xref: /aosp_15_r20/external/cronet/net/quic/crypto/proof_source_chromium.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2013 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_QUIC_CRYPTO_PROOF_SOURCE_CHROMIUM_H_
6 #define NET_QUIC_CRYPTO_PROOF_SOURCE_CHROMIUM_H_
7 
8 #include <string>
9 #include <vector>
10 
11 #include "base/compiler_specific.h"
12 #include "base/files/file_util.h"
13 #include "crypto/rsa_private_key.h"
14 #include "net/base/net_export.h"
15 #include "net/cert/x509_certificate.h"
16 #include "net/third_party/quiche/src/quiche/quic/core/crypto/proof_source.h"
17 
18 namespace net {
19 
20 // ProofSourceChromium implements the QUIC quic::ProofSource interface.
21 // TODO(rtenneti): implement details of this class.
22 class NET_EXPORT_PRIVATE ProofSourceChromium : public quic::ProofSource {
23  public:
24   ProofSourceChromium();
25 
26   ProofSourceChromium(const ProofSourceChromium&) = delete;
27   ProofSourceChromium& operator=(const ProofSourceChromium&) = delete;
28 
29   ~ProofSourceChromium() override;
30 
31   // Initializes this object based on the certificate chain in |cert_path|,
32   // and the PKCS#8 RSA private key in |key_path|. Signed certificate
33   // timestamp may be loaded from |sct_path| if it is non-empty.
34   bool Initialize(const base::FilePath& cert_path,
35                   const base::FilePath& key_path,
36                   const base::FilePath& sct_path);
37 
38   // quic::ProofSource interface
39   void GetProof(const quic::QuicSocketAddress& server_address,
40                 const quic::QuicSocketAddress& client_address,
41                 const std::string& hostname,
42                 const std::string& server_config,
43                 quic::QuicTransportVersion quic_version,
44                 std::string_view chlo_hash,
45                 std::unique_ptr<Callback> callback) override;
46 
47   quiche::QuicheReferenceCountedPointer<Chain> GetCertChain(
48       const quic::QuicSocketAddress& server_address,
49       const quic::QuicSocketAddress& client_address,
50       const std::string& hostname,
51       bool* cert_matched_sni) override;
52 
53   void ComputeTlsSignature(
54       const quic::QuicSocketAddress& server_address,
55       const quic::QuicSocketAddress& client_address,
56       const std::string& hostname,
57       uint16_t signature_algorithm,
58       std::string_view in,
59       std::unique_ptr<SignatureCallback> callback) override;
60 
61   absl::InlinedVector<uint16_t, 8> SupportedTlsSignatureAlgorithms()
62       const override;
63 
64   TicketCrypter* GetTicketCrypter() override;
65   void SetTicketCrypter(std::unique_ptr<TicketCrypter> ticket_crypter);
66 
67  private:
68   bool GetProofInner(
69       const quic::QuicSocketAddress& server_ip,
70       const std::string& hostname,
71       const std::string& server_config,
72       quic::QuicTransportVersion quic_version,
73       std::string_view chlo_hash,
74       quiche::QuicheReferenceCountedPointer<quic::ProofSource::Chain>*
75           out_chain,
76       quic::QuicCryptoProof* proof);
77 
78   std::unique_ptr<crypto::RSAPrivateKey> private_key_;
79   CertificateList certs_in_file_;
80   quiche::QuicheReferenceCountedPointer<quic::ProofSource::Chain> chain_;
81   std::string signed_certificate_timestamp_;
82   std::unique_ptr<TicketCrypter> ticket_crypter_;
83 };
84 
85 }  // namespace net
86 
87 #endif  // NET_QUIC_CRYPTO_PROOF_SOURCE_CHROMIUM_H_
88