net/base/keygen_handler.h - Issue 384413004: Remove default key slot from KeygenHandler.

Side by Side Diff: net/base/keygen_handler.h

Issue 384413004: Remove default key slot from KeygenHandler. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef NET_BASE_KEYGEN_HANDLER_H_	5 #ifndef NET_BASE_KEYGEN_HANDLER_H_

6 #define NET_BASE_KEYGEN_HANDLER_H_	6 #define NET_BASE_KEYGEN_HANDLER_H_

7	7

8 #include <string>	8 #include <string>

9	9

10 #include "base/callback_forward.h"	10 #include "base/callback_forward.h"

11 #include "base/memory/scoped_ptr.h"	11 #include "base/memory/scoped_ptr.h"

12 #include "build/build_config.h"	12 #include "build/build_config.h"

	13 #include "crypto/scoped_nss_types.h"

13 #include "net/base/net_export.h"	14 #include "net/base/net_export.h"

14 #include "url/gurl.h"	15 #include "url/gurl.h"

15	16

16 namespace crypto {	17 namespace crypto {

17 class NSSCryptoModuleDelegate;	18 class CryptoModuleBlockingPasswordDelegate;

18 }	19 }

19	20

20 namespace net {	21 namespace net {

21	22

22 // This class handles keypair generation for generating client	23 // This class handles keypair generation for generating client

23 // certificates via the <keygen> tag.	24 // certificates via the <keygen> tag.

24 // <http://dev.w3.org/html5/spec/Overview.html#the-keygen-element>	25 // <http://dev.w3.org/html5/spec/Overview.html#the-keygen-element>

25 // <https://developer.mozilla.org/En/HTML/HTML_Extensions/KEYGEN_Tag>	26 // <https://developer.mozilla.org/En/HTML/HTML_Extensions/KEYGEN_Tag>

26	27

27 class NET_EXPORT KeygenHandler {	28 class NET_EXPORT KeygenHandler {

28 public:	29 public:

29 // Creates a handler that will generate a key with the given key size and	30 // Creates a handler that will generate a key with the given key size and

30 // incorporate the \|challenge\| into the Netscape SPKAC structure. The request	31 // incorporate the \|challenge\| into the Netscape SPKAC structure. The request

31 // for the key originated from \|url\|.	32 // for the key originated from \|url\|.

32 KeygenHandler(int key_size_in_bits,	33 KeygenHandler(int key_size_in_bits,

33 const std::string& challenge,	34 const std::string& challenge,

34 const GURL& url);	35 const GURL& url);

35 ~KeygenHandler();	36 ~KeygenHandler();

36	37

37 // Actually generates the key-pair and the cert request (SPKAC), and returns	38 // Actually generates the key-pair and the cert request (SPKAC), and returns

38 // a base64-encoded string suitable for use as the form value of <keygen>.	39 // a base64-encoded string suitable for use as the form value of <keygen>.

39 std::string GenKeyAndSignChallenge();	40 std::string GenKeyAndSignChallenge();

40	41

41 // Exposed only for unit tests.	42 // Exposed only for unit tests.

42 void set_stores_key(bool store) { stores_key_ = store;}	43 void set_stores_key(bool store) { stores_key_ = store;}

43	44

44 #if defined(USE_NSS)	45 #if defined(USE_NSS)

	46 void set_key_slot(PK11SlotInfo* slot);
	Ryan Sleevi 2014/07/14 21:54:25 Any reason this shouldn't be a crypto::ScopedPK11S Any reason this shouldn't be a crypto::ScopedPK11Slot, so indicate ownership xfer is happening?
	47

45 // Register the delegate to be used to get the token to store the key in, and	48 // Register the delegate to be used to get the token to store the key in, and

46 // to get the password if the token is unauthenticated.	49 // to get the password if the token is unauthenticated.

47 // GenKeyAndSignChallenge runs on a worker thread, so using a blocking	50 // GenKeyAndSignChallenge runs on a worker thread, so using a blocking

48 // password callback is okay here.	51 // password callback is okay here.

49 void set_crypto_module_delegate(	52 void set_crypto_module_delegate(

50 scoped_ptr<crypto::NSSCryptoModuleDelegate> delegate);	53 scoped_ptr<crypto::CryptoModuleBlockingPasswordDelegate> delegate);

51 #endif // defined(USE_NSS)	54 #endif // defined(USE_NSS)

52	55

53 private:	56 private:

54 int key_size_in_bits_; // key size in bits (usually 2048)	57 int key_size_in_bits_; // key size in bits (usually 2048)

55 std::string challenge_; // challenge string sent by server	58 std::string challenge_; // challenge string sent by server

56 GURL url_; // the URL that requested the key	59 GURL url_; // the URL that requested the key

57 bool stores_key_; // should the generated key-pair be stored persistently?	60 bool stores_key_; // should the generated key-pair be stored persistently?

58 #if defined(USE_NSS)	61 #if defined(USE_NSS)

	62 crypto::ScopedPK11Slot slot_;

59 // The callback for requesting a password to the PKCS#11 token.	63 // The callback for requesting a password to the PKCS#11 token.

60 scoped_ptr<crypto::NSSCryptoModuleDelegate> crypto_module_delegate_;	64 scoped_ptr<crypto::CryptoModuleBlockingPasswordDelegate>

	65 crypto_module_delegate_;

61 #endif // defined(USE_NSS)	66 #endif // defined(USE_NSS)

62 };	67 };

63	68

64 } // namespace net	69 } // namespace net

65	70

66 #endif // NET_BASE_KEYGEN_HANDLER_H_	71 #endif // NET_BASE_KEYGEN_HANDLER_H_

OLD	NEW

« chrome/browser/profiles/profile_io_data.cc ('K') | « crypto/nss_crypto_module_delegate.h ('k') | net/base/keygen_handler_nss.cc » ('j') | net/base/keygen_handler_unittest.cc » ('J')