net/ssl/openssl_platform_key.h - Issue 396803002: Implement TLS client auth in the OS X OpenSSL port.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/ssl/openssl_platform_key.h

Issue 396803002: Implement TLS client auth in the OS X OpenSSL port. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Mark keys as opaque. Created 6 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
(Empty)
	1 // Copyright 2014 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef NET_SSL_OPENSSL_PLATFORM_KEY_H_

	6 #define NET_SSL_OPENSSL_PLATFORM_KEY_H_

	7

	8 #include "crypto/scoped_openssl_types.h"

	9

	10 namespace net {

	11

	12 class X509Certificate;

	13

	14 // Looks up the private key from the platform key store corresponding

	15 // to \|certificate\|'s public key. Then wraps it in an OpenSSL EVP_PKEY

	16 // structure to be used for SSL client auth.

	17 //

	18 // TODO(davidben): This combines looking up a private key with

	19 // wrapping it in an OpenSSL structure. This will be separated with

	20 // https://crbug.com/394131

	21 crypto::ScopedEVP_PKEY FetchClientCertPrivateKey(
	Ryan Sleevi 2014/07/23 22:38:47 I've mentioned in the past, I don't think we want I've mentioned in the past, I don't think we want to continue this pattern of globals like this. In the least, this won't really work for Linux/ChromeOS, which need some set of context objects (//content/browser/net/nss_context ), which is basically a handle to "the user's key store". You've talked repeatedly of pushing the key in, rather than having the socket grab the key globally. Why not do that now, since that's where we need to go anyways for CrOS?
	22 const X509Certificate* certificate);

	23

	24 } // namespace net

	25

	26 #endif // NET_SSL_OPENSSL_PLATFORM_KEY_H_

OLD	NEW