1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "net/cert/cert_database.h" 6 7 #include "base/logging.h" 8 #include "base/observer_list_threadsafe.h" 9 #include "net/base/net_errors.h" 10 #include "net/ssl/openssl_client_key_store.h" 11 12 namespace net { 13 14 CertDatabase::CertDatabase() 15 : observer_list_(new ObserverListThreadSafe<Observer>) { 16 } 17 18 CertDatabase::~CertDatabase() {} 19 20 int CertDatabase::CheckUserCert(X509Certificate* cert) { 21 // NOTE: This method shall never be called on Android. 22 // 23 // On other platforms, it is only used by the SSLAddCertHandler class 24 // to handle veritication and installation of downloaded certificates. 25 // 26 // On Android, the certificate data is passed directly to the system's 27 // CertInstaller activity, which handles verification, naming, 28 // installation and UI (for success/failure). 29 NOTIMPLEMENTED(); 30 return ERR_NOT_IMPLEMENTED; 31 } 32 33 int CertDatabase::AddUserCert(X509Certificate* cert) { 34 // This method is only used by the content SSLAddCertHandler which is 35 // never used on Android. 36 NOTIMPLEMENTED(); 37 return ERR_NOT_IMPLEMENTED; 38 } 39 40 void CertDatabase::OnAndroidKeyStoreChanged() { 41 NotifyObserversOfCertAdded(NULL); 42 // Dump the OpenSSLClientKeyStore to drop references to now disconnected 43 // PrivateKeys stored in the in-memory key store. Note: this assumes that 44 // every SSLClientAuthCache is dumped as part of notifying 45 // OnCertAdded. Otherwise client auth decisions will be silently converted to 46 // no-certificate decisions. See https://crbug.com/382696 47 OpenSSLClientKeyStore::GetInstance()->Flush(); 48 } 49 50 void CertDatabase::OnAndroidKeyChainChanged() { 51 observer_list_->Notify(&Observer::OnCACertChanged, 52 scoped_refptr<X509Certificate>()); 53 } 54 55 } // namespace net 56