { STLDeleteElements(&active_jobs_); @@ -322,19 +325,12 @@ ProofVerifierChromium::Status ProofVerifierChromium::VerifyProof( const std::string& server_config, const std::vector<std::string>& certs, const std::string& signature, - const ProofVerifyContext* verify_context, std::string* error_details, - scoped_ptr<ProofVerifyDetails>* verify_details, + scoped_ptr<ProofVerifyDetails>* details, ProofVerifierCallback* callback) { - if (!verify_context) { - *error_details = "Missing context"; - return FAILURE; - } - const ProofVerifyContextChromium* chromium_context = - reinterpret_cast<const ProofVerifyContextChromium*>(verify_context); - scoped_ptr<Job> job(new Job(this, cert_verifier_, chromium_context->net_log)); + scoped_ptr<Job> job(new Job(this, cert_verifier_, net_log_)); Status status = job->VerifyProof(hostname, server_config, certs, signature, - error_details, verify_details, callback); + error_details, details, callback); if (status == PENDING) { active_jobs_.insert(job.release()); } diff --git a/net/quic/crypto/proof_verifier_chromium.h b/net/quic/crypto/proof_verifier_chromium.h index ebf9a2c..7f695e6 100644 --- a/net/quic/crypto/proof_verifier_chromium.h +++ b/net/quic/crypto/proof_verifier_chromium.h @@ -15,7 +15,6 @@ #include "net/base/net_export.h" #include "net/base/net_log.h" #include "net/cert/cert_verify_result.h" -#include "net/cert/x509_certificate.h" #include "net/quic/crypto/proof_verifier.h" namespace net { @@ -30,21 +29,12 @@ struct ProofVerifyDetailsChromium : public ProofVerifyDetails { CertVerifyResult cert_verify_result; }; -// ProofVerifyContextChromium is the implementation-specific information that a -// ProofVerifierChromium needs in order to log correctly. -struct ProofVerifyContextChromium : public ProofVerifyContext { - public: - explicit ProofVerifyContextChromium(const BoundNetLog& net_log) - : net_log(net_log) {} - - BoundNetLog net_log; -}; - // ProofVerifierChromium implements the QUIC ProofVerifier interface. It is // capable of handling multiple simultaneous requests. class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { public: - explicit ProofVerifierChromium(CertVerifier* cert_verifier); + ProofVerifierChromium(CertVerifier* cert_verifier, + const BoundNetLog& net_log); virtual ~ProofVerifierChromium(); // ProofVerifier interface @@ -52,9 +42,8 @@ class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { const std::string& server_config, const std::vector<std::string>& certs, const std::string& signature, - const ProofVerifyContext* verify_context, std::string* error_details, - scoped_ptr<ProofVerifyDetails>* verify_details, + scoped_ptr<ProofVerifyDetails>* details, ProofVerifierCallback* callback) OVERRIDE; private: @@ -69,6 +58,8 @@ class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier { // Underlying verifier used to verify certificates. CertVerifier* const cert_verifier_; + BoundNetLog net_log_; + DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium); }; |