1 // Copyright 2015 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_SSL_THREADED_SSL_PRIVATE_KEY_H_ 6 #define NET_SSL_THREADED_SSL_PRIVATE_KEY_H_ 7 8 #include <stddef.h> 9 #include <stdint.h> 10 11 #include <memory> 12 #include <vector> 13 14 #include "base/containers/span.h" 15 #include "base/memory/scoped_refptr.h" 16 #include "base/memory/weak_ptr.h" 17 #include "net/base/net_export.h" 18 #include "net/ssl/ssl_private_key.h" 19 20 namespace base { 21 class SingleThreadTaskRunner; 22 } 23 24 namespace net { 25 26 // An SSLPrivateKey implementation which offloads key operations to a background 27 // task runner. 28 class NET_EXPORT ThreadedSSLPrivateKey : public SSLPrivateKey { 29 public: 30 // Interface for consumers to implement to perform the actual signing 31 // operation. 32 class Delegate { 33 public: 34 Delegate() = default; 35 36 Delegate(const Delegate&) = delete; 37 Delegate& operator=(const Delegate&) = delete; 38 39 virtual ~Delegate() = default; 40 41 // Returns a human-readable name of the provider that backs this 42 // SSLPrivateKey, for debugging. If not applicable or available, return the 43 // empty string. 44 // 45 // This method must be efficiently callable on any thread. 46 virtual std::string GetProviderName() = 0; 47 48 // Returns the algorithms that are supported by the key in decreasing 49 // preference for TLS 1.2 and later. 50 // 51 // This method must be efficiently callable on any thread. 52 virtual std::vector<uint16_t> GetAlgorithmPreferences() = 0; 53 54 // Signs an |input| with the specified TLS signing algorithm. |input| is the 55 // unhashed message to be signed. On success it returns OK and sets 56 // |signature| to the resulting signature. Otherwise it returns a net error 57 // code. 58 // 59 // This method will only be called on the task runner passed to the owning 60 // ThreadedSSLPrivateKey. 61 virtual Error Sign(uint16_t algorithm, 62 base::span<const uint8_t> input, 63 std::vector<uint8_t>* signature) = 0; 64 }; 65 66 ThreadedSSLPrivateKey( 67 std::unique_ptr<Delegate> delegate, 68 scoped_refptr<base::SingleThreadTaskRunner> task_runner); 69 70 ThreadedSSLPrivateKey(const ThreadedSSLPrivateKey&) = delete; 71 ThreadedSSLPrivateKey& operator=(const ThreadedSSLPrivateKey&) = delete; 72 73 // SSLPrivateKey implementation. 74 std::string GetProviderName() override; 75 std::vector<uint16_t> GetAlgorithmPreferences() override; 76 void Sign(uint16_t algorithm, 77 base::span<const uint8_t> input, 78 SignCallback callback) override; 79 80 private: 81 ~ThreadedSSLPrivateKey() override; 82 class Core; 83 84 scoped_refptr<Core> core_; 85 scoped_refptr<base::SingleThreadTaskRunner> task_runner_; 86 base::WeakPtrFactory<ThreadedSSLPrivateKey> weak_factory_{this}; 87 }; 88 89 } // namespace net 90 91 #endif // NET_SSL_THREADED_SSL_PRIVATE_KEY_H_ 92