| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef NET_CERT_NSS_CERT_DATABASE_CHROMEOS_ |
| 6 #define NET_CERT_NSS_CERT_DATABASE_CHROMEOS_ |
| 7 |
| 8 #include "base/callback.h" |
| 9 #include "crypto/scoped_nss_types.h" |
| 10 #include "net/cert/nss_cert_database.h" |
| 11 #include "net/cert/nss_profile_filter_chromeos.h" |
| 12 |
| 13 namespace net { |
| 14 class CryptoModule; |
| 15 typedef std::vector<scoped_refptr<CryptoModule> > CryptoModuleList; |
| 16 class X509Certificate; |
| 17 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList; |
| 18 |
| 19 class NET_EXPORT NSSCertDatabaseChromeOS : public NSSCertDatabase { |
| 20 public: |
| 21 // Get a pointer to the NSSCertDatabase for the given user. Ownership is not |
| 22 // transferred, but the caller may hold the pointer, which will remain valid |
| 23 // for the lifetime of the process. If the database is already initialized it |
| 24 // will be returned, otherwise if |callback| is non-null, the database will be |
| 25 // passed to the callback when it is ready. |
| 26 static NSSCertDatabase* GetForUser( |
| 27 const std::string& username_hash, |
| 28 const base::Callback<void(NSSCertDatabase*)>& callback); |
| 29 |
| 30 virtual ~NSSCertDatabaseChromeOS(); |
| 31 |
| 32 // NSSCertDatabase implementation. |
| 33 virtual void ListCerts(CertificateList* certs) OVERRIDE; |
| 34 virtual crypto::ScopedPK11Slot GetPublicSlot() const OVERRIDE; |
| 35 virtual crypto::ScopedPK11Slot GetPrivateSlot() const OVERRIDE; |
| 36 virtual void ListModules(CryptoModuleList* modules, bool need_rw) const |
| 37 OVERRIDE; |
| 38 virtual TrustBits GetCertTrust(const X509Certificate* cert, |
| 39 CertType type) const OVERRIDE; |
| 40 virtual bool IsUntrusted(const X509Certificate* cert) const OVERRIDE; |
| 41 //virtual bool SetCertTrust(const X509Certificate* cert, |
| 42 // CertType type, |
| 43 // TrustBits trust_bits) OVERRIDE; |
| 44 |
| 45 // TODO(mattm): handle trust setting, deletion, etc correctly when certs exist |
| 46 // in multiple slots. |
| 47 // TODO(mattm): handle trust setting correctly for certs in read-only slots. |
| 48 |
| 49 class Manager; |
| 50 friend class Manager; |
| 51 private: |
| 52 |
| 53 // This class should not be constructed directly. Use GetForUser. |
| 54 explicit NSSCertDatabaseChromeOS(crypto::ScopedPK11Slot public_slot); |
| 55 void SetPrivateSlot(crypto::ScopedPK11Slot private_slot); |
| 56 void OnReady(const base::Callback<void(NSSCertDatabase*)>& callback); |
| 57 |
| 58 scoped_refptr<const X509Certificate> ResolveCert(const X509Certificate* cert, |
| 59 bool need_rw) const; |
| 60 |
| 61 bool ready_; |
| 62 crypto::ScopedPK11Slot public_slot_; |
| 63 crypto::ScopedPK11Slot private_slot_; |
| 64 NSSProfileFilterChromeOS profile_filter_; |
| 65 |
| 66 typedef std::vector<base::Callback<void(NSSCertDatabase*)> > |
| 67 ReadyCallbackList; |
| 68 ReadyCallbackList ready_callback_list_; |
| 69 |
| 70 DISALLOW_COPY_AND_ASSIGN(NSSCertDatabaseChromeOS); |
| 71 }; |
| 72 |
| 73 } // namespace net |
| 74 |
| 75 #endif // NET_CERT_NSS_CERT_DATABASE_CHROMEOS_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 18121007:
*WIP* Store NSS slots per profile. Move keygen to chrome. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src