1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CONTENT_BROWSER_MEDIA_WEBRTC_IDENTITY_STORE_H_
6 #define CONTENT_BROWSER_MEDIA_WEBRTC_IDENTITY_STORE_H_
11 #include "base/callback.h"
12 #include "base/time/time.h"
13 #include "content/common/content_export.h"
23 class SpecialStoragePolicy
;
24 } // namespace storage
27 class WebRTCIdentityRequest
;
28 struct WebRTCIdentityRequestResult
;
29 class WebRTCIdentityStoreBackend
;
30 class WebRTCIdentityStoreTest
;
32 // A class for creating and fetching DTLS identities, i.e. the private key and
33 // the self-signed certificate.
34 // It can be created/destroyed on any thread, but the public methods must be
35 // called on the IO thread.
36 class CONTENT_EXPORT WebRTCIdentityStore
37 : public base::RefCountedThreadSafe
<WebRTCIdentityStore
> {
39 typedef base::Callback
<void(int error
,
40 const std::string
& certificate
,
41 const std::string
& private_key
)>
44 // If |path| is empty, nothing will be saved to disk.
45 WebRTCIdentityStore(const base::FilePath
& path
,
46 storage::SpecialStoragePolicy
* policy
);
48 // Retrieve the cached DTLS private key and certificate, i.e. identity, for
49 // the |origin| and |identity_name| pair, or generate a new identity using
50 // |common_name| if such an identity does not exist.
51 // If the given |common_name| is different from the common name in the cached
52 // identity that has the same origin and identity_name, a new private key and
53 // a new certificate will be generated, overwriting the old one.
55 // |origin| is the origin of the DTLS connection;
56 // |identity_name| is used to identify an identity within an origin; it is
57 // opaque to WebRTCIdentityStore and remains private to the caller, i.e. not
58 // present in the certificate;
59 // |common_name| is the common name used to generate the certificate and will
60 // be shared with the peer of the DTLS connection. Identities created for
61 // different origins or different identity names may have the same common
63 // |callback| is the callback to return the result as DER strings.
65 // Returns the Closure used to cancel the request if the request is accepted.
66 // The Closure can only be called before the request completes.
67 virtual base::Closure
RequestIdentity(const GURL
& origin
,
68 const std::string
& identity_name
,
69 const std::string
& common_name
,
70 const CompletionCallback
& callback
);
72 // Delete the identities created between |delete_begin| and |delete_end|.
73 // |callback| will be called when the operation is done.
74 void DeleteBetween(base::Time delete_begin
,
75 base::Time delete_end
,
76 const base::Closure
& callback
);
79 // Only virtual to allow subclassing for test mock.
80 virtual ~WebRTCIdentityStore();
83 friend class base::RefCountedThreadSafe
<WebRTCIdentityStore
>;
84 friend class WebRTCIdentityStoreTest
;
86 void SetValidityPeriodForTesting(base::TimeDelta validity_period
);
87 void SetTaskRunnerForTesting(
88 const scoped_refptr
<base::TaskRunner
>& task_runner
);
90 void BackendFindCallback(WebRTCIdentityRequest
* request
,
92 const std::string
& certificate
,
93 const std::string
& private_key
);
94 void GenerateIdentityCallback(WebRTCIdentityRequest
* request
,
95 WebRTCIdentityRequestResult
* result
);
96 WebRTCIdentityRequest
* FindRequest(const GURL
& origin
,
97 const std::string
& identity_name
,
98 const std::string
& common_name
);
99 void PostRequestResult(WebRTCIdentityRequest
* request
,
100 const WebRTCIdentityRequestResult
& result
);
102 // The validity period of the certificates.
103 base::TimeDelta validity_period_
;
105 // The TaskRunner for doing work on a worker thread.
106 scoped_refptr
<base::TaskRunner
> task_runner_
;
108 // Weak references of the in flight requests. Used to join identical external
110 std::vector
<WebRTCIdentityRequest
*> in_flight_requests_
;
112 scoped_refptr
<WebRTCIdentityStoreBackend
> backend_
;
114 DISALLOW_COPY_AND_ASSIGN(WebRTCIdentityStore
);
117 } // namespace content
119 #endif // CONTENT_BROWSER_MEDIA_WEBRTC_IDENTITY_STORE_H_