Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(152)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/origin_bound_cert_service.h

Issue 8890073: Handle Origin Bound Certificate expiration. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: review changes Created 9 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/default_origin_bound_cert_store_unittest.cc ('k') | net/base/origin_bound_cert_service.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_ORIGIN_BOUND_CERT_SERVICE_H_ 5 #ifndef NET_BASE_ORIGIN_BOUND_CERT_SERVICE_H_
6 #define NET_BASE_ORIGIN_BOUND_CERT_SERVICE_H_ 6 #define NET_BASE_ORIGIN_BOUND_CERT_SERVICE_H_
7 #pragma once 7 #pragma once
8 8
9 #include <map> 9 #include <map>
10 #include <string> 10 #include <string>
11 #include <vector> 11 #include <vector>
12 12
13 #include "base/basictypes.h" 13 #include "base/basictypes.h"
14 #include "base/memory/scoped_ptr.h" 14 #include "base/memory/scoped_ptr.h"
15 #include "base/time.h"
15 #include "base/threading/non_thread_safe.h" 16 #include "base/threading/non_thread_safe.h"
16 #include "net/base/completion_callback.h" 17 #include "net/base/completion_callback.h"
17 #include "net/base/net_export.h" 18 #include "net/base/net_export.h"
18 #include "net/base/ssl_client_cert_type.h" 19 #include "net/base/ssl_client_cert_type.h"
19 20
20 namespace net { 21 namespace net {
21 22
22 class OriginBoundCertServiceJob; 23 class OriginBoundCertServiceJob;
23 class OriginBoundCertServiceWorker; 24 class OriginBoundCertServiceWorker;
24 class OriginBoundCertStore; 25 class OriginBoundCertStore;
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after
79 // Public only for unit testing. 80 // Public only for unit testing.
80 int cert_count(); 81 int cert_count();
81 uint64 requests() const { return requests_; } 82 uint64 requests() const { return requests_; }
82 uint64 cert_store_hits() const { return cert_store_hits_; } 83 uint64 cert_store_hits() const { return cert_store_hits_; }
83 uint64 inflight_joins() const { return inflight_joins_; } 84 uint64 inflight_joins() const { return inflight_joins_; }
84 85
85 private: 86 private:
86 friend class OriginBoundCertServiceWorker; // Calls HandleResult. 87 friend class OriginBoundCertServiceWorker; // Calls HandleResult.
87 88
88 // On success, |private_key| stores a DER-encoded PrivateKeyInfo 89 // On success, |private_key| stores a DER-encoded PrivateKeyInfo
89 // struct, and |cert| stores a DER-encoded certificate. Returns 90 // struct, |cert| stores a DER-encoded certificate, and |expiration_time|
91 // stores the expiration time of the certificate. Returns
90 // OK if successful and an error code otherwise. 92 // OK if successful and an error code otherwise.
91 // |serial_number| is passed in because it is created with the function 93 // |serial_number| is passed in because it is created with the function
92 // base::RandInt, which opens the file /dev/urandom. /dev/urandom is opened 94 // base::RandInt, which opens the file /dev/urandom. /dev/urandom is opened
93 // with a LazyInstance, which is not allowed on a worker thread. 95 // with a LazyInstance, which is not allowed on a worker thread.
94 static int GenerateCert(const std::string& origin, 96 static int GenerateCert(const std::string& origin,
95 SSLClientCertType type, 97 SSLClientCertType type,
96 uint32 serial_number, 98 uint32 serial_number,
99 base::Time* expiration_time,
97 std::string* private_key, 100 std::string* private_key,
98 std::string* cert); 101 std::string* cert);
99 102
100 void HandleResult(const std::string& origin, 103 void HandleResult(const std::string& origin,
101 int error, 104 int error,
102 SSLClientCertType type, 105 SSLClientCertType type,
106 base::Time expiration_time,
103 const std::string& private_key, 107 const std::string& private_key,
104 const std::string& cert); 108 const std::string& cert);
105 109
106 scoped_ptr<OriginBoundCertStore> origin_bound_cert_store_; 110 scoped_ptr<OriginBoundCertStore> origin_bound_cert_store_;
107 111
108 // inflight_ maps from an origin to an active generation which is taking 112 // inflight_ maps from an origin to an active generation which is taking
109 // place. 113 // place.
110 std::map<std::string, OriginBoundCertServiceJob*> inflight_; 114 std::map<std::string, OriginBoundCertServiceJob*> inflight_;
111 115
112 uint64 requests_; 116 uint64 requests_;
113 uint64 cert_store_hits_; 117 uint64 cert_store_hits_;
114 uint64 inflight_joins_; 118 uint64 inflight_joins_;
115 119
116 DISALLOW_COPY_AND_ASSIGN(OriginBoundCertService); 120 DISALLOW_COPY_AND_ASSIGN(OriginBoundCertService);
117 }; 121 };
118 122
119 } // namespace net 123 } // namespace net
120 124
121 #endif // NET_BASE_ORIGIN_BOUND_CERT_SERVICE_H_ 125 #endif // NET_BASE_ORIGIN_BOUND_CERT_SERVICE_H_
OLDNEW
« no previous file with comments | « net/base/default_origin_bound_cert_store_unittest.cc ('k') | net/base/origin_bound_cert_service.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698