diff options
| author | digit@chromium.org <digit@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-03-02 22:54:41 +0000 |
|---|---|---|
| committer | digit@chromium.org <digit@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-03-02 22:54:41 +0000 |
| commit | ede323ea8e0058192e9cfa0ca2b76a49ae7cbf61 (patch) | |
| tree | 5f424cfcc2539f1033d73f53e75e6f0926e12de5 /net/base/test_data_directory.h | |
| parent | f8a6d73cfd917aa72bd8264ae1bc5c3ec4da24dc (diff) | |
| download | chromium_src-ede323ea8e0058192e9cfa0ca2b76a49ae7cbf61.zip chromium_src-ede323ea8e0058192e9cfa0ca2b76a49ae7cbf61.tar.gz chromium_src-ede323ea8e0058192e9cfa0ca2b76a49ae7cbf61.tar.bz2 | |
Wire up SSL client authentication for OpenSSL/Android through the net/ stack
Because OpenSSL/Android do not have the ability to discover
if a private key exists for a given certificate/public key,
net::OpenSSLClientKeyStore is used instead to store that
information. OpenSSLClientKeyStore is fed information by
higher layers, which are expected to use JNI and the Android
KeyChain APIs to discover the associated private key/alias
for a given certificate.
Other work in this CL:
- Moved generate-client-certificates.sh to net/data/ssl/scripts/
from net/data/ssl/scripts/client_authentication/
Also removed the run-test-server.sh script which is
only used to perform manual local testing.
Updated the client certificates under net/data/ssl/certificates/
and list then properly in the README file.
- Added new unit test to check OpenSSL-based client
authentication against the TestServer. Details are in
net/socket/ssl_client_socket_openssl_unittests.cc
- Modified generate-client-certificates.sh script to use
a password for the client certificates it generates.
This is to work around a platform bug in Android 4.0.3
and older, where the CertInstaller cannot install
password-less PKCS#12 files. The password is 'chrome'.
- Added GetTestClientCertsDirectory() to
net/base/test_data_directory.h to deal with the fact
that remote and local test servers don't accept the
same kind of paths when reading the |client_authorities|
field of an SSLConfig object.
BUG=166642, 172902, 134418
Review URL: https://chromiumcodereview.appspot.com/12220104
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@185785 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/test_data_directory.h')
| -rw-r--r-- | net/base/test_data_directory.h | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/net/base/test_data_directory.h b/net/base/test_data_directory.h index 81e7152..115f497 100644 --- a/net/base/test_data_directory.h +++ b/net/base/test_data_directory.h @@ -13,9 +13,11 @@ namespace net { // tree that contains certificates for testing. base::FilePath GetTestCertsDirectory(); -// Returns the base::FilePath object representing the path to the certificate -// directory in relation to the source root. -base::FilePath GetTestCertsDirectoryRelative(); +// Returns the base::FilePath object representing the path to client +// certificate files to be used in the |client_authorities| list +// of a net::SSLConfig object. For all other uses, use +// GetTestCertsDirectory() instead. +base::FilePath GetTestClientCertsDirectory(); // Returns the base::FilePath object representing the relative path containing // resource files for testing WebSocket. Typically the FilePath will be used as |