Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1132)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/base/openssl_private_key_store_android.cc

Issue 12220104: Wire up SSL client authentication for OpenSSL/Android through the net/ stack (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: address nits Created 7 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/base/openssl_private_key_store.h ('K') | « net/base/openssl_private_key_store.h ('k') | net/base/openssl_private_key_store_memory.cc » ('j') | net/socket/ssl_client_socket_openssl_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/base/openssl_private_key_store_android.cc
diff --git a/net/base/openssl_private_key_store_android.cc b/net/base/openssl_private_key_store_android.cc
index 4bf1f3fedcb555fd316acfa0a183f0972079146b..808a87771cdef19e5e1df0c2491702bac790a718 100644
--- a/net/base/openssl_private_key_store_android.cc
+++ b/net/base/openssl_private_key_store_android.cc
@@ -9,77 +9,41 @@
#include "base/logging.h"
#include "base/memory/singleton.h"
-#include "crypto/openssl_util.h"
#include "net/android/network_library.h"
namespace net {
-namespace {
-
-class OpenSSLKeyStoreAndroid : public OpenSSLPrivateKeyStore {
- public:
- ~OpenSSLKeyStoreAndroid() {}
-
- virtual bool StorePrivateKey(const GURL& url, EVP_PKEY* pkey) {
- // Always clear openssl errors on exit.
- crypto::OpenSSLErrStackTracer err_trace(FROM_HERE);
-
- // Important: Do not use i2d_PublicKey() here, which returns data in
- // PKCS#1 format, use i2d_PUBKEY() which returns it as DER-encoded
- // SubjectPublicKeyInfo (X.509), as expected by the platform.
- unsigned char* public_key = NULL;
- int public_len = i2d_PUBKEY(pkey, &public_key);
-
- // Important: Do not use i2d_PrivateKey() here, it returns data
- // in a format that is incompatible with what the platform expects.
- unsigned char* private_key = NULL;
- int private_len = 0;
- crypto::ScopedOpenSSL<PKCS8_PRIV_KEY_INFO,
- PKCS8_PRIV_KEY_INFO_free> pkcs8(EVP_PKEY2PKCS8(pkey));
- if (pkcs8.get() != NULL) {
- private_len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &private_key);
- }
- bool ret = false;
- if (public_len > 0 && private_len > 0) {
- ret = net::android::StoreKeyPair(
- static_cast<const uint8*>(public_key), public_len,
- static_cast<const uint8*>(private_key), private_len);
- }
- LOG_IF(ERROR, !ret) << "StorePrivateKey failed. pub len = " << public_len
- << " priv len = " << private_len;
- OPENSSL_free(public_key);
- OPENSSL_free(private_key);
- return ret;
- }
-
- virtual EVP_PKEY* FetchPrivateKey(EVP_PKEY* pkey) {
- // TODO(joth): Implement when client authentication is required.
- NOTIMPLEMENTED();
- return NULL;
+bool OpenSSLPrivateKeyStore::StoreKeyPair(const GURL& url,
+ EVP_PKEY* pkey) {
+ // Always clear openssl errors on exit.
+ crypto::OpenSSLErrStackTracer err_trace(FROM_HERE);
+
+ // Important: Do not use i2d_PublicKey() here, which returns data in
+ // PKCS#1 format, use i2d_PUBKEY() which returns it as DER-encoded
+ // SubjectPublicKeyInfo (X.509), as expected by the platform.
+ unsigned char* public_key = NULL;
+ int public_len = i2d_PUBKEY(pkey, &public_key);
+
+ // Important: Do not use i2d_PrivateKey() here, it returns data
+ // in a format that is incompatible with what the platform expects.
+ unsigned char* private_key = NULL;
+ int private_len = 0;
+ crypto::ScopedOpenSSL<PKCS8_PRIV_KEY_INFO,
+ PKCS8_PRIV_KEY_INFO_free> pkcs8(EVP_PKEY2PKCS8(pkey));
Ryan Sleevi 2013/02/28 00:58:35 style: crypto::ScopedOpenSSL<PKCS8_PRIV_KEY_INFO,
digit1 2013/02/28 15:46:56 Done.
+ if (pkcs8.get() != NULL) {
+ private_len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &private_key);
}
-
- static OpenSSLKeyStoreAndroid* GetInstance() {
- // Leak the OpenSSL key store as it is used from a non-joinable worker
- // thread that may still be running at shutdown.
- return Singleton<
- OpenSSLKeyStoreAndroid,
- OpenSSLKeyStoreAndroidLeakyTraits>::get();
+ bool ret = false;
+ if (public_len > 0 && private_len > 0) {
+ ret = net::android::StoreKeyPair(
+ static_cast<const uint8*>(public_key), public_len,
+ static_cast<const uint8*>(private_key), private_len);
Ryan Sleevi 2013/02/28 00:58:35 style: indents - four spaces here.
digit1 2013/02/28 15:46:56 Done.
}
-
- private:
- friend struct DefaultSingletonTraits<OpenSSLKeyStoreAndroid>;
- typedef LeakySingletonTraits<OpenSSLKeyStoreAndroid>
- OpenSSLKeyStoreAndroidLeakyTraits;
-
- OpenSSLKeyStoreAndroid() {}
-
- DISALLOW_COPY_AND_ASSIGN(OpenSSLKeyStoreAndroid);
-};
-
-} // namespace
-
-OpenSSLPrivateKeyStore* OpenSSLPrivateKeyStore::GetInstance() {
- return OpenSSLKeyStoreAndroid::GetInstance();
+ LOG_IF(ERROR, !ret) << "StoreKeyPair failed. pub len = " << public_len
+ << " priv len = " << private_len;
+ OPENSSL_free(public_key);
+ OPENSSL_free(private_key);
+ return ret;
}
} // namespace net
« net/base/openssl_private_key_store.h ('K') | « net/base/openssl_private_key_store.h ('k') | net/base/openssl_private_key_store_memory.cc » ('j') | net/socket/ssl_client_socket_openssl_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698