Remove certificates from Channel ID

net/quic/crypto/channel_id_chromium.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/crypto/channel_id_chromium.h"
 
 #include <string>
 
 #include "base/stl_util.h"
 #include "base/strings/string_util.h"
@@ skipping 69 matching lines @@
   int DoLoop(int last_io_result);
   void OnIOComplete(int result);
   int DoGetChannelIDKey(int result);
   int DoGetChannelIDKeyComplete(int result);
 
   // Channel ID source to notify when this jobs completes.
   ChannelIDSourceChromium* const channel_id_source_;
 
   ChannelIDService* const channel_id_service_;
 
-  std::string channel_id_private_key_;
-  std::string channel_id_cert_;
+  scoped_ptr<crypto::ECPrivateKey> channel_id_crypto_key_;
   ChannelIDService::RequestHandle channel_id_request_handle_;
 
   // |hostname| specifies the hostname for which we need a channel ID.
   std::string hostname_;
 
   scoped_ptr<ChannelIDSourceCallback> callback_;
 
   scoped_ptr<ChannelIDKey> channel_id_key_;
 
   State next_state_;
@@ skipping 69 matching lines @@
     callback->Run(&channel_id_key_);
     // Will delete |this|.
     channel_id_source_->OnJobComplete(this);
   }
 }
 
 int ChannelIDSourceChromium::Job::DoGetChannelIDKey(int result) {
   next_state_ = STATE_GET_CHANNEL_ID_KEY_COMPLETE;
 
   return channel_id_service_->GetOrCreateChannelID(
-      hostname_,
-      &channel_id_private_key_,
-      &channel_id_cert_,
+      hostname_, &channel_id_crypto_key_,
       base::Bind(&ChannelIDSourceChromium::Job::OnIOComplete,
                  base::Unretained(this)),
       &channel_id_request_handle_);
 }
 
 int ChannelIDSourceChromium::Job::DoGetChannelIDKeyComplete(int result) {
   DCHECK_EQ(STATE_NONE, next_state_);
   if (result != OK) {
     DLOG(WARNING) << "Failed to look up channel ID: " << ErrorToString(result);
     return result;
   }
 
-  std::vector<uint8> encrypted_private_key_info(
-      channel_id_private_key_.size());
-  memcpy(&encrypted_private_key_info[0], channel_id_private_key_.data(),
-         channel_id_private_key_.size());
-
-  base::StringPiece spki_piece;
-  if (!asn1::ExtractSPKIFromDERCert(channel_id_cert_, &spki_piece)) {
-    return ERR_UNEXPECTED;
-  }
-  std::vector<uint8> subject_public_key_info(spki_piece.size());
-  memcpy(&subject_public_key_info[0], spki_piece.data(), spki_piece.size());
-
-  crypto::ECPrivateKey* ec_private_key =
-      crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
-          ChannelIDService::kEPKIPassword, encrypted_private_key_info,
-          subject_public_key_info);
+  crypto::ECPrivateKey* ec_private_key = channel_id_crypto_key_.get();
   if (!ec_private_key) {
     // TODO(wtc): use the new error code ERR_CHANNEL_ID_IMPORT_FAILED to be
     // added in https://codereview.chromium.org/338093012/.
     return ERR_UNEXPECTED;
   }
   channel_id_key_.reset(new ChannelIDKeyChromium(ec_private_key));

[mattm, 2015/04/10 01:00:27]

Doesn't this mean channel_id_crypto_key_ and channel_id_key_ both now own the
same ECPrivateKey?

(I'd also change ChannelIDKeyChromium to take a scoped_ptr as input so that the
ownership transfer is clear.)

[nharper, 2015/04/25 02:59:18]

I've fixed the ownership issues here so that channel_id_crypto_key_ relinquishes
ownership to channel_id_key_. I also changed ChannelIDKeyChromium to take a
scoped_ptr.

 
   return result;
 }
 
 ChannelIDSourceChromium::ChannelIDSourceChromium(
     ChannelIDService* channel_id_service)
     : channel_id_service_(channel_id_service) {
 }
 
 ChannelIDSourceChromium::~ChannelIDSourceChromium() {
@@ skipping 12 matching lines @@
   }
   return status;
 }
 
 void ChannelIDSourceChromium::OnJobComplete(Job* job) {
   active_jobs_.erase(job);
   delete job;
 }
 
 }  // namespace net