| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_NET_CLIENT_CERT_STORE_CHROMEOS_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_NET_CLIENT_CERT_STORE_CHROMEOS_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_NET_CLIENT_CERT_STORE_CHROMEOS_H_ | 6 #define CHROME_BROWSER_CHROMEOS_NET_CLIENT_CERT_STORE_CHROMEOS_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> |
| 9 | 10 |
| 11 #include "base/macros.h" |
| 12 #include "base/memory/ref_counted.h" |
| 10 #include "base/memory/scoped_ptr.h" | 13 #include "base/memory/scoped_ptr.h" |
| 11 #include "net/ssl/client_cert_store_nss.h" | 14 #include "net/ssl/client_cert_store_nss.h" |
| 12 | 15 |
| 13 namespace net { | 16 namespace net { |
| 14 class X509Certificate; | 17 class X509Certificate; |
| 18 typedef std::vector<scoped_refptr<X509Certificate>> CertificateList; |
| 15 } | 19 } |
| 16 | 20 |
| 17 namespace chromeos { | 21 namespace chromeos { |
| 18 | 22 |
| 23 class CertificateProvider; |
| 24 |
| 19 class ClientCertStoreChromeOS : public net::ClientCertStoreNSS { | 25 class ClientCertStoreChromeOS : public net::ClientCertStoreNSS { |
| 20 public: | 26 public: |
| 21 class CertFilter { | 27 class CertFilter { |
| 22 public: | 28 public: |
| 23 virtual ~CertFilter() {} | 29 virtual ~CertFilter() {} |
| 24 | 30 |
| 25 // Initializes this filter. Returns true if it finished initialization, | 31 // Initializes this filter. Returns true if it finished initialization, |
| 26 // otherwise returns false and calls |callback| once the initialization is | 32 // otherwise returns false and calls |callback| once the initialization is |
| 27 // completed. | 33 // completed. |
| 28 // Must be called at most once. | 34 // Must be called at most once. |
| 29 virtual bool Init(const base::Closure& callback) = 0; | 35 virtual bool Init(const base::Closure& callback) = 0; |
| 30 | 36 |
| 31 // Returns true if |cert| is allowed to be used as a client certificate | 37 // Returns true if |cert| is allowed to be used as a client certificate |
| 32 // (e.g. for a certain browser context or user). | 38 // (e.g. for a certain browser context or user). |
| 33 // This is only called once initialization is finished, see Init(). | 39 // This is only called once initialization is finished, see Init(). |
| 34 virtual bool IsCertAllowed( | 40 virtual bool IsCertAllowed( |
| 35 const scoped_refptr<net::X509Certificate>& cert) const = 0; | 41 const scoped_refptr<net::X509Certificate>& cert) const = 0; |
| 36 }; | 42 }; |
| 37 | 43 |
| 38 // This ClientCertStore will return only client certs that pass the filter | 44 // This ClientCertStore will return client certs from NSS certificate |
| 39 // |cert_filter|. | 45 // databases that pass the filter |cert_filter| and additionally return |
| 46 // certificates provided by |cert_provider|. |
| 40 ClientCertStoreChromeOS( | 47 ClientCertStoreChromeOS( |
| 48 scoped_ptr<CertificateProvider> cert_provider, |
| 41 scoped_ptr<CertFilter> cert_filter, | 49 scoped_ptr<CertFilter> cert_filter, |
| 42 const PasswordDelegateFactory& password_delegate_factory); | 50 const PasswordDelegateFactory& password_delegate_factory); |
| 43 ~ClientCertStoreChromeOS() override; | 51 ~ClientCertStoreChromeOS() override; |
| 44 | 52 |
| 45 // net::ClientCertStoreNSS: | 53 // net::ClientCertStoreNSS: |
| 46 void GetClientCerts(const net::SSLCertRequestInfo& cert_request_info, | 54 void GetClientCerts(const net::SSLCertRequestInfo& cert_request_info, |
| 47 net::CertificateList* selected_certs, | 55 net::CertificateList* selected_certs, |
| 48 const base::Closure& callback) override; | 56 const base::Closure& callback) override; |
| 49 | 57 |
| 50 protected: | 58 protected: |
| 51 // net::ClientCertStoreNSS: | 59 // net::ClientCertStoreNSS: |
| 52 void GetClientCertsImpl(CERTCertList* cert_list, | 60 void GetClientCertsImpl(CERTCertList* cert_list, |
| 53 const net::SSLCertRequestInfo& request, | 61 const net::SSLCertRequestInfo& request, |
| 54 bool query_nssdb, | 62 bool query_nssdb, |
| 55 net::CertificateList* selected_certs) override; | 63 net::CertificateList* selected_certs) override; |
| 56 | 64 |
| 57 private: | 65 private: |
| 58 void CertFilterInitialized(const net::SSLCertRequestInfo* request, | 66 void SetAdditionalCerts(const base::Closure& callback, |
| 59 net::CertificateList* selected_certs, | 67 const net::CertificateList& certs); |
| 60 const base::Closure& callback); | |
| 61 | 68 |
| 69 void GetClientCertsAfterInit(const net::SSLCertRequestInfo* request, |
| 70 net::CertificateList* selected_certs, |
| 71 const base::Closure& callback); |
| 72 |
| 73 scoped_ptr<CertificateProvider> cert_provider_; |
| 74 net::CertificateList additional_certs_; |
| 62 scoped_ptr<CertFilter> cert_filter_; | 75 scoped_ptr<CertFilter> cert_filter_; |
| 63 | 76 |
| 64 DISALLOW_COPY_AND_ASSIGN(ClientCertStoreChromeOS); | 77 DISALLOW_COPY_AND_ASSIGN(ClientCertStoreChromeOS); |
| 65 }; | 78 }; |
| 66 | 79 |
| 67 } // namespace chromeos | 80 } // namespace chromeos |
| 68 | 81 |
| 69 #endif // CHROME_BROWSER_CHROMEOS_NET_CLIENT_CERT_STORE_CHROMEOS_H_ | 82 #endif // CHROME_BROWSER_CHROMEOS_NET_CLIENT_CERT_STORE_CHROMEOS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1274143002:
ClientCertStoreChromeOS: support additional non-platform certs. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master