DtlsIdentityStore[Interface/Impl] updated, DtlsIdentityService to be removed

talk/app/webrtc/dtlsidentitystore.h

 /*
  * libjingle
  * Copyright 2015 Google Inc.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
  *
  *  1. Redistributions of source code must retain the above copyright notice,
  *     this list of conditions and the following disclaimer.
  *  2. Redistributions in binary form must reproduce the above copyright notice,
@@ skipping 10 matching lines @@
  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
  * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 #ifndef TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_
 #define TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_
 
-#include <queue>
+#include <list>
 #include <string>
 
-#include "talk/app/webrtc/peerconnectioninterface.h"
 #include "webrtc/base/messagehandler.h"
 #include "webrtc/base/messagequeue.h"
+#include "webrtc/base/refcount.h"
 #include "webrtc/base/scoped_ptr.h"
 #include "webrtc/base/scoped_ref_ptr.h"
+#include "webrtc/base/sslidentity.h"
+#include "webrtc/base/thread.h"
 
 namespace webrtc {
-class DTLSIdentityRequestObserver;
+
 class SSLIdentity;
 class Thread;
 
-// This class implements an in-memory DTLS identity store, which generates the
-// DTLS identity on the worker thread.
+// Used to receive callbacks of DTLS identity requests.
+class DtlsIdentityRequestObserver : public rtc::RefCountInterface {
+ public:
+  virtual void OnFailure(int error) = 0;
+  // TODO(jiayl): Unify the OnSuccess method once Chrome code is updated.
+  virtual void OnSuccess(const std::string& der_cert,
+                         const std::string& der_private_key) = 0;
+  // |identity| is a scoped_ptr because rtc::SSLIdentity is not copyable and the
+  // client has to get the ownership of the object to make use of it.
+  virtual void OnSuccessWithIdentityObj(
+      rtc::scoped_ptr<rtc::SSLIdentity> identity) = 0;
+
+ protected:
+  virtual ~DtlsIdentityRequestObserver() {}
+};
+
+// This interface defines an in-memory DTLS identity store, which generates DTLS
+// identities.
 // APIs calls must be made on the signaling thread and the callbacks are also
 // called on the signaling thread.
-class DtlsIdentityStore : public rtc::MessageHandler {
+class DtlsIdentityStoreInterface {
  public:
-  static const char kIdentityName[];
+  virtual ~DtlsIdentityStoreInterface() { }
 
-  DtlsIdentityStore(rtc::Thread* signaling_thread,
-                    rtc::Thread* worker_thread);
-  virtual ~DtlsIdentityStore();
-
-  // Initialize will start generating the free identity in the background.
-  void Initialize();
+  // Initializes the store.
+  virtual void Initialize() = 0;
 
   // The |observer| will be called when the requested identity is ready, or when
   // identity generation fails.
-  void RequestIdentity(webrtc::DTLSIdentityRequestObserver* observer);
+  virtual void RequestIdentity(
+      rtc::KeyType key_type, webrtc::DtlsIdentityRequestObserver* observer) = 0;
+};
+
+// The standard implementation of DtlsIdentityStoreInterface.
+// Identity generation is performed on the worker thread.
+class DtlsIdentityStoreImpl : public DtlsIdentityStoreInterface,
+                              public rtc::MessageHandler {
+ public:
+  // Passed to SSLIdentity::Generate, "WebRTC". Used for the certificates'
+  // subject and issuer name.
+  static const char* common_name_;
+
+  DtlsIdentityStoreImpl(rtc::Thread* signaling_thread,
+                        rtc::Thread* worker_thread);
+  ~DtlsIdentityStoreImpl() override;
+
+  // webrtc::DtlsIdentityStoreInterface override;
+  // Initialize will start to preemptively generating an RSA identity in the
+  // background, if the worker thread is not the same as the signaling thread.
+  void Initialize() override;
+  // webrtc::DtlsIdentityStoreInterface override;
+  void RequestIdentity(rtc::KeyType key_type,
+                       webrtc::DtlsIdentityRequestObserver* observer) override;
 
   // rtc::MessageHandler override;
   void OnMessage(rtc::Message* msg) override;
 
-  // Returns true if there is a free identity, used for unit tests.
-  bool HasFreeIdentityForTesting() const;
+  // Returns true if there is a free RSA identity, used for unit tests.
+  bool HasFreeIdentityForTesting(rtc::KeyType key_type = rtc::KT_RSA) const;
 
  private:
+  void GenerateIdentity(rtc::KeyType key_type,
+                        webrtc::DtlsIdentityRequestObserver* observer);
+  void OnIdentityGenerated(rtc::KeyType key_type,
+                           rtc::scoped_ptr<rtc::SSLIdentity> identity);
+
+  class WorkerTask;
+  typedef rtc::ScopedMessageData<DtlsIdentityStoreImpl::WorkerTask>
+      WorkerTaskMessageData;
+
+  // A key type-identity pair.
+  struct IdentityResult {
+    IdentityResult(rtc::KeyType key_type, rtc::SSLIdentity* identity)
+        : key_type_(key_type), identity_(identity) {}
+
+    rtc::KeyType key_type_;
+    rtc::scoped_ptr<rtc::SSLIdentity> identity_;
+  };
+  typedef rtc::ScopedMessageData<IdentityResult> IdentityResultMessageData;
+
   sigslot::signal0<> SignalDestroyed;
-  class WorkerTask;
-  typedef rtc::ScopedMessageData<DtlsIdentityStore::WorkerTask>
-      IdentityTaskMessageData;
-
-  void GenerateIdentity();
-  void OnIdentityGenerated(rtc::scoped_ptr<rtc::SSLIdentity> identity);
-  void ReturnIdentity(rtc::scoped_ptr<rtc::SSLIdentity> identity);
-
-  void PostGenerateIdentityResult_w(rtc::scoped_ptr<rtc::SSLIdentity> identity);
 
   rtc::Thread* const signaling_thread_;
+  // TODO(hbos): RSA generation is slow and would be VERY slow if we switch over
+  // to 2048, DtlsIdentityStore should use a new thread and not the "general
+  // purpose" worker thread.
   rtc::Thread* const worker_thread_;
 
-  // These members should be accessed on the signaling thread only.
-  int pending_jobs_;
-  rtc::scoped_ptr<rtc::SSLIdentity> free_identity_;
-  typedef std::queue<rtc::scoped_refptr<webrtc::DTLSIdentityRequestObserver>>
-      ObserverList;
-  ObserverList pending_observers_;
+  typedef rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver> RefObserver;
+  std::list<RefObserver> request_observers_[rtc::KT_LAST];
+  int gen_in_progress_counts_[rtc::KT_LAST];
+  rtc::scoped_ptr<rtc::SSLIdentity> free_identities_[rtc::KT_LAST];

[hbos, 2015/06/18 08:43:13]

(This makes it easy to support preemptive generation for other key types than
RSA in the future. Since we only do it for KT_RSA though this doesn't have to be
an array.)

 };
 
 }  // namespace webrtc
 
 #endif  // TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_