Chromium Code Reviews Chromium Code Reviews
Issue 7384002:
Added CreateOriginBound method to x509_certificate.h. (Closed)
Base URL: http://git.chromium.org/git/chromium.git@trunk| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/origin_bound_cert_service.h" | 5 #include "net/base/origin_bound_cert_service.h" |
| 6 | 6 |
| 7 #include <limits> | 7 #include <limits> |
| 8 | 8 |
| 9 #include "base/compiler_specific.h" | 9 #include "base/compiler_specific.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 298 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 309 job->AddRequest(request); | 309 job->AddRequest(request); |
| 310 *out_req = request; | 310 *out_req = request; |
| 311 return ERR_IO_PENDING; | 311 return ERR_IO_PENDING; |
| 312 } | 312 } |
| 313 | 313 |
| 314 // static | 314 // static |
| 315 int OriginBoundCertService::GenerateCert(const std::string& origin, | 315 int OriginBoundCertService::GenerateCert(const std::string& origin, |
| 316 uint32 serial_number, | 316 uint32 serial_number, |
| 317 std::string* private_key, | 317 std::string* private_key, |
| 318 std::string* cert) { | 318 std::string* cert) { |
| 319 std::string subject = "CN=OBC"; | |
| 320 scoped_ptr<crypto::RSAPrivateKey> key( | 319 scoped_ptr<crypto::RSAPrivateKey> key( |
| 321 crypto::RSAPrivateKey::Create(kKeySizeInBits)); | 320 crypto::RSAPrivateKey::Create(kKeySizeInBits)); |
| 322 if (!key.get()) { | 321 if (!key.get()) { |
| 323 LOG(WARNING) << "Unable to create key pair for client"; | 322 LOG(WARNING) << "Unable to create key pair for client"; |
| 324 return ERR_KEY_GENERATION_FAILED; | 323 return ERR_KEY_GENERATION_FAILED; |
| 325 } | 324 } |
| 326 | 325 |
| 327 scoped_refptr<X509Certificate> x509_cert = X509Certificate::CreateSelfSigned( | 326 scoped_refptr<X509Certificate> x509_cert = X509Certificate::CreateOriginBound( |
| 328 key.get(), | 327 key.get(), |
| 329 subject, | 328 origin, |
| 330 serial_number, | 329 serial_number, |
| 331 base::TimeDelta::FromDays(kValidityPeriodInDays)); | 330 base::TimeDelta::FromDays(kValidityPeriodInDays)); |
|
wtc
2011/08/24 01:39:42
This fails on Windows, etc. because X509Certificat
| |
| 332 if (!x509_cert) { | 331 if (!x509_cert) { |
| 333 LOG(WARNING) << "Unable to create x509 cert for client"; | 332 LOG(WARNING) << "Unable to create x509 cert for client"; |
| 334 return ERR_ORIGIN_BOUND_CERT_GENERATION_FAILED; | 333 return ERR_ORIGIN_BOUND_CERT_GENERATION_FAILED; |
| 335 } | 334 } |
| 336 | 335 |
| 337 std::vector<uint8> private_key_info; | 336 std::vector<uint8> private_key_info; |
| 338 if (!key->ExportPrivateKey(&private_key_info)) { | 337 if (!key->ExportPrivateKey(&private_key_info)) { |
| 339 LOG(WARNING) << "Unable to export private key"; | 338 LOG(WARNING) << "Unable to export private key"; |
| 340 return ERR_PRIVATE_KEY_EXPORT_FAILED; | 339 return ERR_PRIVATE_KEY_EXPORT_FAILED; |
| 341 } | 340 } |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 384 delete job; | 383 delete job; |
| 385 } | 384 } |
| 386 | 385 |
| 387 int OriginBoundCertService::cert_count() { | 386 int OriginBoundCertService::cert_count() { |
| 388 return origin_bound_cert_store_->GetCertCount(); | 387 return origin_bound_cert_store_->GetCertCount(); |
| 389 } | 388 } |
| 390 | 389 |
| 391 } // namespace net | 390 } // namespace net |
| 392 | 391 |
| 393 DISABLE_RUNNABLE_METHOD_REFCOUNT(net::OriginBoundCertServiceWorker); | 392 DISABLE_RUNNABLE_METHOD_REFCOUNT(net::OriginBoundCertServiceWorker); |
| OLD | NEW |
