Re-subimission of https://codereview.chromium.org/1041213003/
[chromium-blink-merge.git] / content / browser / media / webrtc_identity_store.h
blob6bf10fe61a2076e8b12e67caccf13fdb09c17ef8
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CONTENT_BROWSER_MEDIA_WEBRTC_IDENTITY_STORE_H_
6 #define CONTENT_BROWSER_MEDIA_WEBRTC_IDENTITY_STORE_H_
8 #include <string>
9 #include <vector>
11 #include "base/callback.h"
12 #include "base/time/time.h"
13 #include "content/common/content_export.h"
15 class GURL;
17 namespace base {
18 class FilePath;
19 class TaskRunner;
20 } // namespace base
22 namespace storage {
23 class SpecialStoragePolicy;
24 } // namespace storage
26 namespace content {
27 class WebRTCIdentityRequest;
28 struct WebRTCIdentityRequestResult;
29 class WebRTCIdentityStoreBackend;
30 class WebRTCIdentityStoreTest;
32 // A class for creating and fetching DTLS identities, i.e. the private key and
33 // the self-signed certificate.
34 // It can be created/destroyed on any thread, but the public methods must be
35 // called on the IO thread.
36 class CONTENT_EXPORT WebRTCIdentityStore
37 : public base::RefCountedThreadSafe<WebRTCIdentityStore> {
38 public:
39 typedef base::Callback<void(int error,
40 const std::string& certificate,
41 const std::string& private_key)>
42 CompletionCallback;
44 // If |path| is empty, nothing will be saved to disk.
45 WebRTCIdentityStore(const base::FilePath& path,
46 storage::SpecialStoragePolicy* policy);
48 // Retrieve the cached DTLS private key and certificate, i.e. identity, for
49 // the |origin| and |identity_name| pair, or generate a new identity using
50 // |common_name| if such an identity does not exist.
51 // If the given |common_name| is different from the common name in the cached
52 // identity that has the same origin and identity_name, a new private key and
53 // a new certificate will be generated, overwriting the old one.
55 // |origin| is the origin of the DTLS connection;
56 // |identity_name| is used to identify an identity within an origin; it is
57 // opaque to WebRTCIdentityStore and remains private to the caller, i.e. not
58 // present in the certificate;
59 // |common_name| is the common name used to generate the certificate and will
60 // be shared with the peer of the DTLS connection. Identities created for
61 // different origins or different identity names may have the same common
62 // name.
63 // |callback| is the callback to return the result as DER strings.
65 // Returns the Closure used to cancel the request if the request is accepted.
66 // The Closure can only be called before the request completes.
67 virtual base::Closure RequestIdentity(const GURL& origin,
68 const std::string& identity_name,
69 const std::string& common_name,
70 const CompletionCallback& callback);
72 // Delete the identities created between |delete_begin| and |delete_end|.
73 // |callback| will be called when the operation is done.
74 void DeleteBetween(base::Time delete_begin,
75 base::Time delete_end,
76 const base::Closure& callback);
78 protected:
79 // Only virtual to allow subclassing for test mock.
80 virtual ~WebRTCIdentityStore();
82 private:
83 friend class base::RefCountedThreadSafe<WebRTCIdentityStore>;
84 friend class WebRTCIdentityStoreTest;
86 void SetValidityPeriodForTesting(base::TimeDelta validity_period);
87 void SetTaskRunnerForTesting(
88 const scoped_refptr<base::TaskRunner>& task_runner);
90 void BackendFindCallback(WebRTCIdentityRequest* request,
91 int error,
92 const std::string& certificate,
93 const std::string& private_key);
94 void GenerateIdentityCallback(WebRTCIdentityRequest* request,
95 WebRTCIdentityRequestResult* result);
96 WebRTCIdentityRequest* FindRequest(const GURL& origin,
97 const std::string& identity_name,
98 const std::string& common_name);
99 void PostRequestResult(WebRTCIdentityRequest* request,
100 const WebRTCIdentityRequestResult& result);
102 // The validity period of the certificates.
103 base::TimeDelta validity_period_;
105 // The TaskRunner for doing work on a worker thread.
106 scoped_refptr<base::TaskRunner> task_runner_;
108 // Weak references of the in flight requests. Used to join identical external
109 // requests.
110 std::vector<WebRTCIdentityRequest*> in_flight_requests_;
112 scoped_refptr<WebRTCIdentityStoreBackend> backend_;
114 DISALLOW_COPY_AND_ASSIGN(WebRTCIdentityStore);
117 } // namespace content
119 #endif // CONTENT_BROWSER_MEDIA_WEBRTC_IDENTITY_STORE_H_