Chromium Code Reviews Chromium Code Reviews
Issue 1304143010:
Plumbing SSLPrivateKey
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/certificate_provider/certificate_provider_serv ice.h" | 5 #include "chrome/browser/chromeos/certificate_provider/certificate_provider_serv ice.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/callback.h" | 9 #include "base/callback.h" |
| 10 #include "base/location.h" | 10 #include "base/location.h" |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 45 // |certificate_map| must outlive this provider. |service| must be | 45 // |certificate_map| must outlive this provider. |service| must be |
| 46 // dereferenceable on |service_task_runner|. | 46 // dereferenceable on |service_task_runner|. |
| 47 // This provider may be accessed from any thread. Methods and destructor must | 47 // This provider may be accessed from any thread. Methods and destructor must |
| 48 // never be called concurrently. | 48 // never be called concurrently. |
| 49 CertKeyProviderImpl( | 49 CertKeyProviderImpl( |
| 50 const scoped_refptr<base::SequencedTaskRunner>& service_task_runner, | 50 const scoped_refptr<base::SequencedTaskRunner>& service_task_runner, |
| 51 const base::WeakPtr<CertificateProviderService>& service, | 51 const base::WeakPtr<CertificateProviderService>& service, |
| 52 certificate_provider::ThreadSafeCertificateMap* certificate_map); | 52 certificate_provider::ThreadSafeCertificateMap* certificate_map); |
| 53 ~CertKeyProviderImpl() override; | 53 ~CertKeyProviderImpl() override; |
| 54 | 54 |
| 55 bool GetCertificateKey(const net::X509Certificate& cert, | 55 bool GetCertificateKey( |
| 56 scoped_ptr<net::SSLPrivateKey>* private_key) override; | 56 const net::X509Certificate& cert, |
| 57 scoped_refptr<net::SSLPrivateKey>* private_key) override; | |
| 57 | 58 |
| 58 private: | 59 private: |
| 59 const scoped_refptr<base::SequencedTaskRunner> service_task_runner_; | 60 const scoped_refptr<base::SequencedTaskRunner> service_task_runner_; |
| 60 // Must be dereferenced on |service_task_runner_| only. | 61 // Must be dereferenced on |service_task_runner_| only. |
| 61 base::WeakPtr<CertificateProviderService> service_; | 62 base::WeakPtr<CertificateProviderService> service_; |
| 62 certificate_provider::ThreadSafeCertificateMap* const certificate_map_; | 63 certificate_provider::ThreadSafeCertificateMap* const certificate_map_; |
| 63 | 64 |
| 64 DISALLOW_COPY_AND_ASSIGN(CertKeyProviderImpl); | 65 DISALLOW_COPY_AND_ASSIGN(CertKeyProviderImpl); |
| 65 }; | 66 }; |
| 66 | 67 |
| (...skipping 30 matching lines...) Expand all Loading... | |
| 97 // Objects of this class must be used on a single thread. Any thread is allowed. | 98 // Objects of this class must be used on a single thread. Any thread is allowed. |
| 98 class CertificateProviderService::SSLPrivateKey : public net::SSLPrivateKey { | 99 class CertificateProviderService::SSLPrivateKey : public net::SSLPrivateKey { |
| 99 public: | 100 public: |
| 100 // Any calls back to |service| will be posted to |service_task_runner|. | 101 // Any calls back to |service| will be posted to |service_task_runner|. |
| 101 // |service| must be dereferenceable on |service_task_runner|. | 102 // |service| must be dereferenceable on |service_task_runner|. |
| 102 SSLPrivateKey( | 103 SSLPrivateKey( |
| 103 const std::string& extension_id, | 104 const std::string& extension_id, |
| 104 const CertificateInfo& cert_info, | 105 const CertificateInfo& cert_info, |
| 105 const scoped_refptr<base::SequencedTaskRunner>& service_task_runner, | 106 const scoped_refptr<base::SequencedTaskRunner>& service_task_runner, |
| 106 const base::WeakPtr<CertificateProviderService>& service); | 107 const base::WeakPtr<CertificateProviderService>& service); |
| 107 ~SSLPrivateKey() override; | |
| 108 | 108 |
| 109 // net::SSLPrivateKey: | 109 // net::SSLPrivateKey: |
| 110 Type GetType() override; | 110 Type GetType() override; |
| 111 bool SupportsHash(Hash hash) override; | 111 bool SupportsHash(Hash hash) override; |
| 112 size_t GetMaxSignatureLengthInBytes() override; | 112 size_t GetMaxSignatureLengthInBytes() override; |
| 113 void SignDigest(Hash hash, | 113 void SignDigest(Hash hash, |
| 114 const base::StringPiece& input, | 114 const base::StringPiece& input, |
| 115 const SignCallback& callback) override; | 115 const SignCallback& callback) override; |
| 116 | 116 |
| 117 private: | 117 private: |
| 118 ~SSLPrivateKey() override; | |
| 119 | |
| 118 static void SignDigestOnServiceTaskRunner( | 120 static void SignDigestOnServiceTaskRunner( |
| 119 const base::WeakPtr<CertificateProviderService>& service, | 121 const base::WeakPtr<CertificateProviderService>& service, |
| 120 const std::string& extension_id, | 122 const std::string& extension_id, |
| 121 const scoped_refptr<net::X509Certificate>& certificate, | 123 const scoped_refptr<net::X509Certificate>& certificate, |
| 122 Hash hash, | 124 Hash hash, |
| 123 const std::string& input, | 125 const std::string& input, |
| 124 const SignCallback& callback); | 126 const SignCallback& callback); |
| 125 | 127 |
| 126 void DidSignDigest(const SignCallback& callback, | 128 void DidSignDigest(const SignCallback& callback, |
| 127 net::Error error, | 129 net::Error error, |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 143 const base::WeakPtr<CertificateProviderService>& service, | 145 const base::WeakPtr<CertificateProviderService>& service, |
| 144 certificate_provider::ThreadSafeCertificateMap* certificate_map) | 146 certificate_provider::ThreadSafeCertificateMap* certificate_map) |
| 145 : service_task_runner_(service_task_runner), | 147 : service_task_runner_(service_task_runner), |
| 146 service_(service), | 148 service_(service), |
| 147 certificate_map_(certificate_map) {} | 149 certificate_map_(certificate_map) {} |
| 148 | 150 |
| 149 CertificateProviderService::CertKeyProviderImpl::~CertKeyProviderImpl() {} | 151 CertificateProviderService::CertKeyProviderImpl::~CertKeyProviderImpl() {} |
| 150 | 152 |
| 151 bool CertificateProviderService::CertKeyProviderImpl::GetCertificateKey( | 153 bool CertificateProviderService::CertKeyProviderImpl::GetCertificateKey( |
| 152 const net::X509Certificate& cert, | 154 const net::X509Certificate& cert, |
| 153 scoped_ptr<net::SSLPrivateKey>* private_key) { | 155 scoped_refptr<net::SSLPrivateKey>* private_key) { |
| 154 bool is_currently_provided = false; | 156 bool is_currently_provided = false; |
| 155 CertificateInfo info; | 157 CertificateInfo info; |
| 156 std::string extension_id; | 158 std::string extension_id; |
| 157 certificate_map_->LookUpCertificate(cert, &is_currently_provided, &info, | 159 certificate_map_->LookUpCertificate(cert, &is_currently_provided, &info, |
| 158 &extension_id); | 160 &extension_id); |
| 159 if (!is_currently_provided) | 161 if (!is_currently_provided) |
| 160 return false; | 162 return false; |
| 161 | 163 |
| 162 private_key->reset( | 164 scoped_refptr<net::SSLPrivateKey> new_key = |
| 163 new SSLPrivateKey(extension_id, info, service_task_runner_, service_)); | 165 new SSLPrivateKey(extension_id, info, service_task_runner_, service_); |
| 166 private_key->swap(new_key); | |
|
davidben
2015/10/13 20:32:15
private_key = new SSLPrivateKey(...)
svaldez
2015/10/14 15:06:18
Done.
| |
| 167 | |
| 164 return true; | 168 return true; |
| 165 } | 169 } |
| 166 | 170 |
| 167 CertificateProviderService::CertificateProviderImpl::CertificateProviderImpl( | 171 CertificateProviderService::CertificateProviderImpl::CertificateProviderImpl( |
| 168 const scoped_refptr<base::SequencedTaskRunner>& service_task_runner, | 172 const scoped_refptr<base::SequencedTaskRunner>& service_task_runner, |
| 169 const base::WeakPtr<CertificateProviderService>& service) | 173 const base::WeakPtr<CertificateProviderService>& service) |
| 170 : service_task_runner_(service_task_runner), service_(service) {} | 174 : service_task_runner_(service_task_runner), service_(service) {} |
| 171 | 175 |
| 172 CertificateProviderService::CertificateProviderImpl:: | 176 CertificateProviderService::CertificateProviderImpl:: |
| 173 ~CertificateProviderImpl() {} | 177 ~CertificateProviderImpl() {} |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 211 : extension_id_(extension_id), | 215 : extension_id_(extension_id), |
| 212 cert_info_(cert_info), | 216 cert_info_(cert_info), |
| 213 service_task_runner_(service_task_runner), | 217 service_task_runner_(service_task_runner), |
| 214 service_(service), | 218 service_(service), |
| 215 weak_factory_(this) { | 219 weak_factory_(this) { |
| 216 // This constructor is called on |service_task_runner|. Only subsequent calls | 220 // This constructor is called on |service_task_runner|. Only subsequent calls |
| 217 // to member functions have to be on a common thread. | 221 // to member functions have to be on a common thread. |
| 218 thread_checker_.DetachFromThread(); | 222 thread_checker_.DetachFromThread(); |
| 219 } | 223 } |
| 220 | 224 |
| 221 CertificateProviderService::SSLPrivateKey::~SSLPrivateKey() { | |
| 222 DCHECK(thread_checker_.CalledOnValidThread()); | |
| 223 } | |
| 224 | |
| 225 CertificateProviderService::SSLPrivateKey::Type | 225 CertificateProviderService::SSLPrivateKey::Type |
| 226 CertificateProviderService::SSLPrivateKey::GetType() { | 226 CertificateProviderService::SSLPrivateKey::GetType() { |
| 227 DCHECK(thread_checker_.CalledOnValidThread()); | 227 DCHECK(thread_checker_.CalledOnValidThread()); |
| 228 return cert_info_.type; | 228 return cert_info_.type; |
| 229 } | 229 } |
| 230 | 230 |
| 231 bool CertificateProviderService::SSLPrivateKey::SupportsHash(Hash hash) { | 231 bool CertificateProviderService::SSLPrivateKey::SupportsHash(Hash hash) { |
| 232 DCHECK(thread_checker_.CalledOnValidThread()); | 232 DCHECK(thread_checker_.CalledOnValidThread()); |
| 233 return ContainsValue(cert_info_.supported_hashes, hash); | 233 return ContainsValue(cert_info_.supported_hashes, hash); |
| 234 } | 234 } |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 271 // destroyed in the meantime. | 271 // destroyed in the meantime. |
| 272 base::Bind(&SSLPrivateKey::DidSignDigest, | 272 base::Bind(&SSLPrivateKey::DidSignDigest, |
| 273 weak_factory_.GetWeakPtr(), callback)); | 273 weak_factory_.GetWeakPtr(), callback)); |
| 274 | 274 |
| 275 service_task_runner_->PostTask( | 275 service_task_runner_->PostTask( |
| 276 FROM_HERE, base::Bind(&SSLPrivateKey::SignDigestOnServiceTaskRunner, | 276 FROM_HERE, base::Bind(&SSLPrivateKey::SignDigestOnServiceTaskRunner, |
| 277 service_, extension_id_, cert_info_.certificate, | 277 service_, extension_id_, cert_info_.certificate, |
| 278 hash, input.as_string(), bound_callback)); | 278 hash, input.as_string(), bound_callback)); |
| 279 } | 279 } |
| 280 | 280 |
| 281 CertificateProviderService::SSLPrivateKey::~SSLPrivateKey() { | |
| 282 DCHECK(thread_checker_.CalledOnValidThread()); | |
| 283 } | |
| 284 | |
| 281 void CertificateProviderService::SSLPrivateKey::DidSignDigest( | 285 void CertificateProviderService::SSLPrivateKey::DidSignDigest( |
| 282 const SignCallback& callback, | 286 const SignCallback& callback, |
| 283 net::Error error, | 287 net::Error error, |
| 284 const std::vector<uint8_t>& signature) { | 288 const std::vector<uint8_t>& signature) { |
| 285 DCHECK(thread_checker_.CalledOnValidThread()); | 289 DCHECK(thread_checker_.CalledOnValidThread()); |
| 286 callback.Run(error, signature); | 290 callback.Run(error, signature); |
| 287 } | 291 } |
| 288 | 292 |
| 289 CertificateProviderService::CertificateProviderService() | 293 CertificateProviderService::CertificateProviderService() |
| 290 : weak_factory_(this) {} | 294 : weak_factory_(this) {} |
| (...skipping 168 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 459 const int sign_request_id = sign_requests_.AddRequest(extension_id, callback); | 463 const int sign_request_id = sign_requests_.AddRequest(extension_id, callback); |
| 460 if (!delegate_->DispatchSignRequestToExtension(extension_id, sign_request_id, | 464 if (!delegate_->DispatchSignRequestToExtension(extension_id, sign_request_id, |
| 461 hash, certificate, digest)) { | 465 hash, certificate, digest)) { |
| 462 sign_requests_.RemoveRequest(extension_id, sign_request_id, | 466 sign_requests_.RemoveRequest(extension_id, sign_request_id, |
| 463 nullptr /* callback */); | 467 nullptr /* callback */); |
| 464 callback.Run(net::ERR_FAILED, std::vector<uint8_t>()); | 468 callback.Run(net::ERR_FAILED, std::vector<uint8_t>()); |
| 465 } | 469 } |
| 466 } | 470 } |
| 467 | 471 |
| 468 } // namespace chromeos | 472 } // namespace chromeos |
| OLD | NEW |
