Export verified_cert and public_key_hashes on Android.

net/android/network_library.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/android/network_library.h"
 
 #include "base/android/jni_android.h"
 #include "base/android/jni_array.h"
 #include "base/android/jni_string.h"
 #include "base/android/scoped_java_ref.h"
 #include "base/logging.h"
 #include "jni/AndroidNetworkLibrary_jni.h"
 
 using base::android::AttachCurrentThread;
 using base::android::ClearException;
 using base::android::ConvertJavaStringToUTF8;
 using base::android::ConvertUTF8ToJavaString;
 using base::android::GetApplicationContext;
 using base::android::ScopedJavaLocalRef;
 using base::android::ToJavaArrayOfByteArray;
 using base::android::ToJavaByteArray;
 
 namespace net {
 namespace android {
 
-CertVerifyResultAndroid VerifyX509CertChain(
-    const std::vector<std::string>& cert_chain,
-    const std::string& auth_type) {
+void VerifyX509CertChain(const std::vector<std::string>& cert_chain,
+                         const std::string& auth_type,
+                         const std::string& host,
+                         CertVerifyStatusAndroid* status,
+                         bool* is_issued_by_known_root,
+                         std::vector<std::string>* verified_chain) {
   JNIEnv* env = AttachCurrentThread();
 
   ScopedJavaLocalRef<jobjectArray> chain_byte_array =
       ToJavaArrayOfByteArray(env, cert_chain);
   DCHECK(!chain_byte_array.is_null());
 
   ScopedJavaLocalRef<jstring> auth_string =
       ConvertUTF8ToJavaString(env, auth_type);
   DCHECK(!auth_string.is_null());
 
-  jint result = Java_AndroidNetworkLibrary_verifyServerCertificates(
-      env, chain_byte_array.obj(), auth_string.obj());
+  ScopedJavaLocalRef<jstring> host_string =
+      ConvertUTF8ToJavaString(env, host);
+  DCHECK(!host_string.is_null());
 
-  return static_cast<CertVerifyResultAndroid>(result);
+  ScopedJavaLocalRef<jobject> result =
+      Java_AndroidNetworkLibrary_verifyServerCertificates(
+          env, chain_byte_array.obj(), auth_string.obj(), host_string.obj());
+  if (ClearException(env)) {
+    *status = android::VERIFY_FAILED;

[joth, 2014/01/18 00:23:13]

IIRC this shouldn't be needed: AndroidNetworkLibrary.verifyServerCertificates is
marked as @CalledByNative, not @CalledByNativeUnchecked, hence the jni generator
will already have asserted that no excpetion was thrown before
Java_AndroidNetworkLibrary_verifyServerCertificates returns.

+    return;
+  }
+
+  ExtractCertVerifyResult(result.obj(),
+                          status, is_issued_by_known_root, verified_chain);
 }
 
 void AddTestRootCertificate(const uint8* cert, size_t len) {
   JNIEnv* env = AttachCurrentThread();
   ScopedJavaLocalRef<jbyteArray> cert_array = ToJavaByteArray(env, cert, len);
   DCHECK(!cert_array.is_null());
   Java_AndroidNetworkLibrary_addTestRootCertificate(env, cert_array.obj());
 }
 
 void ClearTestRootCertificates() {
@@ skipping 60 matching lines @@
   *result = ConvertJavaStringToUTF8(ret);
   return true;
 }
 
 bool RegisterNetworkLibrary(JNIEnv* env) {
   return RegisterNativesImpl(env);
 }
 
 }  // namespace android
 }  // namespace net