OLD | NEW |
| (Empty) |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef NET_BASE_KEYGEN_HANDLER_H_ | |
6 #define NET_BASE_KEYGEN_HANDLER_H_ | |
7 | |
8 #include <memory> | |
9 #include <string> | |
10 | |
11 #include "base/callback_forward.h" | |
12 #include "build/build_config.h" | |
13 #include "net/base/net_export.h" | |
14 #include "url/gurl.h" | |
15 | |
16 namespace crypto { | |
17 class NSSCryptoModuleDelegate; | |
18 } | |
19 | |
20 namespace net { | |
21 | |
22 // This class handles keypair generation for generating client | |
23 // certificates via the <keygen> tag. | |
24 // <http://dev.w3.org/html5/spec/Overview.html#the-keygen-element> | |
25 // <https://developer.mozilla.org/En/HTML/HTML_Extensions/KEYGEN_Tag> | |
26 | |
27 class NET_EXPORT KeygenHandler { | |
28 public: | |
29 // Creates a handler that will generate a key with the given key size and | |
30 // incorporate the |challenge| into the Netscape SPKAC structure. The request | |
31 // for the key originated from |url|. | |
32 KeygenHandler(int key_size_in_bits, | |
33 const std::string& challenge, | |
34 const GURL& url); | |
35 ~KeygenHandler(); | |
36 | |
37 // Actually generates the key-pair and the cert request (SPKAC), and returns | |
38 // a base64-encoded string suitable for use as the form value of <keygen>. | |
39 std::string GenKeyAndSignChallenge(); | |
40 | |
41 // Exposed only for unit tests. | |
42 void set_stores_key(bool store) { stores_key_ = store;} | |
43 | |
44 #if defined(USE_NSS_CERTS) | |
45 // Register the delegate to be used to get the token to store the key in, and | |
46 // to get the password if the token is unauthenticated. | |
47 // GenKeyAndSignChallenge runs on a worker thread, so using a blocking | |
48 // password callback is okay here. | |
49 void set_crypto_module_delegate( | |
50 std::unique_ptr<crypto::NSSCryptoModuleDelegate> delegate); | |
51 #endif // defined(USE_NSS_CERTS) | |
52 | |
53 private: | |
54 int key_size_in_bits_; // key size in bits (usually 2048) | |
55 std::string challenge_; // challenge string sent by server | |
56 GURL url_; // the URL that requested the key | |
57 bool stores_key_; // should the generated key-pair be stored persistently? | |
58 #if defined(USE_NSS_CERTS) | |
59 // The callback for requesting a password to the PKCS#11 token. | |
60 std::unique_ptr<crypto::NSSCryptoModuleDelegate> crypto_module_delegate_; | |
61 #endif // defined(USE_NSS_CERTS) | |
62 }; | |
63 | |
64 } // namespace net | |
65 | |
66 #endif // NET_BASE_KEYGEN_HANDLER_H_ | |
OLD | NEW |