diff options
| author | sergeyu@chromium.org <sergeyu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-28 21:52:15 +0000 |
|---|---|---|
| committer | sergeyu@chromium.org <sergeyu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-28 21:52:15 +0000 |
| commit | 708f3b3ad64ea2f445ac975d9301db9304214d54 (patch) | |
| tree | 052c9bd9641ccb7d665ac88ac0178ac2f095a583 /net/base/origin_bound_cert_service.cc | |
| parent | cb5ecc0936ab4862807442dd08486f1d434b8596 (diff) | |
| download | chromium_src-708f3b3ad64ea2f445ac975d9301db9304214d54.zip chromium_src-708f3b3ad64ea2f445ac975d9301db9304214d54.tar.gz chromium_src-708f3b3ad64ea2f445ac975d9301db9304214d54.tar.bz2 | |
Revert 94553 - Provides in memory and persistent storage for origin bound certificates, which are
specified at http://balfanz.github.com/tls-obc-spec/draft-balfanz-tls-obc-00.html.
The code is based on cookie_monster.{cc,h} and sqlite_persistent_cookie_store.{cc,h}.
BUG=88782
TEST=None
Review URL: http://codereview.chromium.org/7342021
TBR=rkn@chromium.org
Review URL: http://codereview.chromium.org/7523039
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@94555 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/origin_bound_cert_service.cc')
| -rw-r--r-- | net/base/origin_bound_cert_service.cc | 29 |
1 files changed, 10 insertions, 19 deletions
diff --git a/net/base/origin_bound_cert_service.cc b/net/base/origin_bound_cert_service.cc index 61a80eb..0d706bc 100644 --- a/net/base/origin_bound_cert_service.cc +++ b/net/base/origin_bound_cert_service.cc @@ -11,6 +11,7 @@ #include "base/memory/scoped_ptr.h" #include "base/rand_util.h" #include "crypto/rsa_private_key.h" +#include "googleurl/src/gurl.h" #include "net/base/origin_bound_cert_store.h" #include "net/base/x509_certificate.h" @@ -23,23 +24,19 @@ const int kValidityPeriodInDays = 365; } // namespace -OriginBoundCertService::OriginBoundCertService( - OriginBoundCertStore* origin_bound_cert_store) - : origin_bound_cert_store_(origin_bound_cert_store) {} - -OriginBoundCertService::~OriginBoundCertService() {} - -bool OriginBoundCertService::GetOriginBoundCert(const std::string& origin, +bool OriginBoundCertService::GetOriginBoundCert(const GURL& url, std::string* private_key_result, std::string* cert_result) { // Check if origin bound cert already exists for this origin. - if (origin_bound_cert_store_->GetOriginBoundCert(origin, - private_key_result, - cert_result)) - return true; + if (origin_bound_cert_store_->HasOriginBoundCert(url)) { + return origin_bound_cert_store_->GetOriginBoundCert(url, + private_key_result, + cert_result); + } // No origin bound cert exists, we have to create one. - std::string subject = "CN=OBC"; + std::string origin = url.GetOrigin().spec(); + std::string subject = "CN=origin-bound certificate for " + origin; scoped_ptr<crypto::RSAPrivateKey> key( crypto::RSAPrivateKey::Create(kKeySizeInBits)); if (!key.get()) { @@ -71,9 +68,7 @@ bool OriginBoundCertService::GetOriginBoundCert(const std::string& origin, return false; } - if (!origin_bound_cert_store_->SetOriginBoundCert(origin, - key_out, - der_cert)) { + if (!origin_bound_cert_store_->SetOriginBoundCert(url, key_out, der_cert)) { LOG(WARNING) << "Unable to set origin bound certificate"; return false; } @@ -83,8 +78,4 @@ bool OriginBoundCertService::GetOriginBoundCert(const std::string& origin, return true; } -int OriginBoundCertService::GetCertCount() { - return origin_bound_cert_store_->GetCertCount(); -} - } // namespace net |