Disable rei.com on oopif benchmarks.
[chromium-blink-merge.git] / net / ssl / client_key_store.h
blob51eba4caad9ba9fca0af812590c36797f9435181
1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_SSL_CLIENT_KEY_STORE_H_
6 #define NET_SSL_CLIENT_KEY_STORE_H_
8 #include <vector>
10 #include "base/callback.h"
11 #include "base/lazy_instance.h"
12 #include "base/macros.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "base/synchronization/lock.h"
15 #include "net/base/net_export.h"
17 namespace net {
19 class SSLPrivateKey;
20 class X509Certificate;
22 // TODO(rsleevi, davidben): Remove this once https://crbug.com/394131 is fixed.
23 // A certificate and key store that allows several external certificate
24 // providers to expose certificates and keys through this store. All currently
25 // provided certificates will be accessible through |FetchClientCertPrivateKey|.
26 // Methods of this singleton can be called from any thread.
27 class NET_EXPORT ClientKeyStore {
28 public:
29 class CertKeyProvider {
30 public:
31 // This can be called from any thread.
32 virtual ~CertKeyProvider() {}
34 // Obtains a handle to the certificate private key for |cert| and stores it
35 // in |private_key|.
36 // If the CertKeyProvider does not know about the |cert|, returns false. If
37 // it knows about the certificate, but is unable to return the private key,
38 // returns true and sets |*private_key| to nullptr.
39 // This can be called from any thread.
40 virtual bool GetCertificateKey(const X509Certificate& cert,
41 scoped_ptr<SSLPrivateKey>* private_key) = 0;
44 static ClientKeyStore* GetInstance();
46 // The |provider| will be accessed on any thread but no concurrent method
47 // invocations will happen. |provider| must be valid until it is removed using
48 // |RemoveProvider| or the store is destroyed.
49 void AddProvider(CertKeyProvider* provider);
51 void RemoveProvider(const CertKeyProvider* provider);
53 // Given a |certificate|'s public key, return the corresponding private
54 // key if any of the registered providers has a matching key.
55 // Returns its matching private key on success, nullptr otherwise.
56 scoped_ptr<SSLPrivateKey> FetchClientCertPrivateKey(
57 const X509Certificate& certificate);
59 private:
60 friend struct base::DefaultLazyInstanceTraits<ClientKeyStore>;
62 ClientKeyStore();
63 ~ClientKeyStore();
65 base::Lock lock_;
66 std::vector<CertKeyProvider*> providers_;
68 DISALLOW_COPY_AND_ASSIGN(ClientKeyStore);
71 } // namespace net
73 #endif // NET_SSL_CLIENT_KEY_STORE_H_