OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_BASE_KEYGEN_HANDLER_H_ | 5 #ifndef NET_BASE_KEYGEN_HANDLER_H_ |
6 #define NET_BASE_KEYGEN_HANDLER_H_ | 6 #define NET_BASE_KEYGEN_HANDLER_H_ |
7 | 7 |
8 #include <map> | |
9 #include <string> | 8 #include <string> |
10 | 9 |
11 #include "base/lock.h" | |
12 #include "base/singleton.h" | |
13 | |
14 namespace net { | 10 namespace net { |
15 | 11 |
16 // This class handles keypair generation for generating client | 12 // This class handles keypair generation for generating client |
17 // certificates via the <keygen> tag. | 13 // certificates via the <keygen> tag. |
18 // <http://dev.w3.org/html5/spec/Overview.html#the-keygen-element> | 14 // <http://dev.w3.org/html5/spec/Overview.html#the-keygen-element> |
19 // <https://developer.mozilla.org/En/HTML/HTML_Extensions/KEYGEN_Tag> | 15 // <https://developer.mozilla.org/En/HTML/HTML_Extensions/KEYGEN_Tag> |
20 | 16 |
21 class KeygenHandler { | 17 class KeygenHandler { |
22 public: | 18 public: |
23 // This class stores the relative location for a given private key. It does | |
24 // not store the private key, or a handle to the private key, on the basis | |
25 // that the key may be located on a smart card or device which may not be | |
26 // present at the time of retrieval. | |
27 class KeyLocation { | |
28 public: | |
29 #if defined(OS_WIN) | |
30 std::wstring container_name; | |
31 std::wstring provider_name; | |
32 #elif defined(OS_MACOSX) | |
33 std::string keychain_path; | |
34 #elif defined(USE_NSS) | |
35 std::string slot_name; | |
36 #endif | |
37 | |
38 // Only used by unit tests. | |
39 bool Equals(const KeyLocation& location) const; | |
40 }; | |
41 | |
42 // This class stores information about the keys the KeygenHandler has | |
43 // generated, so that the private keys can be properly associated with any | |
44 // certificates that might be sent to the client based on those keys. | |
45 // TODO(wtc): consider adding a Remove() method. | |
46 class Cache { | |
47 public: | |
48 static Cache* GetInstance(); | |
49 void Insert(const std::string& public_key_info, | |
50 const KeyLocation& location); | |
51 | |
52 // True if the |public_key_info| was located and the location stored into | |
53 // |*location|. | |
54 bool Find(const std::string& public_key_info, KeyLocation* location); | |
55 | |
56 private: | |
57 typedef std::map<std::string, KeyLocation> KeyLocationMap; | |
58 | |
59 // Obtain an instance of the KeyCache by using GetInstance(). | |
60 Cache() {} | |
61 friend struct DefaultSingletonTraits<Cache>; | |
62 | |
63 Lock lock_; | |
64 | |
65 // The key cache. You must obtain |lock_| before using |cache_|. | |
66 KeyLocationMap cache_; | |
67 | |
68 DISALLOW_COPY_AND_ASSIGN(Cache); | |
69 }; | |
70 | |
71 // Creates a handler that will generate a key with the given key size | 19 // Creates a handler that will generate a key with the given key size |
72 // and incorporate the |challenge| into the Netscape SPKAC structure. | 20 // and incorporate the |challenge| into the Netscape SPKAC structure. |
73 inline KeygenHandler(int key_size_in_bits, const std::string& challenge); | 21 inline KeygenHandler(int key_size_in_bits, const std::string& challenge); |
74 | 22 |
75 // Actually generates the key-pair and the cert request (SPKAC), and returns | 23 // Actually generates the key-pair and the cert request (SPKAC), and returns |
76 // a base64-encoded string suitable for use as the form value of <keygen>. | 24 // a base64-encoded string suitable for use as the form value of <keygen>. |
77 std::string GenKeyAndSignChallenge(); | 25 std::string GenKeyAndSignChallenge(); |
78 | 26 |
79 // Exposed only for unit tests. | 27 // Exposed only for unit tests. |
80 void set_stores_key(bool store) { stores_key_ = store;} | 28 void set_stores_key(bool store) { stores_key_ = store;} |
81 | 29 |
82 private: | 30 private: |
83 int key_size_in_bits_; // key size in bits (usually 2048) | 31 int key_size_in_bits_; // key size in bits (usually 2048) |
84 std::string challenge_; // challenge string sent by server | 32 std::string challenge_; // challenge string sent by server |
85 bool stores_key_; // should the generated key-pair be stored persistently? | 33 bool stores_key_; // should the generated key-pair be stored persistently? |
86 }; | 34 }; |
87 | 35 |
88 KeygenHandler::KeygenHandler(int key_size_in_bits, | 36 KeygenHandler::KeygenHandler(int key_size_in_bits, |
89 const std::string& challenge) | 37 const std::string& challenge) |
90 : key_size_in_bits_(key_size_in_bits), | 38 : key_size_in_bits_(key_size_in_bits), |
91 challenge_(challenge), | 39 challenge_(challenge), |
92 stores_key_(true) { | 40 stores_key_(true) { |
93 } | 41 } |
94 | 42 |
95 } // namespace net | 43 } // namespace net |
96 | 44 |
97 #endif // NET_BASE_KEYGEN_HANDLER_H_ | 45 #endif // NET_BASE_KEYGEN_HANDLER_H_ |
OLD | NEW |