| Index: content/browser/media/dtls_identity_store.cc
|
| diff --git a/content/browser/media/dtls_identity_store.cc b/content/browser/media/dtls_identity_store.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..99c743c43f97ccb425a8ab8a32664417c1850bcf
|
| --- /dev/null
|
| +++ b/content/browser/media/dtls_identity_store.cc
|
| @@ -0,0 +1,104 @@
|
| +// Copyright (c) 2013 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +
|
| +#include "content/browser/media/dtls_identity_store.h"
|
| +
|
| +#include <cert.h>
|
| +
|
| +#include "base/bind.h"
|
| +#include "base/location.h"
|
| +#include "base/logging.h"
|
| +#include "base/rand_util.h"
|
| +#include "base/task_runner.h"
|
| +#include "base/threading/worker_pool.h"
|
| +#include "content/public/browser/browser_thread.h"
|
| +#include "crypto/ec_private_key.h"
|
| +#include "googleurl/src/gurl.h"
|
| +#include "net/cert/x509_util_nss.h"
|
| +
|
| +namespace {
|
| +
|
| +static void GenerateIdentityWorker(
|
| + const GURL& url,
|
| + const std::string& identity_name,
|
| + const std::string& common_name,
|
| + const content::DTLSIdentityStore::OnCompleteCallback& callback) {
|
| + std::string certificate;
|
| + std::vector<uint8> private_key_info;
|
| +
|
| + int serial_number = base::RandInt(0, std::numeric_limits<int>::max());
|
| + base::Time not_valid_before = base::Time::Now();
|
| + base::Time not_valid_after =
|
| + not_valid_before + base::TimeDelta::FromDays(30);
|
| +
|
| + scoped_ptr<crypto::ECPrivateKey> key(crypto::ECPrivateKey::Create());
|
| + if (!key.get()) {
|
| + DLOG(ERROR) << "Unable to create key pair for client";
|
| + return;
|
| + }
|
| +
|
| + CERTCertificate* cert = net::x509_util::CreateSelfSignedCert(
|
| + key->public_key(), key->key(), "CN=" + identity_name,
|
| + serial_number, not_valid_before, not_valid_after);
|
| + if (cert == NULL) {
|
| + DLOG(ERROR) << "Unable to create x509 cert for client";
|
| + return;
|
| + }
|
| + certificate.append(reinterpret_cast<char*>(cert->derCert.data),
|
| + cert->derCert.len);
|
| + CERT_DestroyCertificate(cert);
|
| + cert = NULL;
|
| +
|
| + if (!key->ExportEncryptedPrivateKey("", 1, &private_key_info)) {
|
| + DLOG(ERROR) << "Unable to export private key";
|
| + return;
|
| + }
|
| +
|
| + std::string priveta_key(private_key_info.begin(), private_key_info.end());
|
| +
|
| + content::BrowserThread::PostTask(
|
| + content::BrowserThread::UI,
|
| + FROM_HERE,
|
| + base::Bind(callback, certificate, priveta_key));
|
| +}
|
| +
|
| +} // namespace
|
| +
|
| +namespace content {
|
| +
|
| +DTLSIdentityStore* DTLSIdentityStore::GetInstance() {
|
| + return Singleton<DTLSIdentityStore>::get();
|
| +}
|
| +
|
| +DTLSIdentityStore::DTLSIdentityStore() :
|
| + task_runner_(base::WorkerPool::GetTaskRunner(true)) {
|
| + DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
|
| +}
|
| +
|
| +DTLSIdentityStore::DTLSIdentityStore(
|
| + const scoped_refptr<base::TaskRunner>& task_runner) :
|
| + task_runner_(task_runner) {
|
| + DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
|
| +}
|
| +
|
| +DTLSIdentityStore::~DTLSIdentityStore() {
|
| +}
|
| +
|
| +void DTLSIdentityStore::GetOrGenerateIdentity(
|
| + const GURL& url,
|
| + const std::string& identity_name,
|
| + const std::string& common_name,
|
| + const OnCompleteCallback& callback) {
|
| + DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
|
| +
|
| + // TODO(jiayl): find the cert in the persistent store and generate a new one
|
| + // only when not found.
|
| + task_runner_->PostTask(
|
| + FROM_HERE,
|
| + base::Bind(&GenerateIdentityWorker,
|
| + url, identity_name, common_name, callback));
|
| +}
|
| +
|
| +} // namespace content
|
|
|
Chromium Code Reviews
Issue 15969025:
Generates the DTLS identity in browser process and returns it to render process. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master