From de32371658280e962cb595dda3571ef8d98c0dfd Mon Sep 17 00:00:00 2001
From: "rkn@chromium.org"
 <rkn@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Thu, 28 Jul 2011 21:39:36 +0000
Subject: Provides in memory and persistent storage for origin bound
 certificates, which are specified at
 http://balfanz.github.com/tls-obc-spec/draft-balfanz-tls-obc-00.html. The
 code is based on cookie_monster.{cc,h} and
 sqlite_persistent_cookie_store.{cc,h}.

BUG=88782
TEST=None

Review URL: http://codereview.chromium.org/7342021

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@94553 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/base/origin_bound_cert_service.cc | 29 +++++++++++++++++++----------
 1 file changed, 19 insertions(+), 10 deletions(-)

(limited to 'net/base/origin_bound_cert_service.cc')

diff --git a/net/base/origin_bound_cert_service.cc b/net/base/origin_bound_cert_service.cc
index 0d706bc..61a80eb 100644
--- a/net/base/origin_bound_cert_service.cc
+++ b/net/base/origin_bound_cert_service.cc
@@ -11,7 +11,6 @@
 #include "base/memory/scoped_ptr.h"
 #include "base/rand_util.h"
 #include "crypto/rsa_private_key.h"
-#include "googleurl/src/gurl.h"
 #include "net/base/origin_bound_cert_store.h"
 #include "net/base/x509_certificate.h"
 
@@ -24,19 +23,23 @@ const int kValidityPeriodInDays = 365;
 
 }  // namespace
 
-bool OriginBoundCertService::GetOriginBoundCert(const GURL& url,
+OriginBoundCertService::OriginBoundCertService(
+    OriginBoundCertStore* origin_bound_cert_store)
+    : origin_bound_cert_store_(origin_bound_cert_store) {}
+
+OriginBoundCertService::~OriginBoundCertService() {}
+
+bool OriginBoundCertService::GetOriginBoundCert(const std::string& origin,
                                                 std::string* private_key_result,
                                                 std::string* cert_result) {
   // Check if origin bound cert already exists for this origin.
-  if (origin_bound_cert_store_->HasOriginBoundCert(url)) {
-    return origin_bound_cert_store_->GetOriginBoundCert(url,
-                                                        private_key_result,
-                                                        cert_result);
-  }
+  if (origin_bound_cert_store_->GetOriginBoundCert(origin,
+                                                   private_key_result,
+                                                   cert_result))
+    return true;
 
   // No origin bound cert exists, we have to create one.
-  std::string origin = url.GetOrigin().spec();
-  std::string subject = "CN=origin-bound certificate for " + origin;
+  std::string subject = "CN=OBC";
   scoped_ptr<crypto::RSAPrivateKey> key(
       crypto::RSAPrivateKey::Create(kKeySizeInBits));
   if (!key.get()) {
@@ -68,7 +71,9 @@ bool OriginBoundCertService::GetOriginBoundCert(const GURL& url,
     return false;
   }
 
-  if (!origin_bound_cert_store_->SetOriginBoundCert(url, key_out, der_cert)) {
+  if (!origin_bound_cert_store_->SetOriginBoundCert(origin,
+                                                    key_out,
+                                                    der_cert)) {
     LOG(WARNING) << "Unable to set origin bound certificate";
     return false;
   }
@@ -78,4 +83,8 @@ bool OriginBoundCertService::GetOriginBoundCert(const GURL& url,
   return true;
 }
 
+int OriginBoundCertService::GetCertCount() {
+  return origin_bound_cert_store_->GetCertCount();
+}
+
 }  // namespace net
-- 
cgit v1.1