net/base/openssl_private_key_store_android.cc - Issue 12220104: Wire up SSL client authentication for OpenSSL/Android through the net/ stack

Unified Diff: net/base/openssl_private_key_store_android.cc

Issue 12220104: Wire up SSL client authentication for OpenSSL/Android through the net/ stack (Closed) Base URL: http://git.chromium.org/chromium/src.git@master

Patch Set: remove chrome/browser changes + fix linux_redux build Created 7 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« net/base/openssl_private_key_store.h ('K') | « net/base/openssl_private_key_store.cc ('k') | net/base/openssl_private_key_store_unittest.cc » ('j') | net/base/openssl_private_key_store_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: net/base/openssl_private_key_store_android.cc

diff --git a/net/base/openssl_private_key_store_android.cc b/net/base/openssl_private_key_store_android.cc

index 4bf1f3fedcb555fd316acfa0a183f0972079146b..59c5e4d593adf29313d5f88f8e647d77aab685e4 100644

--- a/net/base/openssl_private_key_store_android.cc

+++ b/net/base/openssl_private_key_store_android.cc

@@ -9,18 +9,31 @@

#include "base/logging.h"

#include "base/memory/singleton.h"

-#include "crypto/openssl_util.h"

#include "net/android/network_library.h"

namespace net {

namespace {

+// Android-specific implementation of OpenSSLPrivateKeyStore.

+// This uses platform APIs to store the private/public keygened

+// pair to the system's keychain.

class OpenSSLKeyStoreAndroid : public OpenSSLPrivateKeyStore {

public:

- ~OpenSSLKeyStoreAndroid() {}

+ OpenSSLKeyStoreAndroid() {}

+ virtual ~OpenSSLKeyStoreAndroid() {}

- virtual bool StorePrivateKey(const GURL& url, EVP_PKEY* pkey) {

+ static OpenSSLKeyStoreAndroid* GetInstance() {

+ // A leaky singleton is needed because the keystore is called from

+ // a non-joinable thread that may be running after shutdown.

+ typedef LeakySingletonTraits<OpenSSLKeyStoreAndroid>

+ OpenSSLKeyStoreAndroidLeakyTraits;

+ return Singleton

+ <OpenSSLKeyStoreAndroid, OpenSSLKeyStoreAndroidLeakyTraits>::get();

+ }

+ virtual bool StoreKeyPair(const GURL& url, EVP_PKEY* pkey) OVERRIDE {

// Always clear openssl errors on exit.

crypto::OpenSSLErrStackTracer err_trace(FROM_HERE);

@@ -45,34 +58,14 @@ class OpenSSLKeyStoreAndroid : public OpenSSLPrivateKeyStore {

static_cast<const uint8*>(public_key), public_len,

static_cast<const uint8*>(private_key), private_len);

}

- LOG_IF(ERROR, !ret) << "StorePrivateKey failed. pub len = " << public_len

+ LOG_IF(ERROR, !ret) << "StoreKeyPair failed. pub len = " << public_len

<< " priv len = " << private_len;

OPENSSL_free(public_key);

OPENSSL_free(private_key);

return ret;

}

- virtual EVP_PKEY* FetchPrivateKey(EVP_PKEY* pkey) {

- // TODO(joth): Implement when client authentication is required.

- NOTIMPLEMENTED();

- return NULL;

- }

- static OpenSSLKeyStoreAndroid* GetInstance() {

- // Leak the OpenSSL key store as it is used from a non-joinable worker

- // thread that may still be running at shutdown.

- return Singleton<

- OpenSSLKeyStoreAndroid,

- OpenSSLKeyStoreAndroidLeakyTraits>::get();

- }

private:

- friend struct DefaultSingletonTraits<OpenSSLKeyStoreAndroid>;

- typedef LeakySingletonTraits<OpenSSLKeyStoreAndroid>

- OpenSSLKeyStoreAndroidLeakyTraits;

- OpenSSLKeyStoreAndroid() {}

DISALLOW_COPY_AND_ASSIGN(OpenSSLKeyStoreAndroid);

};