Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(72)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/nss_cert_database.h

Issue 111273002: NSSCertDatabaseChromeOS (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: review changes Created 7 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/cert/cert_database_nss.cc ('k') | net/cert/nss_cert_database.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_CERT_NSS_CERT_DATABASE_H_ 5 #ifndef NET_CERT_NSS_CERT_DATABASE_H_
6 #define NET_CERT_NSS_CERT_DATABASE_H_ 6 #define NET_CERT_NSS_CERT_DATABASE_H_
7 7
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
11 #include "base/basictypes.h" 11 #include "base/basictypes.h"
12 #include "base/memory/ref_counted.h" 12 #include "base/memory/ref_counted.h"
13 #include "base/strings/string16.h" 13 #include "base/strings/string16.h"
14 #include "crypto/scoped_nss_types.h" 14 #include "crypto/scoped_nss_types.h"
15 #include "net/base/net_export.h" 15 #include "net/base/net_export.h"
16 #include "net/cert/cert_type.h" 16 #include "net/cert/cert_type.h"
17 #include "net/cert/x509_certificate.h" 17 #include "net/cert/x509_certificate.h"
18 18
19 template <typename T> struct DefaultSingletonTraits; 19 namespace base {
20 template <typename T> struct DefaultLazyInstanceTraits;
21 }
20 template <class ObserverType> class ObserverListThreadSafe; 22 template <class ObserverType> class ObserverListThreadSafe;
21 23
22 namespace net { 24 namespace net {
23 25
24 class CryptoModule; 26 class CryptoModule;
25 typedef std::vector<scoped_refptr<CryptoModule> > CryptoModuleList; 27 typedef std::vector<scoped_refptr<CryptoModule> > CryptoModuleList;
26 28
27 // Provides functions to manipulate the NSS certificate stores. 29 // Provides functions to manipulate the NSS certificate stores.
28 class NET_EXPORT NSSCertDatabase { 30 class NET_EXPORT NSSCertDatabase {
29 public: 31 public:
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
82 enum { 84 enum {
83 TRUST_DEFAULT = 0, 85 TRUST_DEFAULT = 0,
84 TRUSTED_SSL = 1 << 0, 86 TRUSTED_SSL = 1 << 0,
85 TRUSTED_EMAIL = 1 << 1, 87 TRUSTED_EMAIL = 1 << 1,
86 TRUSTED_OBJ_SIGN = 1 << 2, 88 TRUSTED_OBJ_SIGN = 1 << 2,
87 DISTRUSTED_SSL = 1 << 3, 89 DISTRUSTED_SSL = 1 << 3,
88 DISTRUSTED_EMAIL = 1 << 4, 90 DISTRUSTED_EMAIL = 1 << 4,
89 DISTRUSTED_OBJ_SIGN = 1 << 5, 91 DISTRUSTED_OBJ_SIGN = 1 << 5,
90 }; 92 };
91 93
94 // DEPRECATED: See http://crbug.com/329735.
92 static NSSCertDatabase* GetInstance(); 95 static NSSCertDatabase* GetInstance();
93 96
94 // Get a list of unique certificates in the certificate database (one 97 // Get a list of unique certificates in the certificate database (one
95 // instance of all certificates). 98 // instance of all certificates).
96 void ListCerts(CertificateList* certs); 99 virtual void ListCerts(CertificateList* certs);
97 100
98 // Get the default slot for public key data. 101 // Get the default slot for public key data.
99 crypto::ScopedPK11Slot GetPublicSlot() const; 102 virtual crypto::ScopedPK11Slot GetPublicSlot() const;
100 103
101 // Get the default slot for private key or mixed private/public key data. 104 // Get the default slot for private key or mixed private/public key data.
102 crypto::ScopedPK11Slot GetPrivateSlot() const; 105 virtual crypto::ScopedPK11Slot GetPrivateSlot() const;
103 106
104 // Get the default module for public key data. 107 // Get the default module for public key data.
105 // The returned pointer must be stored in a scoped_refptr<CryptoModule>. 108 // The returned pointer must be stored in a scoped_refptr<CryptoModule>.
106 // DEPRECATED: use GetPublicSlot instead. 109 // DEPRECATED: use GetPublicSlot instead.
107 // TODO(mattm): remove usage of this method and remove it. 110 // TODO(mattm): remove usage of this method and remove it.
108 CryptoModule* GetPublicModule() const; 111 CryptoModule* GetPublicModule() const;
109 112
110 // Get the default module for private key or mixed private/public key data. 113 // Get the default module for private key or mixed private/public key data.
111 // The returned pointer must be stored in a scoped_refptr<CryptoModule>. 114 // The returned pointer must be stored in a scoped_refptr<CryptoModule>.
112 // DEPRECATED: use GetPrivateSlot instead. 115 // DEPRECATED: use GetPrivateSlot instead.
113 // TODO(mattm): remove usage of this method and remove it. 116 // TODO(mattm): remove usage of this method and remove it.
114 CryptoModule* GetPrivateModule() const; 117 CryptoModule* GetPrivateModule() const;
115 118
116 // Get all modules. 119 // Get all modules.
117 // If |need_rw| is true, only writable modules will be returned. 120 // If |need_rw| is true, only writable modules will be returned.
118 // TODO(mattm): come up with better alternative to CryptoModuleList. 121 // TODO(mattm): come up with better alternative to CryptoModuleList.
119 void ListModules(CryptoModuleList* modules, bool need_rw) const; 122 virtual void ListModules(CryptoModuleList* modules, bool need_rw) const;
120 123
121 // Import certificates and private keys from PKCS #12 blob into the module. 124 // Import certificates and private keys from PKCS #12 blob into the module.
122 // If |is_extractable| is false, mark the private key as being unextractable 125 // If |is_extractable| is false, mark the private key as being unextractable
123 // from the module. 126 // from the module.
124 // Returns OK or a network error code such as ERR_PKCS12_IMPORT_BAD_PASSWORD 127 // Returns OK or a network error code such as ERR_PKCS12_IMPORT_BAD_PASSWORD
125 // or ERR_PKCS12_IMPORT_ERROR. |imported_certs|, if non-NULL, returns a list 128 // or ERR_PKCS12_IMPORT_ERROR. |imported_certs|, if non-NULL, returns a list
126 // of certs that were imported. 129 // of certs that were imported.
127 int ImportFromPKCS12(CryptoModule* module, 130 int ImportFromPKCS12(CryptoModule* module,
128 const std::string& data, 131 const std::string& data,
129 const base::string16& password, 132 const base::string16& password,
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
189 192
190 // Check whether cert is stored in a readonly slot. 193 // Check whether cert is stored in a readonly slot.
191 bool IsReadOnly(const X509Certificate* cert) const; 194 bool IsReadOnly(const X509Certificate* cert) const;
192 195
193 // Check whether cert is stored in a hardware slot. 196 // Check whether cert is stored in a hardware slot.
194 bool IsHardwareBacked(const X509Certificate* cert) const; 197 bool IsHardwareBacked(const X509Certificate* cert) const;
195 198
196 // Registers |observer| to receive notifications of certificate changes. The 199 // Registers |observer| to receive notifications of certificate changes. The
197 // thread on which this is called is the thread on which |observer| will be 200 // thread on which this is called is the thread on which |observer| will be
198 // called back with notifications. 201 // called back with notifications.
202 // NOTE: CertDatabase::AddObserver should be preferred. Observers registered
203 // here will only recieve notifications generated directly through the
204 // NSSCertDatabase, but not those from the CertDatabase. The CertDatabase
205 // observers will recieve both.
199 void AddObserver(Observer* observer); 206 void AddObserver(Observer* observer);
200 207
201 // Unregisters |observer| from receiving notifications. This must be called 208 // Unregisters |observer| from receiving notifications. This must be called
202 // on the same thread on which AddObserver() was called. 209 // on the same thread on which AddObserver() was called.
203 void RemoveObserver(Observer* observer); 210 void RemoveObserver(Observer* observer);
204 211
212 protected:
213 NSSCertDatabase();
214 virtual ~NSSCertDatabase();
215
205 private: 216 private:
206 friend struct DefaultSingletonTraits<NSSCertDatabase>; 217 friend struct base::DefaultLazyInstanceTraits<NSSCertDatabase>;
207
208 NSSCertDatabase();
209 ~NSSCertDatabase();
210 218
211 // Broadcasts notifications to all registered observers. 219 // Broadcasts notifications to all registered observers.
212 void NotifyObserversOfCertAdded(const X509Certificate* cert); 220 void NotifyObserversOfCertAdded(const X509Certificate* cert);
213 void NotifyObserversOfCertRemoved(const X509Certificate* cert); 221 void NotifyObserversOfCertRemoved(const X509Certificate* cert);
214 void NotifyObserversOfCACertChanged(const X509Certificate* cert); 222 void NotifyObserversOfCACertChanged(const X509Certificate* cert);
215 223
216 const scoped_refptr<ObserverListThreadSafe<Observer> > observer_list_; 224 const scoped_refptr<ObserverListThreadSafe<Observer> > observer_list_;
217 225
218 DISALLOW_COPY_AND_ASSIGN(NSSCertDatabase); 226 DISALLOW_COPY_AND_ASSIGN(NSSCertDatabase);
219 }; 227 };
220 228
221 } // namespace net 229 } // namespace net
222 230
223 #endif // NET_CERT_NSS_CERT_DATABASE_H_ 231 #endif // NET_CERT_NSS_CERT_DATABASE_H_
OLDNEW
« no previous file with comments | « net/cert/cert_database_nss.cc ('k') | net/cert/nss_cert_database.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698