content/renderer/media/peer_connection_identity_store.cc - Issue 1740993002: RTCPeerConnection.generateCertificate: Optionally specify expiration.

Side by Side Diff: content/renderer/media/peer_connection_identity_store.cc

Issue 1740993002: RTCPeerConnection.generateCertificate: Optionally specify expiration. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: ...and generateCertificateExpires signature Created 4 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« content/renderer/media/peer_connection_identity_store.h ('K') | « content/renderer/media/peer_connection_identity_store.h ('k') | content/renderer/media/rtc_certificate_generator.h » ('j') | content/renderer/media/rtc_certificate_generator.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/renderer/media/peer_connection_identity_store.h"	5 #include "content/renderer/media/peer_connection_identity_store.h"

6	6

7 #include "base/bind.h"	7 #include "base/bind.h"

8 #include "base/macros.h"	8 #include "base/macros.h"

9 #include "base/memory/scoped_ptr.h"	9 #include "base/memory/scoped_ptr.h"

10 #include "base/thread_task_runner_handle.h"	10 #include "base/thread_task_runner_handle.h"

11 #include "content/renderer/media/webrtc_identity_service.h"	11 #include "content/renderer/media/webrtc_identity_service.h"

12 #include "content/renderer/render_thread_impl.h"	12 #include "content/renderer/render_thread_impl.h"

13	13

14 namespace content {	14 namespace content {

15 namespace {	15 namespace {

16	16

17 const char kIdentityName[] = "WebRTC";	17 const char kIdentityName[] = "WebRTC";

18 static unsigned int kRSAChromiumKeyLength = 1024;	18 static unsigned int kRSAChromiumKeyLength = 1024;

19 static unsigned int kRSAChromiumPubExp = 0x10001;	19 static unsigned int kRSAChromiumPubExp = 0x10001;

	20 static uint64_t kYearInSeconds = 365 * 24 * 60 * 60;

20	21

21 // Bridges identity requests between the main render thread and libjingle's	22 // Bridges identity requests between the main render thread and libjingle's

22 // signaling thread.	23 // signaling thread.

23 class RequestHandler : public base::RefCountedThreadSafe<RequestHandler> {	24 class RequestHandler : public base::RefCountedThreadSafe<RequestHandler> {

24 public:	25 public:

25 explicit RequestHandler(	26 explicit RequestHandler(

26 const scoped_refptr<base::SingleThreadTaskRunner>& main_thread,	27 const scoped_refptr<base::SingleThreadTaskRunner>& main_thread,

27 const scoped_refptr<base::SingleThreadTaskRunner>& signaling_thread,	28 const scoped_refptr<base::SingleThreadTaskRunner>& signaling_thread,

28 webrtc::DtlsIdentityRequestObserver* observer)	29 webrtc::DtlsIdentityRequestObserver* observer)

29 : main_thread_(main_thread),	30 : main_thread_(main_thread),

(...skipping 78 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
108 first_party_for_cookies_(first_party_for_cookies) {	109 first_party_for_cookies_(first_party_for_cookies) {

109 DCHECK(main_thread_);	110 DCHECK(main_thread_);

110 DCHECK(signaling_thread_);	111 DCHECK(signaling_thread_);

111 }	112 }

112	113

113 PeerConnectionIdentityStore::~PeerConnectionIdentityStore() {	114 PeerConnectionIdentityStore::~PeerConnectionIdentityStore() {

114 // Typically destructed on libjingle's signaling thread.	115 // Typically destructed on libjingle's signaling thread.

115 }	116 }

116	117

117 void PeerConnectionIdentityStore::RequestIdentity(	118 void PeerConnectionIdentityStore::RequestIdentity(

118 rtc::KeyParams key_params,	119 const rtc::KeyParams& key_params,

	120 const rtc::Optional<uint64_t>& expires_ms,

119 const rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>& observer) {	121 const rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>& observer) {

120 DCHECK(signaling_thread_->BelongsToCurrentThread());	122 DCHECK(signaling_thread_->BelongsToCurrentThread());

121 DCHECK(observer);	123 DCHECK(observer);

122	124

123 // TODO(torbjorng): crbug.com/544902. RequestIdentityOnUIThread uses Chromium	125 // TODO(torbjorng): crbug.com/544902. RequestIdentityOnUIThread uses Chromium

124 // key generation code with the assumption that it will generate with the	126 // key generation code with the assumption that it will generate with the

125 // following rsa_params(). This assumption should not be implicit! Either pass	127 // following rsa_params(). This assumption should not be implicit! Either pass

126 // the parameters along or check against constants exported from relevant	128 // the parameters along or check against constants exported from relevant

127 // header file(s).	129 // header file(s).

128 if (key_params.type() == rtc::KT_RSA &&	130 if (key_params.type() == rtc::KT_RSA &&

129 key_params.rsa_params().mod_size == kRSAChromiumKeyLength &&	131 key_params.rsa_params().mod_size == kRSAChromiumKeyLength &&

130 key_params.rsa_params().pub_exp == kRSAChromiumPubExp) {	132 key_params.rsa_params().pub_exp == kRSAChromiumPubExp &&

	133 !expires_ms) {

131 // Use Chromium identity generation code for its hardwired parameters (RSA,	134 // Use Chromium identity generation code for its hardwired parameters (RSA,

132 // 1024, 0x10001). This generation code is preferred over WebRTC generation	135 // 1024, 0x10001). This generation code is preferred over WebRTC generation

133 // code due to the performance benefits of caching.	136 // code due to the performance benefits of caching.

134 scoped_refptr<RequestHandler> handler(	137 scoped_refptr<RequestHandler> handler(

135 new RequestHandler(main_thread_, signaling_thread_, observer));	138 new RequestHandler(main_thread_, signaling_thread_, observer));

136 main_thread_->PostTask(	139 main_thread_->PostTask(

137 FROM_HERE,	140 FROM_HERE,

138 base::Bind(&RequestHandler::RequestIdentityOnMainThread, handler, url_,	141 base::Bind(&RequestHandler::RequestIdentityOnMainThread, handler, url_,

139 first_party_for_cookies_));	142 first_party_for_cookies_));

140 } else {	143 } else {

141 // Fall back on WebRTC identity generation code for everything else, e.g.	144 // Fall back on WebRTC identity generation code for everything else, e.g.

142 // RSA with any other parameters or ECDSA. These will not be cached.	145 // RSA with any other parameters or ECDSA. These will not be cached.

143 scoped_ptr<rtc::SSLIdentity> identity(rtc::SSLIdentity::Generate(	146 scoped_ptr<rtc::SSLIdentity> identity;

144 kIdentityName, key_params));	147 if (!expires_ms) {

	148 identity.reset(rtc::SSLIdentity::Generate(kIdentityName, key_params));

	149 } else {

	150 uint64_t expires_s = *expires_ms / 1000;

	151 // Limit the expiration time to something reasonable (a year). This also

	152 // ensures that the value is not too large for time_t.

	153 if (expires_s > kYearInSeconds)

	154 expires_s = kYearInSeconds;

	155 identity.reset(rtc::SSLIdentity::Generate(

	156 kIdentityName, key_params, static_cast<time_t>(expires_s)));
	Ryan Sleevi 2016/03/08 17:06:10 BUG: You cannot do this sort of cast. There's no g BUG: You cannot do this sort of cast. There's no guarantee that time_t is expressed like this. Explicitly convert (e.g. using base::Time) hbos_chromium 2016/04/13 17:03:08 From JavaScript we get a uint64_t timestamp. We wa Show quoted text On 2016/03/08 17:06:10, Ryan Sleevi wrote: > BUG: You cannot do this sort of cast. There's no guarantee that time_t is > expressed like this. > > Explicitly convert (e.g. using base::Time) From JavaScript we get a uint64_t timestamp. We want to use this all the way down but lower layer stuff uses time_t, we have no choice but to convert in at least one of the layers, preferrably we only convert once, thus uint64_t -> time_t. Introducing more conversion steps, say by using base::Time, would only increase the risk of errors and not add anything since the parameter is just passed around. You correctly pointed out that in a different CL (https://codereview.webrtc.org/1683193003/) that OpenSSL has other API which means we ultimately don't have to use time_t. TODOs and a bug (https://bugs.chromium.org/p/webrtc/issues/detail?id=5720) has been created to update SSLIdentity::Generate not to use time_t, in the meantime it is safe to assume that time_t can hold up to a year's worth of seconds (and the if-statement before the static_cast ensures that \|expres_s\| is not larger than this). I agree that we should stop using time_t and I have added a TODO with the bug in the comment in this CL, but I don't think it should block this CL. hbos_chromium 2016/04/13 17:09:39 PS I have a CL in the works that will use uint64_t Show quoted text On 2016/04/13 17:03:08, hbos_chromium wrote: > On 2016/03/08 17:06:10, Ryan Sleevi wrote: > > BUG: You cannot do this sort of cast. There's no guarantee that time_t is > > expressed like this. > > > > Explicitly convert (e.g. using base::Time) > > From JavaScript we get a uint64_t timestamp. We want to use this all the way > down but lower layer stuff uses time_t, we have no choice but to convert in at > least one of the layers, preferrably we only convert once, thus uint64_t -> > time_t. Introducing more conversion steps, say by using base::Time, would only > increase the risk of errors and not add anything since the parameter is just > passed around. > > You correctly pointed out that in a different CL > (https://codereview.webrtc.org/1683193003/) that OpenSSL has other API which > means we ultimately don't have to use time_t. TODOs and a bug > (https://bugs.chromium.org/p/webrtc/issues/detail?id=5720) has been created to > update SSLIdentity::Generate not to use time_t, in the meantime it is safe to > assume that time_t can hold up to a year's worth of seconds (and the > if-statement before the static_cast ensures that \|expres_s\| is not larger than > this). > > I agree that we should stop using time_t and I have added a TODO with the bug in > the comment in this CL, but I don't think it should block this CL. PS I have a CL in the works that will use uint64_t for its API to be called from here instead of SSLIdentity::Generate, so that the \|expires_ms\| parameter can be passed around all the way down to the webrtc repo code. (Though until webrtc:5720 is fixed a static_cast is inevitable, but it then occurs at a lower layer and in the webrtc repo.) hbos_chromium 2016/04/18 10:04:27 Hang on, I'll patch to use this now before asking Show quoted text On 2016/04/13 17:09:39, hbos_chromium wrote: > On 2016/04/13 17:03:08, hbos_chromium wrote: > > On 2016/03/08 17:06:10, Ryan Sleevi wrote: > > > BUG: You cannot do this sort of cast. There's no guarantee that time_t is > > > expressed like this. > > > > > > Explicitly convert (e.g. using base::Time) > > > > From JavaScript we get a uint64_t timestamp. We want to use this all the way > > down but lower layer stuff uses time_t, we have no choice but to convert in at > > least one of the layers, preferrably we only convert once, thus uint64_t -> > > time_t. Introducing more conversion steps, say by using base::Time, would only > > increase the risk of errors and not add anything since the parameter is just > > passed around. > > > > You correctly pointed out that in a different CL > > (https://codereview.webrtc.org/1683193003/) that OpenSSL has other API which > > means we ultimately don't have to use time_t. TODOs and a bug > > (https://bugs.chromium.org/p/webrtc/issues/detail?id=5720) has been created to > > update SSLIdentity::Generate not to use time_t, in the meantime it is safe to > > assume that time_t can hold up to a year's worth of seconds (and the > > if-statement before the static_cast ensures that \|expres_s\| is not larger than > > this). > > > > I agree that we should stop using time_t and I have added a TODO with the bug > in > > the comment in this CL, but I don't think it should block this CL. > > PS I have a CL in the works that will use uint64_t for its API to be called from > here instead of SSLIdentity::Generate, so that the \|expires_ms\| parameter can be > passed around all the way down to the webrtc repo code. (Though until > webrtc:5720 is fixed a static_cast is inevitable, but it then occurs at a lower > layer and in the webrtc repo.) Hang on, I'll patch to use this now before asking to PTAL again. hbos_chromium 2016/04/18 13:23:59 Nevermind, using the new API should be done separa Show quoted text On 2016/04/18 10:04:27, hbos_chromium wrote: > On 2016/04/13 17:09:39, hbos_chromium wrote: > > On 2016/04/13 17:03:08, hbos_chromium wrote: > > > On 2016/03/08 17:06:10, Ryan Sleevi wrote: > > > > BUG: You cannot do this sort of cast. There's no guarantee that time_t is > > > > expressed like this. > > > > > > > > Explicitly convert (e.g. using base::Time) > > > > > > From JavaScript we get a uint64_t timestamp. We want to use this all the way > > > down but lower layer stuff uses time_t, we have no choice but to convert in > at > > > least one of the layers, preferrably we only convert once, thus uint64_t -> > > > time_t. Introducing more conversion steps, say by using base::Time, would > only > > > increase the risk of errors and not add anything since the parameter is just > > > passed around. > > > > > > You correctly pointed out that in a different CL > > > (https://codereview.webrtc.org/1683193003/) that OpenSSL has other API which > > > means we ultimately don't have to use time_t. TODOs and a bug > > > (https://bugs.chromium.org/p/webrtc/issues/detail?id=5720) has been created > to > > > update SSLIdentity::Generate not to use time_t, in the meantime it is safe > to > > > assume that time_t can hold up to a year's worth of seconds (and the > > > if-statement before the static_cast ensures that \|expres_s\| is not larger > than > > > this). > > > > > > I agree that we should stop using time_t and I have added a TODO with the > bug > > in > > > the comment in this CL, but I don't think it should block this CL. > > > > PS I have a CL in the works that will use uint64_t for its API to be called > from > > here instead of SSLIdentity::Generate, so that the \|expires_ms\| parameter can > be > > passed around all the way down to the webrtc repo code. (Though until > > webrtc:5720 is fixed a static_cast is inevitable, but it then occurs at a > lower > > layer and in the webrtc repo.) > > Hang on, I'll patch to use this now before asking to PTAL again. Nevermind, using the new API should be done separately, starting to use it before future cleanup work is done is like jumping through an extra hoop since another roll would be necessary. Please review as-is.
	157 }

145	158

146 // Invoke \|observer\| callbacks asynchronously. The callbacks of	159 // Invoke \|observer\| callbacks asynchronously. The callbacks of

147 // DtlsIdentityStoreInterface implementations have to be async.	160 // DtlsIdentityStoreInterface implementations have to be async.

148 if (identity) {	161 if (identity) {

149 // Async call to \|observer\|->OnSuccess.	162 // Async call to \|observer\|->OnSuccess.

150 // Helper function necessary because OnSuccess takes an rtc::scoped_ptr	163 // Helper function necessary because OnSuccess takes an rtc::scoped_ptr

151 // argument which has to be Pass()-ed. base::Passed gets around this for	164 // argument which has to be Pass()-ed. base::Passed gets around this for

152 // scoped_ptr (without rtc namespace), but not for rtc::scoped_ptr.	165 // scoped_ptr (without rtc namespace), but not for rtc::scoped_ptr.

153 signaling_thread_->PostTask(FROM_HERE,	166 signaling_thread_->PostTask(FROM_HERE,

154 base::Bind(&ObserverOnSuccess, observer, base::Passed(&identity)));	167 base::Bind(&ObserverOnSuccess, observer, base::Passed(&identity)));

155 } else {	168 } else {

156 // Async call to \|observer\|->OnFailure.	169 // Async call to \|observer\|->OnFailure.

157 signaling_thread_->PostTask(FROM_HERE,	170 signaling_thread_->PostTask(FROM_HERE,

158 base::Bind(&webrtc::DtlsIdentityRequestObserver::OnFailure,	171 base::Bind(&webrtc::DtlsIdentityRequestObserver::OnFailure,

159 observer, 0));	172 observer, 0));

160 }	173 }

161 }	174 }

162 }	175 }

163	176

164 } // namespace content	177 } // namespace content

OLD	NEW