Add ICU message format support
[chromium-blink-merge.git] / extensions / browser / api / cast_channel / cast_auth_util.h
bloba5005862faecbb06dd8ebf0fabc5bfce8ed25a26
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_
6 #define EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_
8 #include <string>
10 namespace extensions {
11 namespace api {
12 namespace cast_channel {
14 class AuthResponse;
15 class CastMessage;
16 class DeviceAuthMessage;
18 struct AuthResult {
19 public:
20 enum ErrorType {
21 ERROR_NONE,
22 ERROR_PEER_CERT_EMPTY,
23 ERROR_WRONG_PAYLOAD_TYPE,
24 ERROR_NO_PAYLOAD,
25 ERROR_PAYLOAD_PARSING_FAILED,
26 ERROR_MESSAGE_ERROR,
27 ERROR_NO_RESPONSE,
28 ERROR_FINGERPRINT_NOT_FOUND,
29 ERROR_CERT_PARSING_FAILED,
30 ERROR_CERT_NOT_SIGNED_BY_TRUSTED_CA,
31 ERROR_CANNOT_EXTRACT_PUBLIC_KEY,
32 ERROR_SIGNED_BLOBS_MISMATCH,
33 ERROR_UNEXPECTED_AUTH_LIBRARY_RESULT
36 enum PolicyType { POLICY_NONE = 0, POLICY_AUDIO_ONLY = 1 << 0 };
38 // Constructs a AuthResult that corresponds to success.
39 AuthResult();
40 ~AuthResult();
42 static AuthResult CreateWithParseError(const std::string& error_message,
43 ErrorType error_type);
44 static AuthResult CreateWithNSSError(const std::string& error_message,
45 ErrorType error_type,
46 int nss_error_code);
48 bool success() const { return error_type == ERROR_NONE; }
50 std::string error_message;
51 ErrorType error_type;
52 int nss_error_code;
53 unsigned int channel_policies;
55 private:
56 AuthResult(const std::string& error_message,
57 ErrorType error_type,
58 int nss_error_code);
61 // Authenticates the given |challenge_reply|:
62 // 1. Signature contained in the reply is valid.
63 // 2. Certficate used to sign is rooted to a trusted CA.
64 AuthResult AuthenticateChallengeReply(const CastMessage& challenge_reply,
65 const std::string& peer_cert);
67 // Auth-library specific implementation of cryptographic signature
68 // verification routines. Verifies that |response| contains a
69 // valid signed form of |peer_cert|.
70 AuthResult VerifyCredentials(const AuthResponse& response,
71 const std::string& peer_cert);
73 } // namespace cast_channel
74 } // namespace api
75 } // namespace extensions
77 #endif // EXTENSIONS_BROWSER_API_CAST_CHANNEL_CAST_AUTH_UTIL_H_