| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/channel_id_chromium.h" | 5 #include "net/quic/crypto/channel_id_chromium.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/stl_util.h" | 9 #include "base/stl_util.h" |
| 10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
| 11 #include "crypto/ec_private_key.h" | 11 #include "crypto/ec_private_key.h" |
| 12 #include "crypto/ec_signature_creator.h" | 12 #include "crypto/ec_signature_creator.h" |
| 13 #include "net/base/net_errors.h" | 13 #include "net/base/net_errors.h" |
| 14 #include "net/cert/asn1_util.h" | 14 #include "net/cert/asn1_util.h" |
| 15 #include "net/ssl/server_bound_cert_service.h" | 15 #include "net/ssl/channel_id_service.h" |
| 16 | 16 |
| 17 namespace net { | 17 namespace net { |
| 18 | 18 |
| 19 ChannelIDKeyChromium::ChannelIDKeyChromium( | 19 ChannelIDKeyChromium::ChannelIDKeyChromium( |
| 20 crypto::ECPrivateKey* ec_private_key) | 20 crypto::ECPrivateKey* ec_private_key) |
| 21 : ec_private_key_(ec_private_key) {} | 21 : ec_private_key_(ec_private_key) {} |
| 22 | 22 |
| 23 ChannelIDKeyChromium::~ChannelIDKeyChromium() {} | 23 ChannelIDKeyChromium::~ChannelIDKeyChromium() {} |
| 24 | 24 |
| 25 bool ChannelIDKeyChromium::Sign(base::StringPiece signed_data, | 25 bool ChannelIDKeyChromium::Sign(base::StringPiece signed_data, |
| (...skipping 29 matching lines...) Loading... |
| 55 } | 55 } |
| 56 return out_key; | 56 return out_key; |
| 57 } | 57 } |
| 58 | 58 |
| 59 // A Job handles the lookup of a single channel ID. It is owned by the | 59 // A Job handles the lookup of a single channel ID. It is owned by the |
| 60 // ChannelIDSource. If the operation can not complete synchronously, it will | 60 // ChannelIDSource. If the operation can not complete synchronously, it will |
| 61 // notify the ChannelIDSource upon completion. | 61 // notify the ChannelIDSource upon completion. |
| 62 class ChannelIDSourceChromium::Job { | 62 class ChannelIDSourceChromium::Job { |
| 63 public: | 63 public: |
| 64 Job(ChannelIDSourceChromium* channel_id_source, | 64 Job(ChannelIDSourceChromium* channel_id_source, |
| 65 ServerBoundCertService* server_bound_cert_service); | 65 ChannelIDService* channel_id_service); |
| 66 | 66 |
| 67 // Starts the channel ID lookup. If |QUIC_PENDING| is returned, then | 67 // Starts the channel ID lookup. If |QUIC_PENDING| is returned, then |
| 68 // |callback| will be invoked asynchronously when the operation completes. | 68 // |callback| will be invoked asynchronously when the operation completes. |
| 69 QuicAsyncStatus GetChannelIDKey(const std::string& hostname, | 69 QuicAsyncStatus GetChannelIDKey(const std::string& hostname, |
| 70 scoped_ptr<ChannelIDKey>* channel_id_key, | 70 scoped_ptr<ChannelIDKey>* channel_id_key, |
| 71 ChannelIDSourceCallback* callback); | 71 ChannelIDSourceCallback* callback); |
| 72 | 72 |
| 73 private: | 73 private: |
| 74 enum State { | 74 enum State { |
| 75 STATE_NONE, | 75 STATE_NONE, |
| 76 STATE_GET_CHANNEL_ID_KEY, | 76 STATE_GET_CHANNEL_ID_KEY, |
| 77 STATE_GET_CHANNEL_ID_KEY_COMPLETE, | 77 STATE_GET_CHANNEL_ID_KEY_COMPLETE, |
| 78 }; | 78 }; |
| 79 | 79 |
| 80 int DoLoop(int last_io_result); | 80 int DoLoop(int last_io_result); |
| 81 void OnIOComplete(int result); | 81 void OnIOComplete(int result); |
| 82 int DoGetChannelIDKey(int result); | 82 int DoGetChannelIDKey(int result); |
| 83 int DoGetChannelIDKeyComplete(int result); | 83 int DoGetChannelIDKeyComplete(int result); |
| 84 | 84 |
| 85 // Channel ID source to notify when this jobs completes. | 85 // Channel ID source to notify when this jobs completes. |
| 86 ChannelIDSourceChromium* const channel_id_source_; | 86 ChannelIDSourceChromium* const channel_id_source_; |
| 87 | 87 |
| 88 ServerBoundCertService* const server_bound_cert_service_; | 88 ChannelIDService* const channel_id_service_; |
| 89 | 89 |
| 90 std::string channel_id_private_key_; | 90 std::string channel_id_private_key_; |
| 91 std::string channel_id_cert_; | 91 std::string channel_id_cert_; |
| 92 ServerBoundCertService::RequestHandle channel_id_request_handle_; | 92 ChannelIDService::RequestHandle channel_id_request_handle_; |
| 93 | 93 |
| 94 // |hostname| specifies the hostname for which we need a channel ID. | 94 // |hostname| specifies the hostname for which we need a channel ID. |
| 95 std::string hostname_; | 95 std::string hostname_; |
| 96 | 96 |
| 97 scoped_ptr<ChannelIDSourceCallback> callback_; | 97 scoped_ptr<ChannelIDSourceCallback> callback_; |
| 98 | 98 |
| 99 scoped_ptr<ChannelIDKey> channel_id_key_; | 99 scoped_ptr<ChannelIDKey> channel_id_key_; |
| 100 | 100 |
| 101 State next_state_; | 101 State next_state_; |
| 102 | 102 |
| 103 DISALLOW_COPY_AND_ASSIGN(Job); | 103 DISALLOW_COPY_AND_ASSIGN(Job); |
| 104 }; | 104 }; |
| 105 | 105 |
| 106 ChannelIDSourceChromium::Job::Job( | 106 ChannelIDSourceChromium::Job::Job( |
| 107 ChannelIDSourceChromium* channel_id_source, | 107 ChannelIDSourceChromium* channel_id_source, |
| 108 ServerBoundCertService* server_bound_cert_service) | 108 ChannelIDService* channel_id_service) |
| 109 : channel_id_source_(channel_id_source), | 109 : channel_id_source_(channel_id_source), |
| 110 server_bound_cert_service_(server_bound_cert_service), | 110 channel_id_service_(channel_id_service), |
| 111 next_state_(STATE_NONE) { | 111 next_state_(STATE_NONE) { |
| 112 } | 112 } |
| 113 | 113 |
| 114 QuicAsyncStatus ChannelIDSourceChromium::Job::GetChannelIDKey( | 114 QuicAsyncStatus ChannelIDSourceChromium::Job::GetChannelIDKey( |
| 115 const std::string& hostname, | 115 const std::string& hostname, |
| 116 scoped_ptr<ChannelIDKey>* channel_id_key, | 116 scoped_ptr<ChannelIDKey>* channel_id_key, |
| 117 ChannelIDSourceCallback* callback) { | 117 ChannelIDSourceCallback* callback) { |
| 118 DCHECK(channel_id_key); | 118 DCHECK(channel_id_key); |
| 119 DCHECK(callback); | 119 DCHECK(callback); |
| 120 | 120 |
| (...skipping 49 matching lines...) Loading... |
| 170 scoped_ptr<ChannelIDSourceCallback> callback(callback_.release()); | 170 scoped_ptr<ChannelIDSourceCallback> callback(callback_.release()); |
| 171 callback->Run(&channel_id_key_); | 171 callback->Run(&channel_id_key_); |
| 172 // Will delete |this|. | 172 // Will delete |this|. |
| 173 channel_id_source_->OnJobComplete(this); | 173 channel_id_source_->OnJobComplete(this); |
| 174 } | 174 } |
| 175 } | 175 } |
| 176 | 176 |
| 177 int ChannelIDSourceChromium::Job::DoGetChannelIDKey(int result) { | 177 int ChannelIDSourceChromium::Job::DoGetChannelIDKey(int result) { |
| 178 next_state_ = STATE_GET_CHANNEL_ID_KEY_COMPLETE; | 178 next_state_ = STATE_GET_CHANNEL_ID_KEY_COMPLETE; |
| 179 | 179 |
| 180 return server_bound_cert_service_->GetOrCreateDomainBoundCert( | 180 return channel_id_service_->GetOrCreateChannelID( |
| 181 hostname_, | 181 hostname_, |
| 182 &channel_id_private_key_, | 182 &channel_id_private_key_, |
| 183 &channel_id_cert_, | 183 &channel_id_cert_, |
| 184 base::Bind(&ChannelIDSourceChromium::Job::OnIOComplete, | 184 base::Bind(&ChannelIDSourceChromium::Job::OnIOComplete, |
| 185 base::Unretained(this)), | 185 base::Unretained(this)), |
| 186 &channel_id_request_handle_); | 186 &channel_id_request_handle_); |
| 187 } | 187 } |
| 188 | 188 |
| 189 int ChannelIDSourceChromium::Job::DoGetChannelIDKeyComplete(int result) { | 189 int ChannelIDSourceChromium::Job::DoGetChannelIDKeyComplete(int result) { |
| 190 DCHECK_EQ(STATE_NONE, next_state_); | 190 DCHECK_EQ(STATE_NONE, next_state_); |
| 191 if (result != OK) { | 191 if (result != OK) { |
| 192 DLOG(WARNING) << "Failed to look up channel ID: " << ErrorToString(result); | 192 DLOG(WARNING) << "Failed to look up channel ID: " << ErrorToString(result); |
| 193 return result; | 193 return result; |
| 194 } | 194 } |
| 195 | 195 |
| 196 std::vector<uint8> encrypted_private_key_info( | 196 std::vector<uint8> encrypted_private_key_info( |
| 197 channel_id_private_key_.size()); | 197 channel_id_private_key_.size()); |
| 198 memcpy(&encrypted_private_key_info[0], channel_id_private_key_.data(), | 198 memcpy(&encrypted_private_key_info[0], channel_id_private_key_.data(), |
| 199 channel_id_private_key_.size()); | 199 channel_id_private_key_.size()); |
| 200 | 200 |
| 201 base::StringPiece spki_piece; | 201 base::StringPiece spki_piece; |
| 202 if (!asn1::ExtractSPKIFromDERCert(channel_id_cert_, &spki_piece)) { | 202 if (!asn1::ExtractSPKIFromDERCert(channel_id_cert_, &spki_piece)) { |
| 203 return ERR_UNEXPECTED; | 203 return ERR_UNEXPECTED; |
| 204 } | 204 } |
| 205 std::vector<uint8> subject_public_key_info(spki_piece.size()); | 205 std::vector<uint8> subject_public_key_info(spki_piece.size()); |
| 206 memcpy(&subject_public_key_info[0], spki_piece.data(), spki_piece.size()); | 206 memcpy(&subject_public_key_info[0], spki_piece.data(), spki_piece.size()); |
| 207 | 207 |
| 208 crypto::ECPrivateKey* ec_private_key = | 208 crypto::ECPrivateKey* ec_private_key = |
| 209 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | 209 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
| 210 ServerBoundCertService::kEPKIPassword, encrypted_private_key_info, | 210 ChannelIDService::kEPKIPassword, encrypted_private_key_info, |
| 211 subject_public_key_info); | 211 subject_public_key_info); |
| 212 if (!ec_private_key) { | 212 if (!ec_private_key) { |
| 213 // TODO(wtc): use the new error code ERR_CHANNEL_ID_IMPORT_FAILED to be | 213 // TODO(wtc): use the new error code ERR_CHANNEL_ID_IMPORT_FAILED to be |
| 214 // added in https://codereview.chromium.org/338093012/. | 214 // added in https://codereview.chromium.org/338093012/. |
| 215 return ERR_UNEXPECTED; | 215 return ERR_UNEXPECTED; |
| 216 } | 216 } |
| 217 channel_id_key_.reset(new ChannelIDKeyChromium(ec_private_key)); | 217 channel_id_key_.reset(new ChannelIDKeyChromium(ec_private_key)); |
| 218 | 218 |
| 219 return result; | 219 return result; |
| 220 } | 220 } |
| 221 | 221 |
| 222 ChannelIDSourceChromium::ChannelIDSourceChromium( | 222 ChannelIDSourceChromium::ChannelIDSourceChromium( |
| 223 ServerBoundCertService* server_bound_cert_service) | 223 ChannelIDService* channel_id_service) |
| 224 : server_bound_cert_service_(server_bound_cert_service) { | 224 : channel_id_service_(channel_id_service) { |
| 225 } | 225 } |
| 226 | 226 |
| 227 ChannelIDSourceChromium::~ChannelIDSourceChromium() { | 227 ChannelIDSourceChromium::~ChannelIDSourceChromium() { |
| 228 STLDeleteElements(&active_jobs_); | 228 STLDeleteElements(&active_jobs_); |
| 229 } | 229 } |
| 230 | 230 |
| 231 QuicAsyncStatus ChannelIDSourceChromium::GetChannelIDKey( | 231 QuicAsyncStatus ChannelIDSourceChromium::GetChannelIDKey( |
| 232 const std::string& hostname, | 232 const std::string& hostname, |
| 233 scoped_ptr<ChannelIDKey>* channel_id_key, | 233 scoped_ptr<ChannelIDKey>* channel_id_key, |
| 234 ChannelIDSourceCallback* callback) { | 234 ChannelIDSourceCallback* callback) { |
| 235 scoped_ptr<Job> job(new Job(this, server_bound_cert_service_)); | 235 scoped_ptr<Job> job(new Job(this, channel_id_service_)); |
| 236 QuicAsyncStatus status = job->GetChannelIDKey(hostname, channel_id_key, | 236 QuicAsyncStatus status = job->GetChannelIDKey(hostname, channel_id_key, |
| 237 callback); | 237 callback); |
| 238 if (status == QUIC_PENDING) { | 238 if (status == QUIC_PENDING) { |
| 239 active_jobs_.insert(job.release()); | 239 active_jobs_.insert(job.release()); |
| 240 } | 240 } |
| 241 return status; | 241 return status; |
| 242 } | 242 } |
| 243 | 243 |
| 244 void ChannelIDSourceChromium::OnJobComplete(Job* job) { | 244 void ChannelIDSourceChromium::OnJobComplete(Job* job) { |
| 245 active_jobs_.erase(job); | 245 active_jobs_.erase(job); |
| 246 delete job; | 246 delete job; |
| 247 } | 247 } |
| 248 | 248 |
| 249 } // namespace net | 249 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews