Lots of random cleanups, mostly for native_theme_win.cc:
[chromium-blink-merge.git] / net / ssl / server_bound_cert_service.h
blob45472102ff6d55c1054ba056144cc6780fdc161b
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_SSL_SERVER_BOUND_CERT_SERVICE_H_
6 #define NET_SSL_SERVER_BOUND_CERT_SERVICE_H_
8 #include <map>
9 #include <string>
10 #include <vector>
12 #include "base/basictypes.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "base/memory/weak_ptr.h"
15 #include "base/threading/non_thread_safe.h"
16 #include "base/time/time.h"
17 #include "net/base/completion_callback.h"
18 #include "net/base/net_export.h"
19 #include "net/ssl/server_bound_cert_store.h"
21 namespace base {
22 class TaskRunner;
25 namespace net {
27 class ServerBoundCertServiceJob;
28 class ServerBoundCertServiceRequest;
29 class ServerBoundCertServiceWorker;
31 // A class for creating and fetching server bound certs. These certs are used
32 // to identify users' machines; their public keys are used as channel IDs in
33 // http://tools.ietf.org/html/draft-balfanz-tls-channelid-00.
34 // As a result although certs are set to be invalid after one year, we don't
35 // actually expire them. Once generated, certs are valid as long as the users
36 // want. Users can delete existing certs, and new certs will be generated
37 // automatically.
39 // Inherits from NonThreadSafe in order to use the function
40 // |CalledOnValidThread|.
41 class NET_EXPORT ServerBoundCertService
42 : NON_EXPORTED_BASE(public base::NonThreadSafe) {
43 public:
44 class NET_EXPORT RequestHandle {
45 public:
46 RequestHandle();
47 ~RequestHandle();
49 // Cancel the request. Does nothing if the request finished or was already
50 // cancelled.
51 void Cancel();
53 bool is_active() const { return request_ != NULL; }
55 private:
56 friend class ServerBoundCertService;
58 void RequestStarted(ServerBoundCertService* service,
59 ServerBoundCertServiceRequest* request,
60 const CompletionCallback& callback);
62 void OnRequestComplete(int result);
64 ServerBoundCertService* service_;
65 ServerBoundCertServiceRequest* request_;
66 CompletionCallback callback_;
69 // Password used on EncryptedPrivateKeyInfo data stored in EC private_key
70 // values. (This is not used to provide any security, but to workaround NSS
71 // being unable to import unencrypted PrivateKeyInfo for EC keys.)
72 static const char kEPKIPassword[];
74 // This object owns |server_bound_cert_store|. |task_runner| will
75 // be used to post certificate generation worker tasks. The tasks are
76 // safe for use with WorkerPool and SequencedWorkerPool::CONTINUE_ON_SHUTDOWN.
77 ServerBoundCertService(
78 ServerBoundCertStore* server_bound_cert_store,
79 const scoped_refptr<base::TaskRunner>& task_runner);
81 ~ServerBoundCertService();
83 // Returns the domain to be used for |host|. The domain is the
84 // "registry controlled domain", or the "ETLD + 1" where one exists, or
85 // the origin otherwise.
86 static std::string GetDomainForHost(const std::string& host);
88 // Tests whether the system time is within the supported range for
89 // certificate generation. This value is cached when ServerBoundCertService
90 // is created, so if the system time is changed by a huge amount, this may no
91 // longer hold.
92 bool IsSystemTimeValid() const { return is_system_time_valid_; }
94 // Fetches the domain bound cert for the specified host if one exists and
95 // creates one otherwise. Returns OK if successful or an error code upon
96 // failure.
98 // On successful completion, |private_key| stores a DER-encoded
99 // PrivateKeyInfo struct, and |cert| stores a DER-encoded certificate.
100 // The PrivateKeyInfo is always an ECDSA private key.
102 // |callback| must not be null. ERR_IO_PENDING is returned if the operation
103 // could not be completed immediately, in which case the result code will
104 // be passed to the callback when available.
106 // |*out_req| will be initialized with a handle to the async request. This
107 // RequestHandle object must be cancelled or destroyed before the
108 // ServerBoundCertService is destroyed.
109 int GetOrCreateDomainBoundCert(
110 const std::string& host,
111 std::string* private_key,
112 std::string* cert,
113 const CompletionCallback& callback,
114 RequestHandle* out_req);
116 // Fetches the domain bound cert for the specified host if one exists.
117 // Returns OK if successful, ERR_FILE_NOT_FOUND if none exists, or an error
118 // code upon failure.
120 // On successful completion, |private_key| stores a DER-encoded
121 // PrivateKeyInfo struct, and |cert| stores a DER-encoded certificate.
122 // The PrivateKeyInfo is always an ECDSA private key.
124 // |callback| must not be null. ERR_IO_PENDING is returned if the operation
125 // could not be completed immediately, in which case the result code will
126 // be passed to the callback when available. If an in-flight
127 // GetDomainBoundCert is pending, and a new GetOrCreateDomainBoundCert
128 // request arrives for the same domain, the GetDomainBoundCert request will
129 // not complete until a new cert is created.
131 // |*out_req| will be initialized with a handle to the async request. This
132 // RequestHandle object must be cancelled or destroyed before the
133 // ServerBoundCertService is destroyed.
134 int GetDomainBoundCert(
135 const std::string& host,
136 std::string* private_key,
137 std::string* cert,
138 const CompletionCallback& callback,
139 RequestHandle* out_req);
141 // Returns the backing ServerBoundCertStore.
142 ServerBoundCertStore* GetCertStore();
144 // Public only for unit testing.
145 int cert_count();
146 uint64 requests() const { return requests_; }
147 uint64 cert_store_hits() const { return cert_store_hits_; }
148 uint64 inflight_joins() const { return inflight_joins_; }
149 uint64 workers_created() const { return workers_created_; }
151 private:
152 // Cancels the specified request. |req| is the handle stored by
153 // GetDomainBoundCert(). After a request is canceled, its completion
154 // callback will not be called.
155 void CancelRequest(ServerBoundCertServiceRequest* req);
157 void GotServerBoundCert(int err,
158 const std::string& server_identifier,
159 base::Time expiration_time,
160 const std::string& key,
161 const std::string& cert);
162 void GeneratedServerBoundCert(
163 const std::string& server_identifier,
164 int error,
165 scoped_ptr<ServerBoundCertStore::ServerBoundCert> cert);
166 void HandleResult(int error,
167 const std::string& server_identifier,
168 const std::string& private_key,
169 const std::string& cert);
171 // Searches for an in-flight request for the same domain. If found,
172 // attaches to the request and returns true. Returns false if no in-flight
173 // request is found.
174 bool JoinToInFlightRequest(const base::TimeTicks& request_start,
175 const std::string& domain,
176 std::string* private_key,
177 std::string* cert,
178 bool create_if_missing,
179 const CompletionCallback& callback,
180 RequestHandle* out_req);
182 // Looks for the domain bound cert for |domain| in this service's store.
183 // Returns OK if it can be found synchronously, ERR_IO_PENDING if the
184 // result cannot be obtained synchronously, or a network error code on
185 // failure (including failure to find a domain-bound cert of |domain|).
186 int LookupDomainBoundCert(const base::TimeTicks& request_start,
187 const std::string& domain,
188 std::string* private_key,
189 std::string* cert,
190 bool create_if_missing,
191 const CompletionCallback& callback,
192 RequestHandle* out_req);
194 scoped_ptr<ServerBoundCertStore> server_bound_cert_store_;
195 scoped_refptr<base::TaskRunner> task_runner_;
197 // inflight_ maps from a server to an active generation which is taking
198 // place.
199 std::map<std::string, ServerBoundCertServiceJob*> inflight_;
201 uint64 requests_;
202 uint64 cert_store_hits_;
203 uint64 inflight_joins_;
204 uint64 workers_created_;
206 bool is_system_time_valid_;
208 base::WeakPtrFactory<ServerBoundCertService> weak_ptr_factory_;
210 DISALLOW_COPY_AND_ASSIGN(ServerBoundCertService);
213 } // namespace net
215 #endif // NET_SSL_SERVER_BOUND_CERT_SERVICE_H_