net/ssl/openssl_client_key_store.h - Issue 2898573002: Refactor client cert private key handling.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/ssl/openssl_client_key_store.h

Issue 2898573002: Refactor client cert private key handling. (Closed)

Patch Set: removed no longer needed forward declaration Created 3 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
	(Empty)
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.

4

5 #ifndef NET_SSL_OPENSSL_CLIENT_KEY_STORE_H_

6 #define NET_SSL_OPENSSL_CLIENT_KEY_STORE_H_

7

8 #include <map>

9 #include <string>

10

11 #include "base/macros.h"

12 #include "base/memory/ref_counted.h"

13 #include "base/memory/singleton.h"

14 #include "net/base/net_export.h"

15 #include "third_party/boringssl/src/include/openssl/base.h"

16

17 namespace net {

18

19 class SSLPrivateKey;

20 class X509Certificate;

21

22 // OpenSSLClientKeyStore implements an in-memory store for client

23 // certificate private keys, because the platforms where OpenSSL is

24 // used do not provide a way to retrieve the private key of a known

25 // certificate.

26 //

27 // This class is not thread-safe and should only be used from the network

28 // thread.

29 class NET_EXPORT OpenSSLClientKeyStore {

30 public:

31 // Platforms must define this factory function as appropriate.

32 static OpenSSLClientKeyStore* GetInstance();

33

34 // Record the association between a certificate and its

35 // private key. This method should be called _before_

36 // FetchClientCertPrivateKey to ensure that the private key is returned

37 // when it is called later. The association is recorded in memory

38 // exclusively.

39 // \|cert\| is a handle to a certificate object.

40 // \|private_key\| is an SSLPrivateKey that corresponds to the certificate's

41 // private key.

42 // Returns false if an error occured.

43 bool RecordClientCertPrivateKey(const X509Certificate* cert,

44 scoped_refptr<SSLPrivateKey> key);

45

46 // Given a certificate's \|public_key\|, return the corresponding private

47 // key that has been recorded previously by RecordClientCertPrivateKey().

48 // \|cert\| is a client certificate.

49 // Returns its matching private key on success, NULL otherwise.

50 scoped_refptr<SSLPrivateKey> FetchClientCertPrivateKey(

51 const X509Certificate* cert);

52

53 // Flush all recorded keys.

54 void Flush();

55

56 private:

57 OpenSSLClientKeyStore();

58 ~OpenSSLClientKeyStore();

59

60 // Maps from the serialized SubjectPublicKeyInfo structure to the

61 // corresponding private key.

62 std::map<std::string, scoped_refptr<net::SSLPrivateKey>> key_map_;

63

64 friend struct base::DefaultSingletonTraits<OpenSSLClientKeyStore>;

65

66 DISALLOW_COPY_AND_ASSIGN(OpenSSLClientKeyStore);

67 };

68

69 } // namespace net

70

71 #endif // NET_SSL_OPENSSL_CLIENT_KEY_STORE_H_

OLD	NEW

« no previous file with comments | « net/ssl/client_key_store.h ('k') | net/ssl/openssl_client_key_store.cc » ('j') | no next file with comments »