// Copyright (c) 2013 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef QUICHE_QUIC_CORE_CRYPTO_PROOF_SOURCE_H_ #define QUICHE_QUIC_CORE_CRYPTO_PROOF_SOURCE_H_ #include <cstddef> #include <cstdint> #include <memory> #include <optional> #include <string> #include <vector> #include "absl/status/status.h" #include "absl/strings/string_view.h" #include "absl/types/variant.h" #include "openssl/base.h" #include "openssl/pool.h" #include "openssl/ssl.h" #include "quiche/quic/core/crypto/certificate_view.h" #include "quiche/quic/core/crypto/quic_crypto_proof.h" #include "quiche/quic/core/quic_connection_id.h" #include "quiche/quic/core/quic_types.h" #include "quiche/quic/core/quic_versions.h" #include "quiche/quic/platform/api/quic_socket_address.h" #include "quiche/common/platform/api/quiche_export.h" #include "quiche/common/platform/api/quiche_reference_counted.h" namespace quic { namespace test { class FakeProofSourceHandle; } // namespace test // CryptoBuffers is a RAII class to own a std::vector<CRYPTO_BUFFER*> and the // buffers the elements point to. struct QUICHE_EXPORT CryptoBuffers { … }; // ProofSource is an interface by which a QUIC server can obtain certificate // chains and signatures that prove its identity. class QUICHE_EXPORT ProofSource { … }; // ProofSourceHandleCallback is an interface that contains the callbacks when // the operations in ProofSourceHandle completes. // TODO(wub): Consider deprecating ProofSource by moving all functionalities of // ProofSource into ProofSourceHandle. class QUICHE_EXPORT ProofSourceHandleCallback { … }; // ProofSourceHandle is an interface by which a TlsServerHandshaker can obtain // certificate chains and signatures that prove its identity. // The operations this interface supports are similar to those in ProofSource, // the main difference is that ProofSourceHandle is per-handshaker, so // an implementation can have states that are shared by multiple calls on the // same handle. // // A handle object is owned by a TlsServerHandshaker. Since there might be an // async operation pending when the handle destructs, an implementation must // ensure when such operations finish, their corresponding callback method won't // be invoked. // // A handle will have at most one async operation pending at a time. class QUICHE_EXPORT ProofSourceHandle { … }; // Returns true if |chain| contains a parsable DER-encoded X.509 leaf cert and // it matches with |key|. QUICHE_EXPORT bool ValidateCertAndKey( const quiche::QuicheReferenceCountedPointer<ProofSource::Chain>& chain, const CertificatePrivateKey& key); } // namespace quic #endif // QUICHE_QUIC_CORE_CRYPTO_PROOF_SOURCE_H_
Codebase Browser
chromium