| Index: chromeos/network/onc/onc_certificate_importer.h
|
| diff --git a/chromeos/network/onc/onc_certificate_importer.h b/chromeos/network/onc/onc_certificate_importer.h
|
| index 48488828e302bc062f7ec4d12e7fe615cf9f9357..32e901e014ecb63570ad9026e3c02f39b50c7dff 100644
|
| --- a/chromeos/network/onc/onc_certificate_importer.h
|
| +++ b/chromeos/network/onc/onc_certificate_importer.h
|
| @@ -1,102 +1,40 @@
|
| -// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
| +// Copyright (c) 2013 The Chromium Authors. All rights reserved.
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| #ifndef CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_IMPORTER_H_
|
| #define CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_IMPORTER_H_
|
|
|
| -#include <map>
|
| -#include <string>
|
| -#include <vector>
|
| -
|
| #include "base/basictypes.h"
|
| -#include "base/memory/ref_counted.h"
|
| -#include "base/memory/scoped_ptr.h"
|
| #include "chromeos/chromeos_export.h"
|
| #include "chromeos/network/onc/onc_constants.h"
|
| +#include "net/cert/x509_certificate.h"
|
|
|
| namespace base {
|
| -class DictionaryValue;
|
| class ListValue;
|
| }
|
|
|
| -namespace net {
|
| -class X509Certificate;
|
| -typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;
|
| -}
|
| -
|
| namespace chromeos {
|
| namespace onc {
|
|
|
| -// This class handles certificate imports from ONC (both policy and user
|
| -// imports) into the certificate store. The GUID of Client certificates is
|
| -// stored together with the certificate as Nickname. In contrast, Server and CA
|
| -// certificates are identified by their PEM and not by GUID.
|
| -// TODO(pneubeck): Replace Nickname by PEM for Client
|
| -// certificates. http://crbug.com/252119
|
| class CHROMEOS_EXPORT CertificateImporter {
|
| public:
|
| - typedef std::map<std::string, scoped_refptr<net::X509Certificate> >
|
| - CertsByGUID;
|
| - enum ParseResult {
|
| - IMPORT_OK,
|
| - IMPORT_INCOMPLETE,
|
| - IMPORT_FAILED,
|
| - };
|
| -
|
| - // During import with ParseCertificate(), Web trust is only applied to Server
|
| - // and Authority certificates with the TrustBits attribute "Web" if the
|
| - // |allow_trust_imports| permission is granted, otherwise the attribute is
|
| - // ignored.
|
| - explicit CertificateImporter(bool allow_trust_imports);
|
| -
|
| - // Parses and stores the certificates in |onc_certificates| into the
|
| - // certificate store. If the "Remove" field of a certificate is enabled, then
|
| - // removes the certificate from the store instead of importing. Returns the
|
| - // result of the parse operation. In case of IMPORT_INCOMPLETE, some of the
|
| - // certificates may be stored/removed successfully while others had errors.
|
| - // If no error occurred, returns IMPORT_OK. If |onc_trusted_certificates| is
|
| - // not NULL, it will be filled with the list of certificates that requested
|
| - // the Web trust flag. If |imported_server_and_ca_certs| is not null, it will
|
| - // be filled with the (GUID, Certificate) pairs of all successfully imported
|
| - // Server and CA certificates.
|
| - ParseResult ParseAndStoreCertificates(
|
| - const base::ListValue& onc_certificates,
|
| - net::CertificateList* onc_trusted_certificates,
|
| - CertsByGUID* imported_server_and_ca_certs);
|
| -
|
| - // Lists the certificates that have the string |label| as their certificate
|
| - // nickname (exact match).
|
| - static void ListCertsWithNickname(const std::string& label,
|
| - net::CertificateList* result);
|
| -
|
| - protected:
|
| - // Deletes any certificate that has the string |label| as its nickname (exact
|
| - // match).
|
| - static bool DeleteCertAndKeyByNickname(const std::string& label);
|
| + CertificateImporter() {}
|
| + virtual ~CertificateImporter() {}
|
| +
|
| + // Import the |certificates|, which must be a list of ONC Certificate objects.
|
| + // Certificates are only imported with web trust for user imports. If
|
| + // |onc_trusted_certificates| is not NULL, it will be filled with the list
|
| + // of certificates that requested the TrustBit "Web". If the "Remove" field of
|
| + // a certificate is enabled, then removes the certificate from the store
|
| + // instead of importing. Returns true if all certificates were imported
|
| + // successfully.
|
| + virtual bool ImportCertificates(
|
| + const base::ListValue& certificates,
|
| + onc::ONCSource source,
|
| + net::CertificateList* onc_trusted_certificates) = 0;
|
|
|
| private:
|
| - // Parses and stores/removes |certificate| in/from the certificate
|
| - // store. Returns true if the operation succeeded.
|
| - bool ParseAndStoreCertificate(
|
| - const base::DictionaryValue& certificate,
|
| - net::CertificateList* onc_trusted_certificates,
|
| - CertsByGUID* imported_server_and_ca_certs);
|
| -
|
| - bool ParseServerOrCaCertificate(
|
| - const std::string& cert_type,
|
| - const std::string& guid,
|
| - const base::DictionaryValue& certificate,
|
| - net::CertificateList* onc_trusted_certificates,
|
| - CertsByGUID* imported_server_and_ca_certs);
|
| -
|
| - bool ParseClientCertificate(const std::string& guid,
|
| - const base::DictionaryValue& certificate);
|
| -
|
| - // Whether certificates with TrustBits attribute "Web" should be stored with
|
| - // web trust.
|
| - bool allow_trust_imports_;
|
| -
|
| DISALLOW_COPY_AND_ASSIGN(CertificateImporter);
|
| };
|
|
|
|
|
Chromium Code Reviews
Issue 20041002:
Make CertificateHandler a proper interface of CertificateImporter. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src