1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "net/cert/cert_database.h" 6 7#include "base/logging.h" 8#include "base/observer_list_threadsafe.h" 9#include "net/base/net_errors.h" 10#include "net/ssl/openssl_client_key_store.h" 11 12namespace net { 13 14CertDatabase::CertDatabase() 15 : observer_list_(new ObserverListThreadSafe<Observer>) { 16} 17 18CertDatabase::~CertDatabase() {} 19 20int CertDatabase::CheckUserCert(X509Certificate* cert) { 21 // NOTE: This method shall never be called on Android. 22 // 23 // On other platforms, it is only used by the SSLAddCertHandler class 24 // to handle veritication and installation of downloaded certificates. 25 // 26 // On Android, the certificate data is passed directly to the system's 27 // CertInstaller activity, which handles verification, naming, 28 // installation and UI (for success/failure). 29 NOTIMPLEMENTED(); 30 return ERR_NOT_IMPLEMENTED; 31} 32 33int CertDatabase::AddUserCert(X509Certificate* cert) { 34 // This method is only used by the content SSLAddCertHandler which is 35 // never used on Android. 36 NOTIMPLEMENTED(); 37 return ERR_NOT_IMPLEMENTED; 38} 39 40void CertDatabase::OnAndroidKeyStoreChanged() { 41 NotifyObserversOfCertAdded(NULL); 42 // Dump the OpenSSLClientKeyStore to drop references to now disconnected 43 // PrivateKeys stored in the in-memory key store. Note: this assumes that 44 // every SSLClientAuthCache is dumped as part of notifying 45 // OnCertAdded. Otherwise client auth decisions will be silently converted to 46 // no-certificate decisions. See https://crbug.com/382696 47 OpenSSLClientKeyStore::GetInstance()->Flush(); 48} 49 50void CertDatabase::OnAndroidKeyChainChanged() { 51 observer_list_->Notify(&Observer::OnCACertChanged, 52 scoped_refptr<X509Certificate>()); 53} 54 55} // namespace net 56