Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1161)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/client_key_store.h

Issue 2937553003: Make CertificateProviderService vend ClientCertIdentities directly. (Closed)
Patch Set: review changes for comments 11 & 12 Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/BUILD.gn ('k') | net/ssl/client_key_store.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef NET_SSL_CLIENT_KEY_STORE_H_
6 #define NET_SSL_CLIENT_KEY_STORE_H_
7
8 #include <memory>
9 #include <vector>
10
11 #include "base/callback.h"
12 #include "base/lazy_instance.h"
13 #include "base/macros.h"
14 #include "base/synchronization/lock.h"
15 #include "net/base/net_export.h"
16
17 namespace net {
18
19 class SSLPrivateKey;
20 class X509Certificate;
21
22 // TODO(mattm): This is now used only by
23 // chrome/browser/chromeos/net/client_cert_store_chromeos.cc. Move it to
24 // chrome/browser/chromeos/net, or just have client_cert_store_chromeos.cc
25 // directly call whatever.
26 // TODO(rsleevi, davidben): Remove this once https://crbug.com/394131 is fixed.
27 // A certificate and key store that allows several external certificate
28 // providers to expose certificates and keys through this store. All currently
29 // provided certificates will be accessible through |FetchClientCertPrivateKey|.
30 // Methods of this singleton can be called from any thread.
31 class NET_EXPORT ClientKeyStore {
32 public:
33 class CertKeyProvider {
34 public:
35 // This can be called from any thread.
36 virtual ~CertKeyProvider() {}
37
38 // Obtains a handle to the certificate private key for |cert| and stores it
39 // in |private_key|.
40 // If the CertKeyProvider does not know about the |cert|, returns false. If
41 // it knows about the certificate, but is unable to return the private key,
42 // returns true and sets |*private_key| to nullptr.
43 // This can be called from any thread.
44 virtual bool GetCertificateKey(
45 const X509Certificate& cert,
46 scoped_refptr<SSLPrivateKey>* private_key) = 0;
47 };
48
49 static ClientKeyStore* GetInstance();
50
51 // The |provider| will be accessed on any thread but no concurrent method
52 // invocations will happen. |provider| must be valid until it is removed using
53 // |RemoveProvider| or the store is destroyed.
54 void AddProvider(CertKeyProvider* provider);
55
56 void RemoveProvider(const CertKeyProvider* provider);
57
58 // Given a |certificate|'s public key, return the corresponding private
59 // key if any of the registered providers has a matching key.
60 // Returns its matching private key on success, nullptr otherwise.
61 scoped_refptr<SSLPrivateKey> FetchClientCertPrivateKey(
62 const X509Certificate& certificate);
63
64 private:
65 friend struct base::LazyInstanceTraitsBase<ClientKeyStore>;
66
67 ClientKeyStore();
68 ~ClientKeyStore();
69
70 base::Lock lock_;
71 std::vector<CertKeyProvider*> providers_;
72
73 DISALLOW_COPY_AND_ASSIGN(ClientKeyStore);
74 };
75
76 } // namespace net
77
78 #endif // NET_SSL_CLIENT_KEY_STORE_H_
OLDNEW
« no previous file with comments | « net/BUILD.gn ('k') | net/ssl/client_key_store.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698