Show extension provided certificates in chrome://settings/certificates

chrome/browser/certificate_manager_model.h

Index: chrome/browser/certificate_manager_model.h
diff --git a/chrome/browser/certificate_manager_model.h b/chrome/browser/certificate_manager_model.h
index 64fcb2c467339cbe403850183e33d0ba1d7babbe..4144beb1bc304a265877dd363fada73b5abd7607 100644
--- a/chrome/browser/certificate_manager_model.h
+++ b/chrome/browser/certificate_manager_model.h
@@ -12,7 +12,9 @@
 #include "base/callback.h"
 #include "base/macros.h"
 #include "base/memory/ref_counted.h"
+#include "base/memory/weak_ptr.h"
 #include "base/strings/string16.h"
+#include "chrome/browser/chromeos/certificate_provider/certificate_provider.h"

[mattm, 2016/09/09 01:34:05]

can you forward declare CertificateProvider and move this include to the .cc?

[Ivan Šandrk, 2016/09/09 10:17:53]

Done.

 #include "net/cert/nss_cert_database.h"
 
 namespace content {
@@ -129,10 +131,12 @@ class CertificateManagerModel {
   bool IsHardwareBacked(const net::X509Certificate* cert) const;
 
  private:
-  CertificateManagerModel(net::NSSCertDatabase* nss_cert_database,
-                          bool is_user_db_available,
-                          bool is_tpm_available,
-                          Observer* observer);
+  CertificateManagerModel(
+      net::NSSCertDatabase* nss_cert_database,
+      bool is_user_db_available,
+      bool is_tpm_available,
+      Observer* observer,
+      std::unique_ptr<chromeos::CertificateProvider> certificate_provider);
 
   // Methods used during initialization, see the comment at the top of the .cc
   // file for details.
@@ -141,21 +145,29 @@ class CertificateManagerModel {
       bool is_user_db_available,
       bool is_tpm_available,
       CertificateManagerModel::Observer* observer,
+      std::unique_ptr<chromeos::CertificateProvider> certificate_provider,
       const CreationCallback& callback);
   static void DidGetCertDBOnIOThread(
       CertificateManagerModel::Observer* observer,
+      std::unique_ptr<chromeos::CertificateProvider> certificate_provider,
       const CreationCallback& callback,
       net::NSSCertDatabase* cert_db);
-  static void GetCertDBOnIOThread(content::ResourceContext* context,
-                                  CertificateManagerModel::Observer* observer,
-                                  const CreationCallback& callback);
+  static void GetCertDBOnIOThread(
+      content::ResourceContext* context,
+      CertificateManagerModel::Observer* observer,
+      std::unique_ptr<chromeos::CertificateProvider> certificate_provider,
+      const CreationCallback& callback);
 
   // Callback used by Refresh() for when the cert slots have been unlocked.
   // This method does the actual refreshing.
   void RefreshSlotsUnlocked();
 
+  // Callback used to refresh extension provided certificates. Refreshes UI.
+  void RefreshExtensionCertificates(const net::CertificateList& new_certs);
+
   net::NSSCertDatabase* cert_db_;
   net::CertificateList cert_list_;
+  net::CertificateList extension_cert_list_;
   // Whether the certificate database has a public slot associated with the
   // profile. If not set, importing certificates is not allowed with this model.
   bool is_user_db_available_;
@@ -164,6 +176,11 @@ class CertificateManagerModel {
   // The observer to notify when certificate list is refreshed.
   Observer* observer_;
 
+  // Certificate provider used to fetch extension provided certificates.
+  std::unique_ptr<chromeos::CertificateProvider> certificate_provider_;

[mattm, 2016/09/09 01:34:04]

I'd suggest %s/certificate_provider/extension_certificate_provider/

[Ivan Šandrk, 2016/09/09 10:17:53]

Good suggestion, I agree.

+
+  base::WeakPtrFactory<CertificateManagerModel> weak_ptr_factory_;
+
   DISALLOW_COPY_AND_ASSIGN(CertificateManagerModel);
 };