| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_CERTIFICATE_IMPORTER_H_ | |
| 6 #define CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_CERTIFICATE_IMPORTER_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 #include <vector> | |
| 10 | |
| 11 #include "base/basictypes.h" | |
| 12 #include "base/memory/ref_counted.h" | |
| 13 #include "base/memory/scoped_ptr.h" | |
| 14 #include "chrome/browser/chromeos/cros/network_ui_data.h" | |
| 15 | |
| 16 namespace base { | |
| 17 class DictionaryValue; | |
| 18 class ListValue; | |
| 19 } | |
| 20 | |
| 21 namespace net { | |
| 22 class X509Certificate; | |
| 23 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList; | |
| 24 } | |
| 25 | |
| 26 namespace chromeos { | |
| 27 namespace onc { | |
| 28 | |
| 29 // This class handles certificate imports from ONC (both policy and user | |
| 30 // imports) into the certificate store. In particular, the GUID of certificates | |
| 31 // is stored together with the certificate as Nickname. | |
| 32 class CertificateImporter { | |
| 33 public: | |
| 34 // Certificates pushed from a policy source with Web trust are only imported | |
| 35 // with ParseCertificate() if the |allow_web_trust_from_policy| permission is | |
| 36 // granted. | |
| 37 CertificateImporter(NetworkUIData::ONCSource onc_source, | |
| 38 bool allow_web_trust_from_policy); | |
| 39 | |
| 40 // Parses and stores the certificates in |onc_certificates| into the | |
| 41 // certificate store. If the "Remove" field of a certificate is enabled, then | |
| 42 // removes the certificate from the store instead of importing. Returns false | |
| 43 // and sets |error| to a user readable message if an error occured. In that | |
| 44 // case, some of the certificates may already be stored/removed. Otherwise, if | |
| 45 // no error occured, returns true and doesn't modify |error|. | |
| 46 bool ParseAndStoreCertificates(const base::ListValue& onc_certificates, | |
| 47 std::string* error); | |
| 48 | |
| 49 // Parses and stores/removes |certificate| in/from the certificate | |
| 50 // store. Returns false if an error occured. Returns true otherwise. | |
| 51 bool ParseAndStoreCertificate(const base::DictionaryValue& certificate); | |
| 52 | |
| 53 // Lists the certificates that have the string |label| as their certificate | |
| 54 // nickname (exact match). | |
| 55 static void ListCertsWithNickname(const std::string& label, | |
| 56 net::CertificateList* result); | |
| 57 | |
| 58 protected: | |
| 59 // Deletes any certificate that has the string |label| as its nickname (exact | |
| 60 // match). | |
| 61 static bool DeleteCertAndKeyByNickname(const std::string& label); | |
| 62 | |
| 63 private: | |
| 64 bool ParseServerOrCaCertificate( | |
| 65 const std::string& cert_type, | |
| 66 const std::string& guid, | |
| 67 const base::DictionaryValue& certificate); | |
| 68 bool ParseClientCertificate( | |
| 69 const std::string& guid, | |
| 70 const base::DictionaryValue& certificate); | |
| 71 | |
| 72 // Where the ONC blob comes from. | |
| 73 NetworkUIData::ONCSource onc_source_; | |
| 74 | |
| 75 // Whether certificates with Web trust should be stored when pushed from a | |
| 76 // policy source. | |
| 77 bool allow_web_trust_from_policy_; | |
| 78 | |
| 79 std::string error_; | |
| 80 | |
| 81 DISALLOW_COPY_AND_ASSIGN(CertificateImporter); | |
| 82 }; | |
| 83 | |
| 84 } // chromeos | |
| 85 } // onc | |
| 86 | |
| 87 #endif // CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_CERTIFICATE_IMPORTER_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11299236:
This moves the ONC parsing code into chromeos/network/onc (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src