chromeos/network/cert_loader.h - Issue 14522013: Separate cert loading code from CertLibrary and move to src/chromeos

Side by Side Diff: chromeos/network/cert_loader.h

Issue 14522013: Separate cert loading code from CertLibrary and move to src/chromeos (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Fix browser tests Created 7 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef CHROMEOS_NETWORK_CERT_LOADER_H_

	6 #define CHROMEOS_NETWORK_CERT_LOADER_H_

	7

	8 #include <string>

	9

	10 #include "base/memory/ref_counted.h"

	11 #include "base/memory/scoped_ptr.h"

	12 #include "base/memory/weak_ptr.h"

	13 #include "base/observer_list_threadsafe.h"

	14 #include "chromeos/chromeos_export.h"

	15 #include "chromeos/dbus/dbus_method_call_status.h"

	16 #include "chromeos/login/login_state.h"

	17 #include "net/cert/cert_database.h"

	18 #include "net/cert/x509_certificate.h"

	19

	20 namespace crypto {

	21 class SymmetricKey;

	22 }

	23

	24 namespace chromeos {

	25

	26 class CHROMEOS_EXPORT CertLoader : public net::CertDatabase::Observer,
	Ryan Sleevi 2013/05/01 18:16:18 comment nit: Threading guarantees comment nit: Threading guarantees stevenjb 2013/05/01 20:47:59 Done. Show quoted text On 2013/05/01 18:16:18, Ryan Sleevi wrote: > comment nit: Threading guarantees Done.
	27 public LoginState::Observer {

	28 public:

	29 class Observer {

	30 public:

	31 virtual ~Observer() {}

	32

	33 // Called when the certificates, passed for convenience as \|cert_list\|,

	34 // have completed loading. \|initial_load\| is true the first time this

	35 // is called.

	36 virtual void OnCertificatesLoaded(const net::CertificateList& cert_list,

	37 bool initial_load) = 0;

	38

	39 protected:

	40 Observer() {}

	41

	42 private:

	43 DISALLOW_COPY_AND_ASSIGN(Observer);

	44 };

	45

	46 typedef ObserverListThreadSafe<CertLoader::Observer> ObserverList;
	Ryan Sleevi 2013/05/01 18:16:18 style: You don't need to make public, do you? Shou style: You don't need to make public, do you? Shouldn't this be on line 72? stevenjb 2013/05/01 20:47:59 Done. Show quoted text On 2013/05/01 18:16:18, Ryan Sleevi wrote: > style: You don't need to make public, do you? Shouldn't this be on line 72? Done.
	47

	48 // Manage the global instance.

	49 static void Initialize();

	50 static void Shutdown();

	51 static CertLoader* Get();

	52

	53 void AddObserver(CertLoader::Observer* observer);

	54 void RemoveObserver(CertLoader::Observer* observer);

	55

	56 // Call this to start the certificate list initialization process.

	57 bool RequestCertificates();

	58

	59 // Returns true when the certificate list has been requested but not loaded.

	60 bool CertificatesLoading() const;

	61

	62 // Returns true if the TPM is available for hardware-backed certificates.

	63 bool IsHardwareBacked() const;

	64

	65 bool certificates_loaded() const { return certificates_loaded_; }

	66

	67 const std::string& tpm_token_name() const { return tpm_token_name_; }

	68

	69 const net::CertificateList& cert_list() const { return cert_list_; }

	70

	71 private:

	72 CertLoader();

	73 virtual ~CertLoader();

	74

	75 void OnTpmIsEnabled(DBusMethodCallStatus call_status,

	76 bool tpm_is_enabled);

	77 void OnPkcs11IsTpmTokenReady(DBusMethodCallStatus call_status,

	78 bool is_tpm_token_ready);

	79 void OnPkcs11GetTpmTokenInfo(DBusMethodCallStatus call_status,

	80 const std::string& token_name,

	81 const std::string& user_pin);

	82 void InitializeTPMToken();

	83 void StartLoadCertificates();

	84 void UpdateCertificates(net::CertificateList* cert_list);

	85 void MaybeRetryRequestCertificates();

	86 void RequestCertificatesTask();

	87

	88 void NotifyCertificatesLoaded(bool initial_load);

	89

	90 // net::CertDatabase::Observer

	91 virtual void OnCertTrustChanged(const net::X509Certificate* cert) OVERRIDE;

	92 virtual void OnCertAdded(const net::X509Certificate* cert) OVERRIDE;

	93 virtual void OnCertRemoved(const net::X509Certificate* cert) OVERRIDE;

	94

	95 // LoginState::Observer

	96 virtual void LoggedInStateChanged(LoginState::LoggedInState state) OVERRIDE;

	97

	98 const scoped_refptr<ObserverList> observer_list_;

	99

	100 // Active request task for re-requests while waiting for TPM init.

	101 base::Closure request_task_;

	102

	103 // Local state.

	104 bool tpm_token_ready_;

	105 bool certificates_requested_;

	106 bool certificates_loaded_;

	107 // The key store for the current user has been loaded. This flag is needed to

	108 // ensure that the key store will not be loaded twice in the policy recovery

	109 // "safe-mode".

	110 bool key_store_loaded_;

	111

	112 // Cached TPM token name.

	113 std::string tpm_token_name_;

	114

	115 // Cached TPM user pin.

	116 std::string tpm_user_pin_;

	117

	118 // Cached Certificates.

	119 net::CertificateList cert_list_;

	120

	121 base::WeakPtrFactory<CertLoader> weak_ptr_factory_;

	122

	123 DISALLOW_COPY_AND_ASSIGN(CertLoader);

	124 };

	125

	126 } // namespace chromeos

	127

	128 #endif // CHROMEOS_NETWORK_CERT_LOADER_H_

OLD	NEW

« chromeos/cryptohome/cryptohome_library.cc ('K') | « chromeos/cryptohome/cryptohome_library.cc ('k') | chromeos/network/cert_loader.cc » ('j') | no next file with comments »