Resubmission of r98288: Added CreateOriginBound method to x509_certificate.h

Previous review URL: http://codereview.chromium.org/7384002

BUG=88782
TEST=net_unittests --gtest_filter=X509CertificateTest.CreateOriginBound


Review URL: http://codereview.chromium.org/7763001

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@100264 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 9 insertions, 3 deletions

diff --git a/net/base/origin_bound_cert_service.cc b/net/base/origin_bound_cert_service.cc
index 50d45c4..4f53fc3 100644
--- a/net/base/origin_bound_cert_service.cc
+++ b/net/base/origin_bound_cert_service.cc
@@ -316,19 +316,25 @@ int OriginBoundCertService::GenerateCert(const std::string& origin,
                                          uint32 serial_number,
                                          std::string* private_key,
                                          std::string* cert) {
-  std::string subject = "CN=OBC";
   scoped_ptr<crypto::RSAPrivateKey> key(
       crypto::RSAPrivateKey::Create(kKeySizeInBits));
   if (!key.get()) {
     LOG(WARNING) << "Unable to create key pair for client";
     return ERR_KEY_GENERATION_FAILED;
   }
-
+#if defined(USE_NSS)
+  scoped_refptr<X509Certificate> x509_cert = X509Certificate::CreateOriginBound(
+      key.get(),
+      origin,
+      serial_number,
+      base::TimeDelta::FromDays(kValidityPeriodInDays));
+#else
   scoped_refptr<X509Certificate> x509_cert = X509Certificate::CreateSelfSigned(
       key.get(),
-      subject,
+      "CN=anonymous.invalid",
       serial_number,
       base::TimeDelta::FromDays(kValidityPeriodInDays));
+#endif
   if (!x509_cert) {
     LOG(WARNING) << "Unable to create x509 cert for client";
     return ERR_ORIGIN_BOUND_CERT_GENERATION_FAILED;