Generates the DTLS identity in browser process and returns it to render process.

content/browser/media/dtls_identity_store.cc

Index: content/browser/media/dtls_identity_store.cc
diff --git a/content/browser/media/dtls_identity_store.cc b/content/browser/media/dtls_identity_store.cc
new file mode 100644
index 0000000000000000000000000000000000000000..39f0af6188f9a76412c24891cd08170476f092c9
--- /dev/null
+++ b/content/browser/media/dtls_identity_store.cc
@@ -0,0 +1,194 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/browser/media/dtls_identity_store.h"
+
+#include "base/bind.h"
+#include "base/callback_helpers.h"
+#include "base/location.h"
+#include "base/logging.h"
+#include "base/rand_util.h"
+#include "base/task_runner.h"
+#include "base/threading/worker_pool.h"
+#include "content/public/browser/browser_thread.h"
+#include "crypto/rsa_private_key.h"
+#include "googleurl/src/gurl.h"
+#include "net/base/net_errors.h"
+#include "net/cert/x509_certificate.h"
+
+namespace content {
+
+namespace {
+
+struct DTLSIdentityRequestResult {
+  int error;
+  std::string certificate;
+  std::string private_key;
+};
+
+static void GenerateIdentityWorker(const std::string& common_name,
+                                   DTLSIdentityRequestResult* result) {
+  result->error = net::OK;
+  std::string certificate;
+  std::vector<uint8> private_key_info;
+
+  int serial_number = base::RandInt(0, std::numeric_limits<int>::max());
+
+  scoped_ptr<crypto::RSAPrivateKey> key(crypto::RSAPrivateKey::Create(1024));

[Ryan Sleevi, 2013/06/17 23:08:34]

DESIGN BUG: This forces WebRTC keys into the TPM on ChromeOS, or into the
persistent OS store on Linux/Mac, which is specifically *not* desirable (we
desire them to be ephemeral, in-memory keys, persisted to a temporary storage).

This is because RSAPrivateKey attempts to store into the private key slot
(TPM/persistent storage) or the Keychain when it's executed in the Browser
process.

The Server Bound Cert Service code doesn't have this problem, because it always
uses EC keys, which are always keyed against the public key slot
(ephemeral/in-memory), and always use NSS (eg: not platform APIs).

There is no way with RSAPrivateKey to indicate that an ephemeral key is being
generated.

[jiayl, 2013/06/20 01:04:03]

Since Ryan has started two other CLs to address this issue for all RSAPrivateKey
consumers, I think we can unblock this CL.

Ryan's patches:
Patch 1: https://codereview.chromium.org/17265013/
Patch 2: https://codereview.chromium.org/17447009/

On 2013/06/17 23:08:34, Ryan Sleevi wrote:

+  if (!key.get()) {
+    DLOG(ERROR) << "Unable to create key pair for client";
+    result->error = net::ERR_KEY_GENERATION_FAILED;
+    return;
+  }
+
+   scoped_refptr<net::X509Certificate> cert =
+      net::X509Certificate::CreateSelfSigned(key.get(),
+                                             "CN=" + common_name,
+                                             serial_number,
+                                             base::TimeDelta::FromDays(30));
+  if (!cert) {
+    DLOG(ERROR) << "Unable to create x509 cert for client";
+    result->error = net::ERR_SELF_SIGNED_CERT_GENERATION_FAILED;
+    return;
+  }
+  if (!net::X509Certificate::GetDEREncoded(cert->os_cert_handle(),
+                                           &result->certificate)) {
+    DLOG(ERROR) << "Unable to get the DER decoded data from the cert.";
+    result->error = net::ERR_SELF_SIGNED_CERT_GENERATION_FAILED;
+    return;
+  }
+
+  if (!key->ExportPrivateKey(&private_key_info)) {
+    DLOG(ERROR) << "Unable to export private key";
+    result->error = net::ERR_PRIVATE_KEY_EXPORT_FAILED;
+    return;
+  }
+
+  result->private_key =
+      std::string(private_key_info.begin(), private_key_info.end());
+}
+
+}  // namespace
+
+// The class represents a DTLS identity request internal to DTLSIdentityStore.
+// It has a one-to-one mapping to the external version of the request
+// DTLSIdentityRequestHandle, which is the target of the DTLSIdentityRequest's
+// completion callback.
+// It's deleted automatically when the request is completed.
+class DTLSIdentityRequest {
+ public:
+  DTLSIdentityRequest(const DTLSIdentityStore::CompletionCallback& callback)
+      : callback_(callback) {}
+
+ private:
+  friend DTLSIdentityStore;
+
+  void Cancel() {
+    callback_.Reset();
+  }
+
+  void Post(DTLSIdentityRequestResult* result) {
+    if (callback_.is_null())
+      return;
+    callback_.Run(result->error, result->certificate, result->private_key);
+    // "this" will be deleted after this point.
+  }
+
+  DTLSIdentityStore::CompletionCallback callback_;
+};
+
+// The class represents a DTLS identity request which calls back to the external
+// client when the request completes.
+// Its lifetime is tied with the Callback held by the corresponding
+// DTLSIdentityRequest.
+class DTLSIdentityRequestHandle {
+ public:
+  DTLSIdentityRequestHandle(
+      DTLSIdentityStore* store,
+      const DTLSIdentityStore::CompletionCallback& callback)
+      : store_(store),
+        request_(NULL),
+        callback_(callback) {}
+
+ private:
+  friend DTLSIdentityStore;
+
+  // Cancel the request.  Does nothing if the request finished or was already
+  // cancelled.
+  void Cancel() {
+    if (!request_)
+      return;
+
+    callback_.Reset();
+    DTLSIdentityRequest* request = request_;
+    request_ = NULL;
+    // "this" will be deleted after the following call, becuase "this" is
+    // owned by the Callback held by |request|.
+    store_->CancelRequestInternal(request);
+  }
+
+  void OnRequestStarted(DTLSIdentityRequest* request) {
+    DCHECK(request);
+    request_ = request;
+  }
+  void OnRequestComplete(int error,
+                         const std::string& certificate,
+                         const std::string& private_key) {
+    DCHECK(request_);
+    request_ = NULL;
+    base::ResetAndReturn(&callback_).Run(error, certificate, private_key);
+  }
+
+  DTLSIdentityStore* store_;
+  DTLSIdentityRequest* request_;
+  DTLSIdentityStore::CompletionCallback callback_;
+
+  DISALLOW_COPY_AND_ASSIGN(DTLSIdentityRequestHandle);
+};
+
+DTLSIdentityStore::DTLSIdentityStore()
+    : task_runner_(base::WorkerPool::GetTaskRunner(true)) {}

[jam, 2013/06/18 00:03:18]

why are you using base::WorkerPool instead of SequencedWorkerPool? 

[jiayl, 2013/06/18 01:07:55]

It's not necessary to enforce the an order on the tasks, i.e. identities for
different origin/name can be created in any order. So I didn't use
SequcencedWorkerPool.

[jam, 2013/06/18 23:22:45]

sequencing is not the only reason to use sequencedworkerpool. i.e. one can use
it to post random tasks. how slow is this operation?

+
+DTLSIdentityStore::~DTLSIdentityStore() {}
+
+bool DTLSIdentityStore::RequestIdentity(const GURL& origin,
+                                        const std::string& identity_name,
+                                        const std::string& common_name,
+                                        const CompletionCallback& callback,
+                                        base::Closure* canceller) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
+
+  DTLSIdentityRequestHandle* handle = new DTLSIdentityRequestHandle(
+      this, callback);
+
+  DTLSIdentityRequest* request = new DTLSIdentityRequest(
+      base::Bind(&DTLSIdentityRequestHandle::OnRequestComplete,
+                 base::Owned(handle)));
+  handle->OnRequestStarted(request);
+
+  DTLSIdentityRequestResult* result = new DTLSIdentityRequestResult;
+  bool posted = task_runner_->PostTaskAndReply(
+      FROM_HERE,
+      base::Bind(&GenerateIdentityWorker, common_name, result),
+      base::Bind(&DTLSIdentityRequest::Post,
+                 base::Owned(request), base::Owned(result)));
+
+  if (posted && canceller) {

[Ryan Sleevi, 2013/06/17 23:08:34]

This check indicates that the caller need not supply a valid pointer for
canceller.

This creates a confusing API. It would be better to universally require that the
caller supply a valid pointer.

[jiayl, 2013/06/18 01:07:55]

Done.

+    *canceller = base::Bind(&DTLSIdentityRequestHandle::Cancel,
+                            base::Unretained(handle));
+  }
+  return posted;
+}
+
+DTLSIdentityStore::DTLSIdentityStore(
+    const scoped_refptr<base::TaskRunner>& task_runner)
+    : task_runner_(task_runner) {
+}
+
+void DTLSIdentityStore::CancelRequestInternal(DTLSIdentityRequest* request) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
+  request->Cancel();
+}
+
+}  // namespace content