Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(62)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/nss_cert_database.h

Issue 2363653002: Cleanup unreachable cert adding code (Closed)
Patch Set: Rebased Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/cert_database_win.cc ('k') | net/cert/nss_cert_database.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_CERT_NSS_CERT_DATABASE_H_ 5 #ifndef NET_CERT_NSS_CERT_DATABASE_H_
6 #define NET_CERT_NSS_CERT_DATABASE_H_ 6 #define NET_CERT_NSS_CERT_DATABASE_H_
7 7
8 #include <stdint.h> 8 #include <stdint.h>
9 9
10 #include <memory> 10 #include <memory>
(...skipping 24 matching lines...) Expand all
35 35
36 // Provides functions to manipulate the NSS certificate stores. 36 // Provides functions to manipulate the NSS certificate stores.
37 // Forwards notifications about certificate changes to the global CertDatabase 37 // Forwards notifications about certificate changes to the global CertDatabase
38 // singleton. 38 // singleton.
39 class NET_EXPORT NSSCertDatabase { 39 class NET_EXPORT NSSCertDatabase {
40 public: 40 public:
41 class NET_EXPORT Observer { 41 class NET_EXPORT Observer {
42 public: 42 public:
43 virtual ~Observer() {} 43 virtual ~Observer() {}
44 44
45 // Will be called when a new certificate is added.
46 // Called with |cert| == NULL after importing a list of certificates
47 // in ImportFromPKCS12().
48 virtual void OnCertAdded(const X509Certificate* cert) {}
49
50 // Will be called when a certificate is removed.
51 virtual void OnCertRemoved(const X509Certificate* cert) {}
52
53 // Will be called when a CA certificate is changed. 45 // Will be called when a CA certificate is changed.
54 // Called with |cert| == NULL after importing a list of certificates 46 // Called with |cert| == NULL after importing a list of certificates
55 // in ImportCACerts(). 47 // in ImportCACerts().
56 virtual void OnCACertChanged(const X509Certificate* cert) {} 48 virtual void OnCertDBChanged(const X509Certificate* cert) {}
57 49
58 protected: 50 protected:
59 Observer() {} 51 Observer() {}
60 52
61 private: 53 private:
62 DISALLOW_COPY_AND_ASSIGN(Observer); 54 DISALLOW_COPY_AND_ASSIGN(Observer);
63 }; 55 };
64 56
65 // Stores per-certificate error codes for import failures. 57 // Stores per-certificate error codes for import failures.
66 struct NET_EXPORT ImportCertFailure { 58 struct NET_EXPORT ImportCertFailure {
(...skipping 125 matching lines...) Expand 10 before | Expand all | Expand 10 after
192 // Uses similar logic to nsNSSCertificateDB::handleCACertDownload to find the 184 // Uses similar logic to nsNSSCertificateDB::handleCACertDownload to find the
193 // root. Assumes the list is an ordered hierarchy with the root being either 185 // root. Assumes the list is an ordered hierarchy with the root being either
194 // the first or last element. 186 // the first or last element.
195 // TODO(mattm): improve this to handle any order. 187 // TODO(mattm): improve this to handle any order.
196 X509Certificate* FindRootInList(const CertificateList& certificates) const; 188 X509Certificate* FindRootInList(const CertificateList& certificates) const;
197 189
198 // Import a user certificate. The private key for the user certificate must 190 // Import a user certificate. The private key for the user certificate must
199 // already be installed, otherwise we return ERR_NO_PRIVATE_KEY_FOR_CERT. 191 // already be installed, otherwise we return ERR_NO_PRIVATE_KEY_FOR_CERT.
200 // Returns OK or a network error code. 192 // Returns OK or a network error code.
201 int ImportUserCert(const std::string& data); 193 int ImportUserCert(const std::string& data);
194 int ImportUserCert(X509Certificate* cert);
202 195
203 // Import CA certificates. 196 // Import CA certificates.
204 // Tries to import all the certificates given. The root will be trusted 197 // Tries to import all the certificates given. The root will be trusted
205 // according to |trust_bits|. Any certificates that could not be imported 198 // according to |trust_bits|. Any certificates that could not be imported
206 // will be listed in |not_imported|. 199 // will be listed in |not_imported|.
207 // Returns false if there is an internal error, otherwise true is returned and 200 // Returns false if there is an internal error, otherwise true is returned and
208 // |not_imported| should be checked for any certificates that were not 201 // |not_imported| should be checked for any certificates that were not
209 // imported. 202 // imported.
210 bool ImportCACerts(const CertificateList& certificates, 203 bool ImportCACerts(const CertificateList& certificates,
211 TrustBits trust_bits, 204 TrustBits trust_bits,
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after
268 static void ListCertsImpl(crypto::ScopedPK11Slot slot, 261 static void ListCertsImpl(crypto::ScopedPK11Slot slot,
269 CertificateList* certs); 262 CertificateList* certs);
270 263
271 // Gets task runner that should be used for slow tasks like certificate 264 // Gets task runner that should be used for slow tasks like certificate
272 // listing. Defaults to a base::WorkerPool runner, but may be overriden 265 // listing. Defaults to a base::WorkerPool runner, but may be overriden
273 // in tests (see SetSlowTaskRunnerForTest). 266 // in tests (see SetSlowTaskRunnerForTest).
274 scoped_refptr<base::TaskRunner> GetSlowTaskRunner() const; 267 scoped_refptr<base::TaskRunner> GetSlowTaskRunner() const;
275 268
276 protected: 269 protected:
277 // Broadcasts notifications to all registered observers. 270 // Broadcasts notifications to all registered observers.
278 void NotifyObserversOfCertAdded(const X509Certificate* cert); 271 void NotifyObserversCertDBChanged(const X509Certificate* cert);
279 void NotifyObserversOfCertRemoved(const X509Certificate* cert);
280 void NotifyObserversOfCACertChanged(const X509Certificate* cert);
281 272
282 private: 273 private:
283 // Registers |observer| to receive notifications of certificate changes. The 274 // Registers |observer| to receive notifications of certificate changes. The
284 // thread on which this is called is the thread on which |observer| will be 275 // thread on which this is called is the thread on which |observer| will be
285 // called back with notifications. 276 // called back with notifications.
286 // NOTE: Observers registered here will only receive notifications generated 277 // NOTE: Observers registered here will only receive notifications generated
287 // directly through the NSSCertDatabase, but not those from the CertDatabase. 278 // directly through the NSSCertDatabase, but not those from the CertDatabase.
288 // CertDatabase observers will receive all certificate notifications. 279 // CertDatabase observers will receive all certificate notifications.
289 void AddObserver(Observer* observer); 280 void AddObserver(Observer* observer);
290 281
(...skipping 23 matching lines...) Expand all
314 const scoped_refptr<base::ObserverListThreadSafe<Observer>> observer_list_; 305 const scoped_refptr<base::ObserverListThreadSafe<Observer>> observer_list_;
315 306
316 base::WeakPtrFactory<NSSCertDatabase> weak_factory_; 307 base::WeakPtrFactory<NSSCertDatabase> weak_factory_;
317 308
318 DISALLOW_COPY_AND_ASSIGN(NSSCertDatabase); 309 DISALLOW_COPY_AND_ASSIGN(NSSCertDatabase);
319 }; 310 };
320 311
321 } // namespace net 312 } // namespace net
322 313
323 #endif // NET_CERT_NSS_CERT_DATABASE_H_ 314 #endif // NET_CERT_NSS_CERT_DATABASE_H_
OLDNEW
« no previous file with comments | « net/cert/cert_database_win.cc ('k') | net/cert/nss_cert_database.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698