| Index: net/base/nss_cert_database.h
|
| diff --git a/net/base/cert_database.h b/net/base/nss_cert_database.h
|
| similarity index 79%
|
| copy from net/base/cert_database.h
|
| copy to net/base/nss_cert_database.h
|
| index 67853165614b5530061eeac76fd56ceb530c107b..9e0310dafecf859490961ded036b0a34c79e7702 100644
|
| --- a/net/base/cert_database.h
|
| +++ b/net/base/nss_cert_database.h
|
| @@ -2,8 +2,8 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#ifndef NET_BASE_CERT_DATABASE_H_
|
| -#define NET_BASE_CERT_DATABASE_H_
|
| +#ifndef NET_BASE_NSS_CERT_DATABASE_H_
|
| +#define NET_BASE_NSS_CERT_DATABASE_H_
|
|
|
| #include <string>
|
| #include <vector>
|
| @@ -15,37 +15,29 @@
|
| #include "net/base/net_export.h"
|
| #include "net/base/x509_certificate.h"
|
|
|
| +template <typename T> struct DefaultSingletonTraits;
|
| +template <class ObserverType> class ObserverListThreadSafe;
|
| +
|
| namespace net {
|
|
|
| class CryptoModule;
|
| typedef std::vector<scoped_refptr<CryptoModule> > CryptoModuleList;
|
|
|
| -// This class provides functions to manipulate the local
|
| -// certificate store.
|
| -
|
| -// TODO(gauravsh): This class could be augmented with methods
|
| -// for all operations that manipulate the underlying system
|
| -// certificate store.
|
| -
|
| -class NET_EXPORT CertDatabase {
|
| +// Provides functions to manipulate the NSS certificate stores.
|
| +class NET_EXPORT NSSCertDatabase {
|
| public:
|
|
|
| - // A CertDatabase::Observer will be notified on certificate database changes.
|
| - // The change could be either a new user certificate is added or trust on
|
| - // a certificate is changed. Observers can register themselves
|
| - // via CertDatabase::AddObserver, and can un-register with
|
| - // CertDatabase::RemoveObserver.
|
| class NET_EXPORT Observer {
|
| public:
|
| virtual ~Observer() {}
|
|
|
| - // Will be called when a new user certificate is added.
|
| + // Will be called when a new certificate is added.
|
| // Called with |cert| == NULL after importing a list of certificates
|
| // in ImportFromPKCS12().
|
| - virtual void OnUserCertAdded(const X509Certificate* cert) {}
|
| + virtual void OnCertAdded(const X509Certificate* cert) {}
|
|
|
| - // Will be called when a user certificate is removed.
|
| - virtual void OnUserCertRemoved(const X509Certificate* cert) {}
|
| + // Will be called when a certificate is removed.
|
| + virtual void OnCertRemoved(const X509Certificate* cert) {}
|
|
|
| // Will be called when a certificate's trust is changed.
|
| // Called with |cert| == NULL after importing a list of certificates
|
| @@ -96,18 +88,8 @@ class NET_EXPORT CertDatabase {
|
| DISTRUSTED_OBJ_SIGN = 1 << 5,
|
| };
|
|
|
| - CertDatabase();
|
| -
|
| - // Check whether this is a valid user cert that we have the private key for.
|
| - // Returns OK or a network error code such as ERR_CERT_CONTAINS_ERRORS.
|
| - int CheckUserCert(X509Certificate* cert);
|
| + static NSSCertDatabase* GetInstance();
|
|
|
| - // Store user (client) certificate. Assumes CheckUserCert has already passed.
|
| - // Returns OK, or ERR_ADD_USER_CERT_FAILED if there was a problem saving to
|
| - // the platform cert database, or possibly other network error codes.
|
| - int AddUserCert(X509Certificate* cert);
|
| -
|
| -#if defined(USE_NSS)
|
| // Get a list of unique certificates in the certificate database (one
|
| // instance of all certificates).
|
| void ListCerts(CertificateList* certs);
|
| @@ -194,26 +176,32 @@ class NET_EXPORT CertDatabase {
|
|
|
| // Check whether cert is stored in a readonly slot.
|
| bool IsReadOnly(const X509Certificate* cert) const;
|
| -#endif
|
|
|
| // Registers |observer| to receive notifications of certificate changes. The
|
| // thread on which this is called is the thread on which |observer| will be
|
| // called back with notifications.
|
| - static void AddObserver(Observer* observer);
|
| + void AddObserver(Observer* observer);
|
|
|
| // Unregisters |observer| from receiving notifications. This must be called
|
| // on the same thread on which AddObserver() was called.
|
| - static void RemoveObserver(Observer* observer);
|
| + void RemoveObserver(Observer* observer);
|
|
|
| private:
|
| + friend struct DefaultSingletonTraits<NSSCertDatabase>;
|
| +
|
| + NSSCertDatabase();
|
| + ~NSSCertDatabase();
|
| +
|
| // Broadcasts notifications to all registered observers.
|
| - static void NotifyObserversOfUserCertAdded(const X509Certificate* cert);
|
| - static void NotifyObserversOfUserCertRemoved(const X509Certificate* cert);
|
| - static void NotifyObserversOfCertTrustChanged(const X509Certificate* cert);
|
| + void NotifyObserversOfCertAdded(const X509Certificate* cert);
|
| + void NotifyObserversOfCertRemoved(const X509Certificate* cert);
|
| + void NotifyObserversOfCertTrustChanged(const X509Certificate* cert);
|
| +
|
| + const scoped_refptr<ObserverListThreadSafe<Observer> > observer_list_;
|
|
|
| - DISALLOW_COPY_AND_ASSIGN(CertDatabase);
|
| + DISALLOW_COPY_AND_ASSIGN(NSSCertDatabase);
|
| };
|
|
|
| } // namespace net
|
|
|
| -#endif // NET_BASE_CERT_DATABASE_H_
|
| +#endif // NET_BASE_NSS_CERT_DATABASE_H_
|
|
|
Chromium Code Reviews
Issue 10916094:
Move the NSS functions out of CertDatabase into a new NSSCertDatabase class. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src