RTCPeerConnection.generateCertificate: Optionally specify expiration.

content/renderer/media/peer_connection_identity_store.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/renderer/media/peer_connection_identity_store.h"
 
 #include "base/bind.h"
 #include "base/macros.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/thread_task_runner_handle.h"
 #include "content/renderer/media/webrtc_identity_service.h"
 #include "content/renderer/render_thread_impl.h"
 
 namespace content {
 namespace {
 
 const char kIdentityName[] = "WebRTC";
 static unsigned int kRSAChromiumKeyLength = 1024;
 static unsigned int kRSAChromiumPubExp = 0x10001;
+static uint64_t kYearInSeconds = 365 * 24 * 60 * 60;
 
 // Bridges identity requests between the main render thread and libjingle's
 // signaling thread.
 class RequestHandler : public base::RefCountedThreadSafe<RequestHandler> {
  public:
   explicit RequestHandler(
       const scoped_refptr<base::SingleThreadTaskRunner>& main_thread,
       const scoped_refptr<base::SingleThreadTaskRunner>& signaling_thread,
       webrtc::DtlsIdentityRequestObserver* observer)
       : main_thread_(main_thread),
@@ skipping 79 matching lines @@
   DCHECK(main_thread_);
   DCHECK(signaling_thread_);
 }
 
 PeerConnectionIdentityStore::~PeerConnectionIdentityStore() {
   // Typically destructed on libjingle's signaling thread.
 }
 
 void PeerConnectionIdentityStore::RequestIdentity(
     rtc::KeyParams key_params,
+    rtc::Optional<uint64_t> expires_ms,

[tommi (sloooow) - chröme, 2016/03/04 09:55:40]

Is there a reason why the arguments need to be passed by value?

[hbos_chromium, 2016/03/04 12:24:11]

No, will update webrtc interface to use const&, roll and then update this.

     const rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>& observer) {
   DCHECK(signaling_thread_->BelongsToCurrentThread());
   DCHECK(observer);
 
   // TODO(torbjorng): crbug.com/544902. RequestIdentityOnUIThread uses Chromium
   // key generation code with the assumption that it will generate with the
   // following rsa_params(). This assumption should not be implicit! Either pass
   // the parameters along or check against constants exported from relevant
   // header file(s).
   if (key_params.type() == rtc::KT_RSA &&
       key_params.rsa_params().mod_size == kRSAChromiumKeyLength &&
-      key_params.rsa_params().pub_exp == kRSAChromiumPubExp) {
+      key_params.rsa_params().pub_exp == kRSAChromiumPubExp &&
+      !expires_ms) {
     // Use Chromium identity generation code for its hardwired parameters (RSA,
     // 1024, 0x10001). This generation code is preferred over WebRTC generation
     // code due to the performance benefits of caching.
     scoped_refptr<RequestHandler> handler(
         new RequestHandler(main_thread_, signaling_thread_, observer));
     main_thread_->PostTask(
         FROM_HERE,
         base::Bind(&RequestHandler::RequestIdentityOnMainThread, handler, url_,
                    first_party_for_cookies_));
   } else {
     // Fall back on WebRTC identity generation code for everything else, e.g.
     // RSA with any other parameters or ECDSA. These will not be cached.
-    scoped_ptr<rtc::SSLIdentity> identity(rtc::SSLIdentity::Generate(
-        kIdentityName, key_params));
+    scoped_ptr<rtc::SSLIdentity> identity;
+    if (!expires_ms) {
+      identity.reset(rtc::SSLIdentity::Generate(kIdentityName, key_params));
+    } else {
+      uint64_t expires_s = *expires_ms / 1000;
+      // Limit the expiration time to something reasonable (a year). This also
+      // ensures that the value is not too large for time_t.

[hbos_chromium, 2016/03/04 09:26:31]

Spec: "a user agent may choose to limit the period over which an RTCCertificate
is valid"

[tommi (sloooow) - chröme, 2016/03/04 09:55:40]

Was there a discussion on what is reasonable or is a year arbitrarily chosen?
(I'm not disagreeing with it, just curious)

[hbos_chromium, 2016/03/04 12:24:11]

Rather arbitrarily, could have chosen something else. (We need some sort of
check here though since uint64_t could be larger than time_t.)

+      if (expires_s > kYearInSeconds)
+        expires_s = kYearInSeconds;
+      identity.reset(rtc::SSLIdentity::Generate(
+          kIdentityName, key_params, static_cast<time_t>(expires_s)));
+    }
 
     // Invoke |observer| callbacks asynchronously. The callbacks of
     // DtlsIdentityStoreInterface implementations have to be async.
     if (identity) {
       // Async call to |observer|->OnSuccess.
       // Helper function necessary because OnSuccess takes an rtc::scoped_ptr
       // argument which has to be Pass()-ed. base::Passed gets around this for
       // scoped_ptr (without rtc namespace), but not for rtc::scoped_ptr.
       signaling_thread_->PostTask(FROM_HERE,
           base::Bind(&ObserverOnSuccess, observer, base::Passed(&identity)));
     } else {
       // Async call to |observer|->OnFailure.
       signaling_thread_->PostTask(FROM_HERE,
           base::Bind(&webrtc::DtlsIdentityRequestObserver::OnFailure,
                      observer, 0));
     }
   }
 }
 
 }  // namespace content