chromeos/network/cert_loader.h - Issue 14522013: Separate cert loading code from CertLibrary and move to src/chromeos

Side by Side Diff: chromeos/network/cert_loader.h

Issue 14522013: Separate cert loading code from CertLibrary and move to src/chromeos (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Rebase + Add comments / address nits Created 7 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef CHROMEOS_NETWORK_CERT_LOADER_H_

	6 #define CHROMEOS_NETWORK_CERT_LOADER_H_

	7

	8 #include <string>

	9

	10 #include "base/memory/ref_counted.h"

	11 #include "base/memory/scoped_ptr.h"

	12 #include "base/memory/weak_ptr.h"

	13 #include "base/observer_list_threadsafe.h"

	14 #include "base/threading/thread_checker.h"

	15 #include "chromeos/chromeos_export.h"

	16 #include "chromeos/dbus/dbus_method_call_status.h"

	17 #include "chromeos/login/login_state.h"

	18 #include "net/cert/cert_database.h"

	19 #include "net/cert/x509_certificate.h"

	20

	21 namespace crypto {

	22 class SymmetricKey;

	23 }

	24

	25 namespace chromeos {

	26

	27 // This class is responsible for initializing the TPM token and loading

	28 // certificates once the TPM is initialized. It is expected to be constructed

	29 // on the UI thread and public methods should all be called from the UI thread.

	30 // When certificates have been loaded (after login completes), or the cert

	31 // database changes, observers are called with OnCertificatesLoaded().

	32 class CHROMEOS_EXPORT CertLoader : public net::CertDatabase::Observer,

	33 public LoginState::Observer {

	34 public:

	35 class Observer {

	36 public:

	37 virtual ~Observer() {}

	38

	39 // Called when the certificates, passed for convenience as \|cert_list\|,

	40 // have completed loading. \|initial_load\| is true the first time this

	41 // is called.

	42 virtual void OnCertificatesLoaded(const net::CertificateList& cert_list,

	43 bool initial_load) = 0;

	44

	45 protected:

	46 Observer() {}

	47

	48 private:

	49 DISALLOW_COPY_AND_ASSIGN(Observer);

	50 };

	51

	52 // Manage the global instance.

	53 static void Initialize();

	54 static void Shutdown();

	55 static CertLoader* Get();

	56

	57 void AddObserver(CertLoader::Observer* observer);

	58 void RemoveObserver(CertLoader::Observer* observer);

	59

	60 // Call this to start the certificate list initialization process.
	pneubeck (no reviews) 2013/05/02 14:58:35 remove the return value. It's confusing and never remove the return value. It's confusing and never used. Please decide if it's safe to call this if !IsUserLoggedIn or not. If it's safe: remove all conditionals on the calling side. Otherwise, document it here and log an error if the precondition is violated. stevenjb 2013/05/03 01:00:31 Done. It's actually only called within the class n Show quoted text On 2013/05/02 14:58:35, pneubeck wrote: > remove the return value. It's confusing and never used. > > Please decide if it's safe to call this if !IsUserLoggedIn or not. > If it's safe: remove all conditionals on the calling side. > Otherwise, document it here and log an error if the precondition is violated. Done. It's actually only called within the class now; made private.
	61 bool RequestCertificates();

	62

	63 // Returns true when the certificate list has been requested but not loaded.

	64 bool CertificatesLoading() const;

	65

	66 // Returns true if the TPM is available for hardware-backed certificates.

	67 bool IsHardwareBacked() const;

	68

	69 bool certificates_loaded() const { return certificates_loaded_; }
	pneubeck (no reviews) 2013/05/02 14:58:35 comment? comment? stevenjb 2013/05/03 01:00:31 Unnecessary for getters, esp. with obvious names. Show quoted text On 2013/05/02 14:58:35, pneubeck wrote: > comment? Unnecessary for getters, esp. with obvious names.
	70

	71 const std::string& tpm_token_name() const { return tpm_token_name_; }
	pneubeck (no reviews) 2013/05/02 14:58:35 only valid if IsHaredwareBacked() == true. This c only valid if IsHaredwareBacked() == true. This cached name doesn't have to be public. Callers (CertLibrary only) can use crypto::GetTPMTokenInfo instead or the other way round. stevenjb 2013/05/03 01:00:31 The network code will be using these also (I added Show quoted text On 2013/05/02 14:58:35, pneubeck wrote: > only valid if IsHaredwareBacked() == true. > > This cached name doesn't have to be public. Callers (CertLibrary only) can use > crypto::GetTPMTokenInfo instead or the other way round. The network code will be using these also (I added slot as well). There may be some cleanup to be done here, but for now I'd like this all in one place.
	72

	73 const net::CertificateList& cert_list() const { return cert_list_; }
	pneubeck (no reviews) 2013/05/02 14:58:35 only valid if certificates_loaded() == true only valid if certificates_loaded() == true stevenjb 2013/05/03 01:00:31 Done. Show quoted text On 2013/05/02 14:58:35, pneubeck wrote: > only valid if certificates_loaded() == true Done. stevenjb 2013/05/03 01:00:31 Done. Show quoted text On 2013/05/02 14:58:35, pneubeck wrote: > only valid if certificates_loaded() == true Done.
	74

	75 private:

	76 typedef ObserverListThreadSafe<CertLoader::Observer> ObserverList;
	pneubeck (no reviews) 2013/05/02 14:58:35 I don't find a reason why this has to be thread sa I don't find a reason why this has to be thread safe. stevenjb 2013/05/03 01:00:31 Done. Show quoted text On 2013/05/02 14:58:35, pneubeck wrote: > I don't find a reason why this has to be thread safe. Done.
	77

	78 CertLoader();

	79 virtual ~CertLoader();

	80

	81 void OnTpmIsEnabled(DBusMethodCallStatus call_status,

	82 bool tpm_is_enabled);

	83 void OnPkcs11IsTpmTokenReady(DBusMethodCallStatus call_status,

	84 bool is_tpm_token_ready);

	85 void OnPkcs11GetTpmTokenInfo(DBusMethodCallStatus call_status,

	86 const std::string& token_name,

	87 const std::string& user_pin);

	88 void InitializeTPMToken();

	89 void StartLoadCertificates();

	90 void UpdateCertificates(net::CertificateList* cert_list);

	91 void MaybeRetryRequestCertificates();

	92 void RequestCertificatesTask();

	93

	94 void NotifyCertificatesLoaded(bool initial_load);

	95

	96 // net::CertDatabase::Observer

	97 virtual void OnCertTrustChanged(const net::X509Certificate* cert) OVERRIDE;

	98 virtual void OnCertAdded(const net::X509Certificate* cert) OVERRIDE;

	99 virtual void OnCertRemoved(const net::X509Certificate* cert) OVERRIDE;

	100

	101 // LoginState::Observer

	102 virtual void LoggedInStateChanged(LoginState::LoggedInState state) OVERRIDE;

	103

	104 const scoped_refptr<ObserverList> observer_list_;

	105

	106 // Active request task for re-requests while waiting for TPM init.

	107 base::Closure request_task_;

	108

	109 // Local state.

	110 bool tpm_token_ready_;

	111 bool certificates_requested_;

	112 bool certificates_loaded_;

	113 // The key store for the current user has been loaded. This flag is needed to

	114 // ensure that the key store will not be loaded twice in the policy recovery

	115 // "safe-mode".

	116 bool key_store_loaded_;

	117

	118 // Cached TPM token name.

	119 std::string tpm_token_name_;

	120

	121 // Cached TPM user pin.

	122 std::string tpm_user_pin_;

	123

	124 // Cached Certificates.

	125 net::CertificateList cert_list_;

	126

	127 base::ThreadChecker thread_checker_;

	128

	129 base::WeakPtrFactory<CertLoader> weak_ptr_factory_;
	pneubeck (no reviews) 2013/05/02 14:58:35 There are two entry points to callback sequences: There are two entry points to callback sequences: The loop RequestCerts -> ... -> ... -> MaybeRetry.. -> [RequestCerts] and StartLoadCets -> ... -> UpdateCerts To ensure that these sequences are not accidentally kicked off multiple times, I'd suggest to have one WeakPtrFactory for each sequence and: - In each of the functions that are part of a sequence: DCHECK(!weak_ptr_factory_.HasWeakPtrs()); - Wrap each callback with a static function that resets() the weak ptr before running the original callback. So that the DCHECK doesn't trigger. stevenjb 2013/05/03 01:00:31 Added a TODO Show quoted text On 2013/05/02 14:58:35, pneubeck wrote: > There are two entry points to callback sequences: > The loop > RequestCerts -> ... -> ... -> MaybeRetry.. -> [RequestCerts] > > and > StartLoadCets -> ... -> UpdateCerts > > To ensure that these sequences are not accidentally kicked off multiple times, > I'd suggest to have one WeakPtrFactory for each sequence and: > - In each of the functions that are part of a sequence: > DCHECK(!weak_ptr_factory_.HasWeakPtrs()); > - Wrap each callback with a static function that resets() the weak ptr before > running the original callback. So that the DCHECK doesn't trigger. Added a TODO
	130

	131 DISALLOW_COPY_AND_ASSIGN(CertLoader);

	132 };

	133

	134 } // namespace chromeos

	135

	136 #endif // CHROMEOS_NETWORK_CERT_LOADER_H_

OLD	NEW

« chrome/browser/chromeos/cros/cert_library.h ('K') | « chromeos/cryptohome/cryptohome_library.cc ('k') | chromeos/network/cert_loader.cc » ('j') | chromeos/network/cert_loader.cc » ('J')