diff options
| author | rkn@chromium.org <rkn@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-28 21:39:36 +0000 |
|---|---|---|
| committer | rkn@chromium.org <rkn@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-28 21:39:36 +0000 |
| commit | de32371658280e962cb595dda3571ef8d98c0dfd (patch) | |
| tree | 6b6a1044c3849f1a9b21c086f8524fb1933cfb8f /net/base/origin_bound_cert_service.cc | |
| parent | 6e78dfb46a07e5ee38225e0cd32fa8b70ed41558 (diff) | |
| download | chromium_src-de32371658280e962cb595dda3571ef8d98c0dfd.zip chromium_src-de32371658280e962cb595dda3571ef8d98c0dfd.tar.gz chromium_src-de32371658280e962cb595dda3571ef8d98c0dfd.tar.bz2 | |
Provides in memory and persistent storage for origin bound certificates, which are
specified at http://balfanz.github.com/tls-obc-spec/draft-balfanz-tls-obc-00.html.
The code is based on cookie_monster.{cc,h} and sqlite_persistent_cookie_store.{cc,h}.
BUG=88782
TEST=None
Review URL: http://codereview.chromium.org/7342021
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@94553 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/origin_bound_cert_service.cc')
| -rw-r--r-- | net/base/origin_bound_cert_service.cc | 29 |
1 files changed, 19 insertions, 10 deletions
diff --git a/net/base/origin_bound_cert_service.cc b/net/base/origin_bound_cert_service.cc index 0d706bc..61a80eb 100644 --- a/net/base/origin_bound_cert_service.cc +++ b/net/base/origin_bound_cert_service.cc @@ -11,7 +11,6 @@ #include "base/memory/scoped_ptr.h" #include "base/rand_util.h" #include "crypto/rsa_private_key.h" -#include "googleurl/src/gurl.h" #include "net/base/origin_bound_cert_store.h" #include "net/base/x509_certificate.h" @@ -24,19 +23,23 @@ const int kValidityPeriodInDays = 365; } // namespace -bool OriginBoundCertService::GetOriginBoundCert(const GURL& url, +OriginBoundCertService::OriginBoundCertService( + OriginBoundCertStore* origin_bound_cert_store) + : origin_bound_cert_store_(origin_bound_cert_store) {} + +OriginBoundCertService::~OriginBoundCertService() {} + +bool OriginBoundCertService::GetOriginBoundCert(const std::string& origin, std::string* private_key_result, std::string* cert_result) { // Check if origin bound cert already exists for this origin. - if (origin_bound_cert_store_->HasOriginBoundCert(url)) { - return origin_bound_cert_store_->GetOriginBoundCert(url, - private_key_result, - cert_result); - } + if (origin_bound_cert_store_->GetOriginBoundCert(origin, + private_key_result, + cert_result)) + return true; // No origin bound cert exists, we have to create one. - std::string origin = url.GetOrigin().spec(); - std::string subject = "CN=origin-bound certificate for " + origin; + std::string subject = "CN=OBC"; scoped_ptr<crypto::RSAPrivateKey> key( crypto::RSAPrivateKey::Create(kKeySizeInBits)); if (!key.get()) { @@ -68,7 +71,9 @@ bool OriginBoundCertService::GetOriginBoundCert(const GURL& url, return false; } - if (!origin_bound_cert_store_->SetOriginBoundCert(url, key_out, der_cert)) { + if (!origin_bound_cert_store_->SetOriginBoundCert(origin, + key_out, + der_cert)) { LOG(WARNING) << "Unable to set origin bound certificate"; return false; } @@ -78,4 +83,8 @@ bool OriginBoundCertService::GetOriginBoundCert(const GURL& url, return true; } +int OriginBoundCertService::GetCertCount() { + return origin_bound_cert_store_->GetCertCount(); +} + } // namespace net |