Chromium Code Reviews Chromium Code Reviews
Issue 14522013:
Separate cert loading code from CertLibrary and move to src/chromeos (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_CROS_CERT_LIBRARY_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_CROS_CERT_LIBRARY_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_CROS_CERT_LIBRARY_H_ | 6 #define CHROME_BROWSER_CHROMEOS_CROS_CERT_LIBRARY_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/string16.h" | 10 #include "base/string16.h" |
| 11 #include "chromeos/network/cert_loader.h" | |
| 11 #include "net/cert/x509_certificate.h" | 12 #include "net/cert/x509_certificate.h" |
| 12 | 13 |
| 13 namespace crypto { | |
| 14 class SymmetricKey; | |
| 15 } | |
| 16 | |
| 17 namespace chromeos { | 14 namespace chromeos { |
| 18 | 15 |
| 19 class CertLibrary { | 16 class CertNameComparator; |
| 17 | |
| 18 // This class is responsible for keeping track of certificates in a UI | |
| 19 // friendly manner. It observes CertLoader to receive certificate list | |
| 20 // updates and sorts them by type for the UI. All public APIs are expected | |
| 21 // to be called from the UI thread and are non blocking. Observers will also | |
| 22 // be called on the UI thread. | |
| 23 class CertLibrary : public CertLoader::Observer { | |
| 20 public: | 24 public: |
| 21 | |
| 22 // Observers can register themselves via CertLibrary::AddObserver, and can | |
| 23 // un-register with CertLibrary::RemoveObserver. | |
| 24 class Observer { | 25 class Observer { |
| 25 public: | 26 public: |
| 26 virtual ~Observer() {} | 27 virtual ~Observer() {} |
| 27 | 28 |
| 28 // Called for any Observers whenever the certificates are loaded. | 29 // Called for any Observers whenever the certificates are loaded. |
| 29 // |initial_load| is true the first time this is called. | 30 // |initial_load| is true the first time this is called. |
| 30 virtual void OnCertificatesLoaded(bool initial_load) = 0; | 31 virtual void OnCertificatesLoaded(bool initial_load) = 0; |
| 31 | 32 |
| 32 protected: | 33 protected: |
| 33 Observer() {} | 34 Observer() {} |
| 34 | 35 |
| 35 private: | 36 private: |
| 36 DISALLOW_COPY_AND_ASSIGN(Observer); | 37 DISALLOW_COPY_AND_ASSIGN(Observer); |
| 37 }; | 38 }; |
| 38 | 39 |
| 39 // Wrapper class to provide an additional interface for net::CertificateList. | 40 enum CertType { |
| 40 class CertList { | 41 CERT_TYPE_DEFAULT, |
| 41 public: | 42 CERT_TYPE_USER, |
| 42 explicit CertList(CertLibrary* library); | 43 CERT_TYPE_SERVER, |
| 43 ~CertList(); | 44 CERT_TYPE_SERVER_CA |
| 44 void Append(net::X509Certificate* cert) { list_.push_back(cert); } | |
| 45 void Clear() { list_.clear(); } | |
| 46 int Size() const { return static_cast<int>(list_.size()); } | |
| 47 net::X509Certificate* GetCertificateAt(int index) const; | |
| 48 string16 GetDisplayStringAt(int index) const; // User-visible name. | |
| 49 std::string GetNicknameAt(int index) const; | |
| 50 std::string GetPkcs11IdAt(int index) const; | |
| 51 bool IsHardwareBackedAt(int index) const; | |
| 52 // Finds the index of a Certificate matching |nickname|. | |
| 53 // Returns -1 if none found. | |
| 54 int FindCertByNickname(const std::string& nickname) const; | |
| 55 // Same as above but for a pkcs#11 id. | |
| 56 int FindCertByPkcs11Id(const std::string& pkcs11_id) const; | |
| 57 net::CertificateList& list() { return list_; } | |
| 58 private: | |
| 59 net::CertificateList list_; | |
| 60 CertLibrary* cert_library_; | |
| 61 | |
| 62 DISALLOW_COPY_AND_ASSIGN(CertList); | |
| 63 }; | 45 }; |
| 64 | 46 |
| 47 // Manage the global instance. | |
| 48 static void Initialize(); | |
| 49 static void Shutdown(); | |
| 50 static CertLibrary* Get(); | |
| 51 static bool IsInitialized(); | |
| 52 | |
| 53 // Add / Remove Observer | |
| 54 void AddObserver(Observer* observer); | |
| 55 void RemoveObserver(Observer* observer); | |
| 56 | |
| 57 // Returns true when the certificate list has been requested but not loaded. | |
| 58 bool CertificatesLoading() const; | |
| 59 | |
| 60 // Returns true when the certificate list has been initiailized. | |
|
pneubeck (no reviews)
2013/05/03 09:42:54
nit: initiailized -> initialized
| |
| 61 bool CertificatesLoaded() const; | |
| 62 | |
| 63 // Returns true if the TPM is available for hardware-backed certificates. | |
| 64 bool IsHardwareBacked() const; | |
| 65 | |
| 66 // Retruns the number of certificates available for |type|. | |
|
pneubeck (no reviews)
2013/05/03 09:42:54
nit: Retruns -> Returns
| |
| 67 int NumCertificates(CertType type) const; | |
| 68 | |
| 69 // Retreives the certificate property for |type| at |index|. | |
|
pneubeck (no reviews)
2013/05/03 09:42:54
nit: Retreives -> Retrieves
| |
| 70 string16 GetCertDisplayStringAt(CertType type, int index) const; | |
| 71 std::string GetCertNicknameAt(CertType type, int index) const; | |
| 72 std::string GetCertPkcs11IdAt(CertType type, int index) const; | |
| 73 bool IsCertHardwareBackedAt(CertType type, int index) const; | |
| 74 | |
| 75 // Returns the index of a Certificate matching |nickname| or -1 if none found. | |
| 76 int GetCertIndexByNickname(CertType type, const std::string& nickname) const; | |
| 77 // Same as above but for a PKCS#11 id. TODO(stevenjb): Replace this with a | |
|
pneubeck (no reviews)
2013/05/03 09:42:54
nit: empty line above
| |
| 78 // better mechanism for uniquely idientifying certificates, crbug.com/236978. | |
|
pneubeck (no reviews)
2013/05/03 09:42:54
nit: idientifying -> identifying
| |
| 79 int GetCertIndexByPkcs11Id(CertType type, const std::string& pkcs11_id) const; | |
| 80 | |
| 81 // CertLoader::Observer | |
| 82 virtual void OnCertificatesLoaded(const net::CertificateList&, | |
| 83 bool initial_load) OVERRIDE; | |
| 84 | |
| 85 private: | |
| 86 CertLibrary(); | |
| 65 virtual ~CertLibrary(); | 87 virtual ~CertLibrary(); |
| 66 | 88 |
| 67 static CertLibrary* GetImpl(bool stub); | 89 net::X509Certificate* GetCertificateAt(CertType type, int index) const; |
| 90 const net::CertificateList& GetCertificateListForType(CertType type) const; | |
| 68 | 91 |
| 69 // Registers |observer|. The thread on which this is called is the thread | 92 ObserverList<CertLibrary::Observer> observer_list_; |
| 70 // on which |observer| will be called back with notifications. | 93 // Sorted certificate lists |
| 71 virtual void AddObserver(Observer* observer) = 0; | 94 net::CertificateList certs_; |
| 95 net::CertificateList user_certs_; | |
| 96 net::CertificateList server_certs_; | |
| 97 net::CertificateList server_ca_certs_; | |
| 72 | 98 |
| 73 // Unregisters |observer| from receiving notifications. This must be called | 99 DISALLOW_COPY_AND_ASSIGN(CertLibrary); |
| 74 // on the same thread on which AddObserver() was called. | |
| 75 virtual void RemoveObserver(Observer* observer) = 0; | |
| 76 | |
| 77 // Loads the key/certificates database for the current logged in user. | |
| 78 virtual void LoadKeyStore() = 0; | |
| 79 | |
| 80 // Returns true when the certificate list has been requested but not loaded. | |
| 81 virtual bool CertificatesLoading() const = 0; | |
| 82 | |
| 83 // Returns true when the certificate list has been initiailized. | |
| 84 virtual bool CertificatesLoaded() const = 0; | |
| 85 | |
| 86 // Returns true if the TPM is available for hardware-backed certificates. | |
| 87 virtual bool IsHardwareBacked() const = 0; | |
| 88 | |
| 89 // Returns the cached TPM token name. | |
| 90 virtual const std::string& GetTpmTokenName() const = 0; | |
| 91 | |
| 92 // Returns the current list of all certificates. | |
| 93 virtual const CertList& GetCertificates() const = 0; | |
| 94 | |
| 95 // Returns the current list of user certificates. | |
| 96 virtual const CertList& GetUserCertificates() const = 0; | |
| 97 | |
| 98 // Returns the current list of server certificates. | |
| 99 virtual const CertList& GetServerCertificates() const = 0; | |
| 100 | |
| 101 // Returns the current list of server CA certificates. | |
| 102 virtual const CertList& GetCACertificates() const = 0; | |
| 103 }; | 100 }; |
| 104 | 101 |
| 105 } // namespace chromeos | 102 } // namespace chromeos |
| 106 | 103 |
| 107 #endif // CHROME_BROWSER_CHROMEOS_CROS_CERT_LIBRARY_H_ | 104 #endif // CHROME_BROWSER_CHROMEOS_CROS_CERT_LIBRARY_H_ |
| OLD | NEW |
