summaryrefslogtreecommitdiffstats
path: root/net/quic/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'net/quic/crypto')
-rw-r--r--net/quic/crypto/proof_test.cc20
-rw-r--r--net/quic/crypto/proof_verifier.h12
-rw-r--r--net/quic/crypto/proof_verifier_chromium.cc36
-rw-r--r--net/quic/crypto/proof_verifier_chromium.h19
4 files changed, 28 insertions, 59 deletions
diff --git a/net/quic/crypto/proof_test.cc b/net/quic/crypto/proof_test.cc
index 4aa7bac..df68dd0 100644
--- a/net/quic/crypto/proof_test.cc
+++ b/net/quic/crypto/proof_test.cc
@@ -38,7 +38,6 @@ TEST(ProofTest, Verify) {
const vector<string>* first_certs;
string error_details, signature, first_signature;
CertVerifyResult cert_verify_result;
- ProofVerifyContext verify_context;
ASSERT_TRUE(source->GetProof(hostname, server_config, false /* no ECDSA */,
&first_certs, &first_signature));
@@ -53,8 +52,7 @@ TEST(ProofTest, Verify) {
TestCompletionCallback callback;
rv = verifier->VerifyProof(hostname, server_config, *certs, signature,
&error_details, &cert_verify_result,
- verify_context, callback.callback());
-
+ callback.callback());
rv = callback.GetResult(rv);
ASSERT_EQ(OK, rv);
ASSERT_EQ("", error_details);
@@ -62,15 +60,14 @@ TEST(ProofTest, Verify) {
rv = verifier->VerifyProof("foo.com", server_config, *certs, signature,
&error_details, &cert_verify_result,
- verify_context, callback.callback());
+ callback.callback());
rv = callback.GetResult(rv);
ASSERT_EQ(ERR_FAILED, rv);
ASSERT_NE("", error_details);
rv = verifier->VerifyProof(hostname, server_config.substr(1, string::npos),
*certs, signature, &error_details,
- &cert_verify_result, verify_context,
- callback.callback());
+ &cert_verify_result, callback.callback());
rv = callback.GetResult(rv);
ASSERT_EQ(ERR_FAILED, rv);
ASSERT_NE("", error_details);
@@ -78,8 +75,7 @@ TEST(ProofTest, Verify) {
const string corrupt_signature = "1" + signature;
rv = verifier->VerifyProof(hostname, server_config, *certs,
corrupt_signature, &error_details,
- &cert_verify_result, verify_context,
- callback.callback());
+ &cert_verify_result, callback.callback());
rv = callback.GetResult(rv);
ASSERT_EQ(ERR_FAILED, rv);
ASSERT_NE("", error_details);
@@ -90,7 +86,7 @@ TEST(ProofTest, Verify) {
}
rv = verifier->VerifyProof("foo.com", server_config, wrong_certs, signature,
&error_details, &cert_verify_result,
- verify_context, callback.callback());
+ callback.callback());
rv = callback.GetResult(rv);
ASSERT_EQ(ERR_FAILED, rv);
ASSERT_NE("", error_details);
@@ -136,14 +132,12 @@ static void RunVerification(ProofVerifier* verifier,
TestCompletionCallback comp_callback;
bool ok;
string error_details;
- scoped_ptr<ProofVerifyContext> verify_context(
- CryptoTestUtils::ProofVerifyContextForTesting());
TestProofVerifierCallback* callback =
new TestProofVerifierCallback(&comp_callback, &ok, &error_details);
ProofVerifier::Status status = verifier->VerifyProof(
- hostname, server_config, certs, proof, verify_context.get(),
- &error_details, &details, callback);
+ hostname, server_config, certs, proof, &error_details, &details,
+ callback);
switch (status) {
case ProofVerifier::FAILURE:
diff --git a/net/quic/crypto/proof_verifier.h b/net/quic/crypto/proof_verifier.h
index 50d1635..3b47776 100644
--- a/net/quic/crypto/proof_verifier.h
+++ b/net/quic/crypto/proof_verifier.h
@@ -21,13 +21,6 @@ class NET_EXPORT_PRIVATE ProofVerifyDetails {
virtual ~ProofVerifyDetails() {}
};
-// ProofVerifyContext is an abstract class that acts as a container for any
-// implementation specific context that a ProofVerifier needs.
-class NET_EXPORT_PRIVATE ProofVerifyContext {
- public:
- virtual ~ProofVerifyContext() {}
-};
-
// ProofVerifierCallback provides a generic mechanism for a ProofVerifier to
// call back after an asynchronous verification.
class NET_EXPORT_PRIVATE ProofVerifierCallback {
@@ -67,10 +60,6 @@ class NET_EXPORT_PRIVATE ProofVerifier {
// description of the problem. In either case it may set |*details|, which the
// caller takes ownership of.
//
- // |context| specifies an implementation specific struct (which may be NULL
- // for some implementations) that provides useful information for the
- // verifier, e.g. logging handles.
- //
// This function may also return PENDING, in which case the ProofVerifier
// will call back, on the original thread, via |callback| when complete.
// In this case, the ProofVerifier will take ownership of |callback|.
@@ -81,7 +70,6 @@ class NET_EXPORT_PRIVATE ProofVerifier {
const std::string& server_config,
const std::vector<std::string>& certs,
const std::string& signature,
- const ProofVerifyContext* context,
std::string* error_details,
scoped_ptr<ProofVerifyDetails>* details,
ProofVerifierCallback* callback) = 0;
diff --git a/net/quic/crypto/proof_verifier_chromium.cc b/net/quic/crypto/proof_verifier_chromium.cc
index fdb6a0d..8584aed 100644
--- a/net/quic/crypto/proof_verifier_chromium.cc
+++ b/net/quic/crypto/proof_verifier_chromium.cc
@@ -47,7 +47,7 @@ class ProofVerifierChromium::Job {
const std::vector<std::string>& certs,
const std::string& signature,
std::string* error_details,
- scoped_ptr<ProofVerifyDetails>* verify_details,
+ scoped_ptr<ProofVerifyDetails>* details,
ProofVerifierCallback* callback);
private:
@@ -104,10 +104,10 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof(
const vector<string>& certs,
const string& signature,
std::string* error_details,
- scoped_ptr<ProofVerifyDetails>* verify_details,
+ scoped_ptr<ProofVerifyDetails>* details,
ProofVerifierCallback* callback) {
DCHECK(error_details);
- DCHECK(verify_details);
+ DCHECK(details);
DCHECK(callback);
callback_.reset(callback);
@@ -125,7 +125,7 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof(
*error_details = "Failed to create certificate chain. Certs are empty.";
DLOG(WARNING) << *error_details;
verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID;
- verify_details->reset(verify_details_.release());
+ details->reset(verify_details_.release());
return FAILURE;
}
@@ -139,7 +139,7 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof(
*error_details = "Failed to create certificate chain";
DLOG(WARNING) << *error_details;
verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID;
- verify_details->reset(verify_details_.release());
+ details->reset(verify_details_.release());
return FAILURE;
}
@@ -149,7 +149,7 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof(
*error_details = "Failed to verify signature of server config";
DLOG(WARNING) << *error_details;
verify_details_->cert_verify_result.cert_status = CERT_STATUS_INVALID;
- verify_details->reset(verify_details_.release());
+ details->reset(verify_details_.release());
return FAILURE;
}
@@ -158,13 +158,13 @@ ProofVerifierChromium::Status ProofVerifierChromium::Job::VerifyProof(
next_state_ = STATE_VERIFY_CERT;
switch (DoLoop(OK)) {
case OK:
- verify_details->reset(verify_details_.release());
+ details->reset(verify_details_.release());
return SUCCESS;
case ERR_IO_PENDING:
return PENDING;
default:
*error_details = error_details_;
- verify_details->reset(verify_details_.release());
+ details->reset(verify_details_.release());
return FAILURE;
}
}
@@ -310,8 +310,11 @@ bool ProofVerifierChromium::Job::VerifySignature(const string& signed_data,
return true;
}
-ProofVerifierChromium::ProofVerifierChromium(CertVerifier* cert_verifier)
- : cert_verifier_(cert_verifier) {}
+ProofVerifierChromium::ProofVerifierChromium(CertVerifier* cert_verifier,
+ const BoundNetLog& net_log)
+ : cert_verifier_(cert_verifier),
+ net_log_(net_log) {
+}
ProofVerifierChromium::~ProofVerifierChromium() {
STLDeleteElements(&active_jobs_);
@@ -322,19 +325,12 @@ ProofVerifierChromium::Status ProofVerifierChromium::VerifyProof(
const std::string& server_config,
const std::vector<std::string>& certs,
const std::string& signature,
- const ProofVerifyContext* verify_context,
std::string* error_details,
- scoped_ptr<ProofVerifyDetails>* verify_details,
+ scoped_ptr<ProofVerifyDetails>* details,
ProofVerifierCallback* callback) {
- if (!verify_context) {
- *error_details = "Missing context";
- return FAILURE;
- }
- const ProofVerifyContextChromium* chromium_context =
- reinterpret_cast<const ProofVerifyContextChromium*>(verify_context);
- scoped_ptr<Job> job(new Job(this, cert_verifier_, chromium_context->net_log));
+ scoped_ptr<Job> job(new Job(this, cert_verifier_, net_log_));
Status status = job->VerifyProof(hostname, server_config, certs, signature,
- error_details, verify_details, callback);
+ error_details, details, callback);
if (status == PENDING) {
active_jobs_.insert(job.release());
}
diff --git a/net/quic/crypto/proof_verifier_chromium.h b/net/quic/crypto/proof_verifier_chromium.h
index ebf9a2c..7f695e6 100644
--- a/net/quic/crypto/proof_verifier_chromium.h
+++ b/net/quic/crypto/proof_verifier_chromium.h
@@ -15,7 +15,6 @@
#include "net/base/net_export.h"
#include "net/base/net_log.h"
#include "net/cert/cert_verify_result.h"
-#include "net/cert/x509_certificate.h"
#include "net/quic/crypto/proof_verifier.h"
namespace net {
@@ -30,21 +29,12 @@ struct ProofVerifyDetailsChromium : public ProofVerifyDetails {
CertVerifyResult cert_verify_result;
};
-// ProofVerifyContextChromium is the implementation-specific information that a
-// ProofVerifierChromium needs in order to log correctly.
-struct ProofVerifyContextChromium : public ProofVerifyContext {
- public:
- explicit ProofVerifyContextChromium(const BoundNetLog& net_log)
- : net_log(net_log) {}
-
- BoundNetLog net_log;
-};
-
// ProofVerifierChromium implements the QUIC ProofVerifier interface. It is
// capable of handling multiple simultaneous requests.
class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier {
public:
- explicit ProofVerifierChromium(CertVerifier* cert_verifier);
+ ProofVerifierChromium(CertVerifier* cert_verifier,
+ const BoundNetLog& net_log);
virtual ~ProofVerifierChromium();
// ProofVerifier interface
@@ -52,9 +42,8 @@ class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier {
const std::string& server_config,
const std::vector<std::string>& certs,
const std::string& signature,
- const ProofVerifyContext* verify_context,
std::string* error_details,
- scoped_ptr<ProofVerifyDetails>* verify_details,
+ scoped_ptr<ProofVerifyDetails>* details,
ProofVerifierCallback* callback) OVERRIDE;
private:
@@ -69,6 +58,8 @@ class NET_EXPORT_PRIVATE ProofVerifierChromium : public ProofVerifier {
// Underlying verifier used to verify certificates.
CertVerifier* const cert_verifier_;
+ BoundNetLog net_log_;
+
DISALLOW_COPY_AND_ASSIGN(ProofVerifierChromium);
};