Break ChannelIDSigner into two classes: ChannelIDKey and ChannelIDSource.

net/quic/test_tools/crypto_test_utils_openssl.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/test_tools/crypto_test_utils.h"
 
 #include <openssl/bn.h>
 #include <openssl/ec.h>
 #include <openssl/ecdsa.h>
 #include <openssl/evp.h>
@@ skipping 12 matching lines @@
 void EvpMdCtxCleanUp(EVP_MD_CTX* ctx) {
   (void)EVP_MD_CTX_cleanup(ctx);
 }
 
 } // namespace anonymous
 
 namespace net {
 
 namespace test {
 
-class TestChannelIDSigner : public ChannelIDSigner {
+class TestChannelIDKey : public ChannelIDKey {

[wtc, 2014/05/28 22:04:29]

net/quic/test_tools/crypto_test_utils_nss.cc also needs to be modified. The
changes are not too difficult if you understand the changes I made to this file.

You can give it a try. If you get stuck, I have the changes at
https://codereview.chromium.org/303933002/.

  public:
-  virtual ~TestChannelIDSigner() { }
+  explicit TestChannelIDKey(EVP_PKEY* ecdsa_key) : ecdsa_key_(ecdsa_key) {}
+  virtual ~TestChannelIDKey() { }
 
-  // ChannelIDSigner implementation.
+  // ChannelIDKey implementation.
 
-  virtual bool Sign(const string& hostname,
-                    StringPiece signed_data,
-                    string* out_key,
-                    string* out_signature) OVERRIDE {
-    crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> ecdsa_key(
-        HostnameToKey(hostname));
-
-    *out_key = SerializeKey(ecdsa_key.get());
-    if (out_key->empty()) {
-      return false;
-    }
-
+  virtual bool Sign(StringPiece signed_data,
+                    string* out_signature) override {
     EVP_MD_CTX md_ctx;
     EVP_MD_CTX_init(&md_ctx);
     crypto::ScopedOpenSSL<EVP_MD_CTX, EvpMdCtxCleanUp>
         md_ctx_cleanup(&md_ctx);
 
     if (EVP_DigestSignInit(&md_ctx, NULL, EVP_sha256(), NULL,
-                           ecdsa_key.get()) != 1) {
+                           ecdsa_key_.get()) != 1) {
       return false;
     }
 
     EVP_DigestUpdate(&md_ctx, ChannelIDVerifier::kContextStr,
                      strlen(ChannelIDVerifier::kContextStr) + 1);
     EVP_DigestUpdate(&md_ctx, ChannelIDVerifier::kClientToServerStr,
                      strlen(ChannelIDVerifier::kClientToServerStr) + 1);
     EVP_DigestUpdate(&md_ctx, signed_data.data(), signed_data.size());
 
     size_t sig_len;
@@ skipping 19 matching lines @@
     memset(signature.get(), 0, kSignatureLength);
     BN_bn2bin(sig.get()->r, signature.get() + 32 - BN_num_bytes(sig.get()->r));
     BN_bn2bin(sig.get()->s, signature.get() + 64 - BN_num_bytes(sig.get()->s));
 
     *out_signature = string(reinterpret_cast<char*>(signature.get()),
                             kSignatureLength);
 
     return true;
   }
 
-  virtual string GetKeyForHostname(const string& hostname) OVERRIDE {
-    crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> ecdsa_key(
-        HostnameToKey(hostname));
-    return SerializeKey(ecdsa_key.get());
+  virtual string SerializeKey() override {
+    // i2d_PublicKey will produce an ANSI X9.62 public key which, for a P-256
+    // key, is 0x04 (meaning uncompressed) followed by the x and y field
+    // elements as 32-byte, big-endian numbers.
+    static const int kExpectedKeyLength = 65;
+
+    int len = i2d_PublicKey(ecdsa_key_.get(), NULL);
+    if (len != kExpectedKeyLength) {
+      return "";
+    }
+
+    uint8 buf[kExpectedKeyLength];
+    uint8* derp = buf;
+    i2d_PublicKey(ecdsa_key_.get(), &derp);
+
+    return string(reinterpret_cast<char*>(buf + 1), kExpectedKeyLength - 1);
   }
 
  private:
+  crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> ecdsa_key_;
+};
+
+class TestChannelIDSource : public ChannelIDSource {
+ public:
+  virtual ~TestChannelIDSource() {}
+
+  // ChannelIDSource implementation.
+
+  virtual bool GetChannelIDKey(
+      const string& hostname,
+      scoped_ptr<ChannelIDKey>* channel_id_key) override {
+    channel_id_key->reset(new TestChannelIDKey(HostnameToKey(hostname)));
+    return true;
+  }
+
+ private:
   static EVP_PKEY* HostnameToKey(const string& hostname) {
     // In order to generate a deterministic key for a given hostname the
     // hostname is hashed with SHA-256 and the resulting digest is treated as a
     // big-endian number. The most-significant bit is cleared to ensure that
     // the resulting value is less than the order of the group and then it's
     // taken as a private key. Given the private key, the public key is
     // calculated with a group multiplication.
     SHA256_CTX sha256;
     SHA256_Init(&sha256);
     SHA256_Update(&sha256, hostname.data(), hostname.size());
@@ skipping 22 matching lines @@
 
     EC_KEY_set_private_key(ecdsa_key.get(), k.get());
     EC_KEY_set_public_key(ecdsa_key.get(), point.get());
 
     crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> pkey(EVP_PKEY_new());
     // EVP_PKEY_set1_EC_KEY takes a reference so no |release| here.
     EVP_PKEY_set1_EC_KEY(pkey.get(), ecdsa_key.get());
 
     return pkey.release();
   }
-
-  static string SerializeKey(EVP_PKEY* key) {
-    // i2d_PublicKey will produce an ANSI X9.62 public key which, for a P-256
-    // key, is 0x04 (meaning uncompressed) followed by the x and y field
-    // elements as 32-byte, big-endian numbers.
-    static const int kExpectedKeyLength = 65;
-
-    int len = i2d_PublicKey(key, NULL);
-    if (len != kExpectedKeyLength) {
-      return "";
-    }
-
-    uint8 buf[kExpectedKeyLength];
-    uint8* derp = buf;
-    i2d_PublicKey(key, &derp);
-
-    return string(reinterpret_cast<char*>(buf + 1), kExpectedKeyLength - 1);
-  }
 };
 
 // static
-ChannelIDSigner* CryptoTestUtils::ChannelIDSignerForTesting() {
-  return new TestChannelIDSigner();
+ChannelIDSource* CryptoTestUtils::ChannelIDSourceForTesting() {
+  return new TestChannelIDSource();
 }
 
 }  // namespace test
 
 }  // namespace net