Generates the DTLS identity in browser process and returns it to render process.

content/browser/media/dtls_identity_store.h

+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CONTENT_BROWSER_MEDIA_DTLS_IDENTITY_STORE_H_
+#define CONTENT_BROWSER_MEDIA_DTLS_IDENTITY_STORE_H_
+
+#include "base/callback.h"
+#include "base/memory/ref_counted.h"
+#include "base/threading/non_thread_safe.h"

[Ryan Sleevi, 2013/06/17 18:13:23]

Unused

[jiayl, 2013/06/17 18:58:00]

Removed

+
+class GURL;
+
+namespace base {
+class TaskRunner;
+}  // namespace base
+
+namespace content {
+
+class DTLSIdentityRequest;
+class DTLSIdentityRequestHandle;
+
+// A class for creating and fetching DTLS identities, i.e. the private key and
+// the self-signed certificate.
+class DTLSIdentityStore {
+ public:
+  typedef base::Callback<void(int error,
+                              const std::string& certificate,
+                              const std::string& private_key)>
+      CompletionCallback;
+
+  DTLSIdentityStore();
+  virtual ~DTLSIdentityStore();
+
+  // Retrieve the DTLS identity for the given origin, or generate a new one
+  // if not existent. Asynchronous.
+  // |origin| is the origin of the PeerConnection requesting the identity;
+  // |identity_name| is used to identify an identity within an origin;
+  // |common_name| is the common name used to generate the certificate;
+  // |callback| is the callback to return the result.
+  //
+  // Returns the Closure that can be used to cancel the request before the
+  // request is completed.
+  base::Closure RequestIdentity(
+      const GURL& origin,
+      const std::string& identity_name,
+      const std::string& common_name,
+      const CompletionCallback& callback);
+
+ protected:
+  explicit DTLSIdentityStore(

[Ryan Sleevi, 2013/06/17 18:13:23]

Why is this protected, when this class has no virtual methods (beyond its
Destructor)?

[jiayl, 2013/06/17 18:58:00]

It's used in the unit test to inject the TaskRunner

[Ryan Sleevi, 2013/06/17 23:08:34]

It doesn't need to be protected though - it should be private, and you should
friend the unit test fixture.

"protected" is a signal you intend for your (public) API to allow
specializations of this class, and you don't.

+      const scoped_refptr<base::TaskRunner>& task_runner);
+
+ private:
+  friend DTLSIdentityRequestHandle;
+
+  void CancelRequestInternal(DTLSIdentityRequest* request);
+
+  // The TaskRunner for doing work on a worker thread.
+  scoped_refptr<base::TaskRunner> task_runner_;
+
+  DISALLOW_COPY_AND_ASSIGN(DTLSIdentityStore);
+};
+
+}  // namespace content
+
+#endif  // CONTENT_BROWSER_MEDIA_DTLS_IDENTITY_STORE_H_