OLD | NEW |
(Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef NET_SSL_CLIENT_KEY_STORE_H_ |
| 6 #define NET_SSL_CLIENT_KEY_STORE_H_ |
| 7 |
| 8 #include <vector> |
| 9 |
| 10 #include "base/callback.h" |
| 11 #include "base/lazy_instance.h" |
| 12 #include "base/macros.h" |
| 13 #include "base/memory/scoped_ptr.h" |
| 14 #include "base/synchronization/lock.h" |
| 15 #include "net/base/net_export.h" |
| 16 |
| 17 namespace net { |
| 18 |
| 19 class SSLPrivateKey; |
| 20 class X509Certificate; |
| 21 |
| 22 // TODO(rsleevi, davidben): Remove this once https://crbug.com/394131 is fixed. |
| 23 // A certificate and key store that allows several external certificate |
| 24 // providers to expose certificates and keys through this store. All currently |
| 25 // provided certificates will be accessible through |FetchClientCertPrivateKey|. |
| 26 // Methods of this singleton can be called from any thread. |
| 27 class NET_EXPORT ClientKeyStore { |
| 28 public: |
| 29 class CertKeyProvider { |
| 30 public: |
| 31 // This can be called from any thread. |
| 32 virtual ~CertKeyProvider() {} |
| 33 |
| 34 // Obtains a handle to the certificate private key for |cert| and stores it |
| 35 // in |private_key|. |
| 36 // If the CertKeyProvider does not know about the |cert|, returns false. If |
| 37 // it knows about the certificate, but is unable to return the private key, |
| 38 // returns true and sets |*private_key| to nullptr. |
| 39 // This can be called from any thread. |
| 40 virtual bool GetCertificateKey(const X509Certificate& cert, |
| 41 scoped_ptr<SSLPrivateKey>* private_key) = 0; |
| 42 }; |
| 43 |
| 44 static ClientKeyStore* GetInstance(); |
| 45 |
| 46 // The |provider| will be accessed on any thread but no concurrent method |
| 47 // invocations will happen. |provider| must be valid until it is removed using |
| 48 // |RemoveProvider| or the store is destroyed. |
| 49 void AddProvider(CertKeyProvider* provider); |
| 50 |
| 51 void RemoveProvider(const CertKeyProvider* provider); |
| 52 |
| 53 // Given a |certificate|'s public key, return the corresponding private |
| 54 // key if any of the registered providers has a matching key. |
| 55 // Returns its matching private key on success, nullptr otherwise. |
| 56 scoped_ptr<SSLPrivateKey> FetchClientCertPrivateKey( |
| 57 const X509Certificate& certificate); |
| 58 |
| 59 private: |
| 60 friend struct base::DefaultLazyInstanceTraits<ClientKeyStore>; |
| 61 |
| 62 ClientKeyStore(); |
| 63 ~ClientKeyStore(); |
| 64 |
| 65 base::Lock lock_; |
| 66 std::vector<CertKeyProvider*> providers_; |
| 67 |
| 68 DISALLOW_COPY_AND_ASSIGN(ClientKeyStore); |
| 69 }; |
| 70 |
| 71 } // namespace net |
| 72 |
| 73 #endif // NET_SSL_CLIENT_KEY_STORE_H_ |
OLD | NEW |