summaryrefslogtreecommitdiffstats
path: root/net/base/openssl_private_key_store.h
blob: 17f8fe1b05215271b2006fa09f79e241df63ee59 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
// Copyright (c) 2010 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef NET_BASE_OPENSSL_PRIVATE_KEY_STORE_H_
#define NET_BASE_OPENSSL_PRIVATE_KEY_STORE_H_
#pragma once

#include "base/basictypes.h"

typedef struct evp_pkey_st EVP_PKEY;

class GURL;

namespace net {

// Defines an abstract store for private keys; the OpenSSL library does not
// provide this service so it is left to individual platforms to provide it.
//
// The contract is that the private key will be stored in an appropriate secure
// system location, and be available to the SSLClientSocketOpenSSL when using a
// client certificate created against the associated public key for client
// authentication.
class OpenSSLPrivateKeyStore {
 public:
  // Platforms must define this factory function as appropriate.
  static OpenSSLPrivateKeyStore* GetInstance();

  virtual ~OpenSSLPrivateKeyStore() {}

  // Called to store a private key generated via <keygen> while visiting |url|.
  // Does not takes ownership of |pkey|, the caller reamins responsible to
  // EVP_PKEY_free it. (Internally, a copy maybe made or the reference count
  // incremented).
  // Returns false if an error occurred whilst attempting to store the key.
  virtual bool StorePrivateKey(const GURL& url, EVP_PKEY* pkey) = 0;

  // Given a |public_key| part returns the corresponding private key, or NULL
  // if no key found. Does NOT return ownership.
  virtual EVP_PKEY* FetchPrivateKey(EVP_PKEY* public_key) = 0;

 protected:
  OpenSSLPrivateKeyStore() {}

 private:
  DISALLOW_COPY_AND_ASSIGN(OpenSSLPrivateKeyStore);
};

} // namespace net

#endif  // NET_BASE_OPENSSL_PRIVATE_KEY_STORE_H_