Add net/android/keystore.h

net/android/keystore_openssl.h

+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_ANDROID_KEYSTORE_OPENSSL_H
+#define NET_ANDROID_KEYSTORE_OPENSSL_H
+
+#include <jni.h>
+#include <openssl/evp.h>
+
+namespace net {
+namespace android {
+
+// Create a custom OpenSSL EVP_PKEY instance that wraps a platform
+// java.security.PrivateKey object, and will call the platform APIs
+// through JNI to implement signing (and only signing).
+//
+// This shall only be used to implement client certificate handling.
+//
+// |private_key| is a JNI local (or global) reference to the Java
+// PrivateKey object.
+//
+// Returns a new EVP_PKEY* object with the following features:
+//
+// - Only contains a private key.
+//
+// - Owns its own _global_ JNI reference to the object. This means the
+//   caller can free |private_key| safely after the call, and that the
+//   the returned EVP_PKEY instance can be used from any thread.
+//
+// - Uses a custom method to implement the minimum functions required to
+//   *sign* the digest that is part of the "Verify Certificate" message
+//   during the OpenSSL handshake. Anything else will result in an
+//   error returned to OpenSSL.
+//
+EVP_PKEY* GetOpenSSLPrivateKeyWrapper(jobject private_key);
+
+}  // namespace android
+}  // namespace net
+
+#endif  // NET_ANDROID_KEYSTORE_OPENSSL_H