diff options
| author | rkn@chromium.org <rkn@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-08 22:46:31 +0000 |
|---|---|---|
| committer | rkn@chromium.org <rkn@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-08 22:46:31 +0000 |
| commit | 6f66f4f3f611f15789e1130164b3c80aa32f35be (patch) | |
| tree | b7945a73e035d79ecd068f6707d2f808f53be900 /net/base/origin_bound_cert_service.h | |
| parent | 8fddbc0fc921801a6c82b0f9aab610ff5f1d85bc (diff) | |
| download | chromium_src-6f66f4f3f611f15789e1130164b3c80aa32f35be.zip chromium_src-6f66f4f3f611f15789e1130164b3c80aa32f35be.tar.gz chromium_src-6f66f4f3f611f15789e1130164b3c80aa32f35be.tar.bz2 | |
Added OriginBoundCertService class to handle the fetching (and creation) of origin bound certificates.
Origin bound certificates are specified in this internet draft
<http://balfanz.github.com/tls-obc-spec/draft-balfanz-tls-obc-00.html>.
The OriginBoundCertService class contains an OriginBoundCertStore object. This is an interface
designed for handling the storage and retrieval (but not creation) of origin bound certificates.
BUG=88782
TEST=None
Review URL: http://codereview.chromium.org/7291020
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@91906 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/origin_bound_cert_service.h')
| -rw-r--r-- | net/base/origin_bound_cert_service.h | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/net/base/origin_bound_cert_service.h b/net/base/origin_bound_cert_service.h new file mode 100644 index 0000000..4502247 --- /dev/null +++ b/net/base/origin_bound_cert_service.h @@ -0,0 +1,41 @@ +// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_BASE_ORIGIN_BOUND_CERT_SERVICE_H_ +#define NET_BASE_ORIGIN_BOUND_CERT_SERVICE_H_ +#pragma once + +#include <string> + +#include "base/basictypes.h" +#include "net/base/origin_bound_cert_store.h" +#include "googleurl/src/gurl.h" // TODO(rkn): This feels wrong. + +namespace net { + +// A class for creating and fetching origin bound certs. +class OriginBoundCertService { + public: + + OriginBoundCertService(OriginBoundCertStore* origin_bound_cert_store) + : origin_bound_cert_store_(origin_bound_cert_store) {} + + // TODO(rkn): Specify certificate type (RSA or DSA). + // TODO(rkn): Key generation can be time consuming, so this should have an + // asynchronous interface. + // This function will fetch the origin bound cert for the specified origin + // if one exists and it will create one otherwise. + bool GetOriginBoundCert(const GURL& url, + std::string* private_key_result, + std::string* cert_result); + + static std::string GetCertOriginFromURL(const GURL& url); + + private: + OriginBoundCertStore* origin_bound_cert_store_; +}; + +} // namespace net + +#endif // NET_BASE_ORIGIN_BOUND_CERT_SERVICE_H_ |