OLD | NEW |
---|---|
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_BASE_KEYGEN_HANDLER_H_ | 5 #ifndef NET_BASE_KEYGEN_HANDLER_H_ |
6 #define NET_BASE_KEYGEN_HANDLER_H_ | 6 #define NET_BASE_KEYGEN_HANDLER_H_ |
7 #pragma once | 7 #pragma once |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 | 10 |
11 #include "base/scoped_ptr.h" | |
12 #include "build/build_config.h" | |
11 #include "googleurl/src/gurl.h" | 13 #include "googleurl/src/gurl.h" |
12 | 14 |
15 namespace base { | |
16 class PK11BlockingPasswordDelegate; | |
wtc
2010/12/15 20:54:36
Nit: put this forward declaration inside #if defin
mattm
2011/01/12 01:22:07
Done.
| |
17 }; | |
18 | |
13 namespace net { | 19 namespace net { |
14 | 20 |
15 // This class handles keypair generation for generating client | 21 // This class handles keypair generation for generating client |
16 // certificates via the <keygen> tag. | 22 // certificates via the <keygen> tag. |
17 // <http://dev.w3.org/html5/spec/Overview.html#the-keygen-element> | 23 // <http://dev.w3.org/html5/spec/Overview.html#the-keygen-element> |
18 // <https://developer.mozilla.org/En/HTML/HTML_Extensions/KEYGEN_Tag> | 24 // <https://developer.mozilla.org/En/HTML/HTML_Extensions/KEYGEN_Tag> |
19 | 25 |
20 class KeygenHandler { | 26 class KeygenHandler { |
21 public: | 27 public: |
22 // Creates a handler that will generate a key with the given key size and | 28 // Creates a handler that will generate a key with the given key size and |
23 // incorporate the |challenge| into the Netscape SPKAC structure. The request | 29 // incorporate the |challenge| into the Netscape SPKAC structure. The request |
24 // for the key originated from |url|. | 30 // for the key originated from |url|. |
25 inline KeygenHandler(int key_size_in_bits, | 31 KeygenHandler(int key_size_in_bits, |
26 const std::string& challenge, | 32 const std::string& challenge, |
27 const GURL& url); | 33 const GURL& url); |
34 ~KeygenHandler(); | |
28 | 35 |
29 // Actually generates the key-pair and the cert request (SPKAC), and returns | 36 // Actually generates the key-pair and the cert request (SPKAC), and returns |
30 // a base64-encoded string suitable for use as the form value of <keygen>. | 37 // a base64-encoded string suitable for use as the form value of <keygen>. |
31 std::string GenKeyAndSignChallenge(); | 38 std::string GenKeyAndSignChallenge(); |
32 | 39 |
33 // Exposed only for unit tests. | 40 // Exposed only for unit tests. |
34 void set_stores_key(bool store) { stores_key_ = store;} | 41 void set_stores_key(bool store) { stores_key_ = store;} |
35 | 42 |
43 #if defined(USE_NSS) | |
44 // On NSS, the token may be unauthenticated. We pass the blocking delegate for | |
wtc
2010/12/15 20:54:36
Question: does this mean there is also a non-block
mattm
2011/01/12 01:22:07
no, just the alternate strategy of using the non-b
| |
45 // simplicity; GenKeyAndSignChallenge will block on generating a key anyway, | |
46 // so this is used on a worker thread. Takes ownership of the delegate. | |
47 void set_pk11_password_delegate(base::PK11BlockingPasswordDelegate* delegate); | |
48 #endif // defined(USE_NSS) | |
49 | |
36 private: | 50 private: |
37 int key_size_in_bits_; // key size in bits (usually 2048) | 51 int key_size_in_bits_; // key size in bits (usually 2048) |
38 std::string challenge_; // challenge string sent by server | 52 std::string challenge_; // challenge string sent by server |
39 GURL url_; // the URL that requested the key | 53 GURL url_; // the URL that requested the key |
40 bool stores_key_; // should the generated key-pair be stored persistently? | 54 bool stores_key_; // should the generated key-pair be stored persistently? |
55 #if defined(USE_NSS) | |
56 // The callback for requesting a password to the PKCS#11 store. | |
wtc
2010/12/15 20:54:36
Nit: store => token
mattm
2011/01/12 01:22:07
Done.
| |
57 scoped_ptr<base::PK11BlockingPasswordDelegate> pk11_password_delegate_; | |
58 #endif // defined(USE_NSS) | |
41 }; | 59 }; |
42 | 60 |
43 KeygenHandler::KeygenHandler(int key_size_in_bits, | |
44 const std::string& challenge, | |
45 const GURL& url) | |
46 : key_size_in_bits_(key_size_in_bits), | |
47 challenge_(challenge), | |
48 url_(url), | |
49 stores_key_(true) { | |
50 } | |
51 | |
52 } // namespace net | 61 } // namespace net |
53 | 62 |
54 #endif // NET_BASE_KEYGEN_HANDLER_H_ | 63 #endif // NET_BASE_KEYGEN_HANDLER_H_ |
OLD | NEW |