1 // Copyright 2019 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CAST_RECEIVER_CHANNEL_DEVICE_AUTH_NAMESPACE_HANDLER_H_ 6 #define CAST_RECEIVER_CHANNEL_DEVICE_AUTH_NAMESPACE_HANDLER_H_ 7 8 #include <openssl/evp.h> 9 10 #include <string> 11 #include <vector> 12 13 #include "absl/types/span.h" 14 #include "cast/common/channel/cast_message_handler.h" 15 16 namespace openscreen { 17 namespace cast { 18 19 struct DeviceCredentials { 20 // The device's certificate chain in DER form, where |certs[0]| is the 21 // device's certificate and |certs[certs.size()-1]| is the last intermediate 22 // before a Cast root certificate. 23 std::vector<std::string> certs; 24 25 // The device's private key that corresponds to the certificate in |certs[0]|. 26 bssl::UniquePtr<EVP_PKEY> private_key; 27 28 // If non-empty, this contains a serialized CrlBundle protobuf. This may be 29 // used by the sender as part of verifying |certs|. 30 std::string serialized_crl; 31 }; 32 33 class DeviceAuthNamespaceHandler final : public CastMessageHandler { 34 public: 35 class CredentialsProvider { 36 public: 37 virtual absl::Span<const uint8_t> GetCurrentTlsCertAsDer() = 0; 38 virtual const DeviceCredentials& GetCurrentDeviceCredentials() = 0; 39 }; 40 41 // |creds_provider| must outlive |this|. 42 explicit DeviceAuthNamespaceHandler(CredentialsProvider* creds_provider); 43 ~DeviceAuthNamespaceHandler(); 44 45 // CastMessageHandler overrides. 46 void OnMessage(VirtualConnectionRouter* router, 47 CastSocket* socket, 48 ::cast::channel::CastMessage message) override; 49 50 private: 51 CredentialsProvider* const creds_provider_; 52 }; 53 54 } // namespace cast 55 } // namespace openscreen 56 57 #endif // CAST_RECEIVER_CHANNEL_DEVICE_AUTH_NAMESPACE_HANDLER_H_ 58