// Copyright 2013 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifdef UNSAFE_BUFFERS_BUILD // TODO(crbug.com/40284755): Remove this and spanify to fix the errors. #pragma allow_unsafe_buffers #endif #include "net/quic/crypto/proof_verifier_chromium.h" #include <string_view> #include <utility> #include "base/containers/contains.h" #include "base/containers/span.h" #include "base/functional/bind.h" #include "base/functional/callback_helpers.h" #include "base/logging.h" #include "base/memory/raw_ptr.h" #include "base/metrics/histogram_functions.h" #include "base/metrics/histogram_macros.h" #include "base/strings/stringprintf.h" #include "base/time/time.h" #include "crypto/signature_verifier.h" #include "net/base/host_port_pair.h" #include "net/base/net_errors.h" #include "net/base/network_anonymization_key.h" #include "net/cert/cert_status_flags.h" #include "net/cert/cert_verifier.h" #include "net/cert/ct_verifier.h" #include "net/cert/sct_auditing_delegate.h" #include "net/cert/x509_util.h" #include "net/http/transport_security_state.h" #include "net/third_party/quiche/src/quiche/quic/core/crypto/crypto_protocol.h" StringPrintf; string; namespace net { ProofVerifyDetailsChromium::ProofVerifyDetailsChromium() = default; ProofVerifyDetailsChromium::~ProofVerifyDetailsChromium() = default; ProofVerifyDetailsChromium::ProofVerifyDetailsChromium( const ProofVerifyDetailsChromium&) = default; quic::ProofVerifyDetails* ProofVerifyDetailsChromium::Clone() const { … } // A Job handles the verification of a single proof. It is owned by the // quic::ProofVerifier. If the verification can not complete synchronously, it // will notify the quic::ProofVerifier upon completion. class ProofVerifierChromium::Job { … }; ProofVerifierChromium::Job::Job( ProofVerifierChromium* proof_verifier, CertVerifier* cert_verifier, TransportSecurityState* transport_security_state, SCTAuditingDelegate* sct_auditing_delegate, int cert_verify_flags, const NetLogWithSource& net_log) : … { … } ProofVerifierChromium::Job::~Job() { … } quic::QuicAsyncStatus ProofVerifierChromium::Job::VerifyProof( const string& hostname, const uint16_t port, const string& server_config, quic::QuicTransportVersion quic_version, std::string_view chlo_hash, const std::vector<string>& certs, const std::string& cert_sct, const string& signature, std::string* error_details, std::unique_ptr<quic::ProofVerifyDetails>* verify_details, std::unique_ptr<quic::ProofVerifierCallback> callback) { … } quic::QuicAsyncStatus ProofVerifierChromium::Job::VerifyCertChain( const string& hostname, const uint16_t port, const std::vector<string>& certs, const std::string& ocsp_response, const std::string& cert_sct, std::string* error_details, std::unique_ptr<quic::ProofVerifyDetails>* verify_details, std::unique_ptr<quic::ProofVerifierCallback> callback) { … } bool ProofVerifierChromium::Job::GetX509Certificate( const std::vector<string>& certs, std::string* error_details, std::unique_ptr<quic::ProofVerifyDetails>* verify_details) { … } quic::QuicAsyncStatus ProofVerifierChromium::Job::VerifyCert( const string& hostname, const uint16_t port, const std::string& ocsp_response, const std::string& cert_sct, std::string* error_details, std::unique_ptr<quic::ProofVerifyDetails>* verify_details, std::unique_ptr<quic::ProofVerifierCallback> callback) { … } int ProofVerifierChromium::Job::DoLoop(int last_result) { … } void ProofVerifierChromium::Job::OnIOComplete(int result) { … } int ProofVerifierChromium::Job::DoVerifyCert(int result) { … } bool ProofVerifierChromium::Job::ShouldAllowUnknownRootForHost( const std::string& hostname) { … } int ProofVerifierChromium::Job::DoVerifyCertComplete(int result) { … } bool ProofVerifierChromium::Job::VerifySignature( const string& signed_data, quic::QuicTransportVersion quic_version, std::string_view chlo_hash, const string& signature, const string& cert) { … } int ProofVerifierChromium::Job::CheckCTRequirements() { … } ProofVerifierChromium::ProofVerifierChromium( CertVerifier* cert_verifier, TransportSecurityState* transport_security_state, SCTAuditingDelegate* sct_auditing_delegate, std::set<std::string> hostnames_to_allow_unknown_roots, const NetworkAnonymizationKey& network_anonymization_key) : … { … } ProofVerifierChromium::~ProofVerifierChromium() = default; quic::QuicAsyncStatus ProofVerifierChromium::VerifyProof( const std::string& hostname, const uint16_t port, const std::string& server_config, quic::QuicTransportVersion quic_version, std::string_view chlo_hash, const std::vector<std::string>& certs, const std::string& cert_sct, const std::string& signature, const quic::ProofVerifyContext* verify_context, std::string* error_details, std::unique_ptr<quic::ProofVerifyDetails>* verify_details, std::unique_ptr<quic::ProofVerifierCallback> callback) { … } quic::QuicAsyncStatus ProofVerifierChromium::VerifyCertChain( const std::string& hostname, const uint16_t port, const std::vector<std::string>& certs, const std::string& ocsp_response, const std::string& cert_sct, const quic::ProofVerifyContext* verify_context, std::string* error_details, std::unique_ptr<quic::ProofVerifyDetails>* verify_details, uint8_t* /*out_alert*/, std::unique_ptr<quic::ProofVerifierCallback> callback) { … } std::unique_ptr<quic::ProofVerifyContext> ProofVerifierChromium::CreateDefaultContext() { … } void ProofVerifierChromium::OnJobComplete(Job* job) { … } } // namespace net
Codebase Browser
chromium