Introduce networkingPrivate.getCertificateLists

extensions/common/api/networking_private.idl

Index: extensions/common/api/networking_private.idl
diff --git a/extensions/common/api/networking_private.idl b/extensions/common/api/networking_private.idl
index a6a35571024797fc5a05334dc20f3da0fec32628..b63f3671de6b76a422d33672f7c199c87c3b3ea7 100644
--- a/extensions/common/api/networking_private.idl
+++ b/extensions/common/api/networking_private.idl
@@ -229,6 +229,7 @@ namespace networkingPrivate {
   dictionary EAPProperties {
     DOMString? AnonymousIdentity;
     CertificatePattern? ClientCertPattern;
+    DOMString? ClientCertPKCS11Id;
     DOMString? ClientCertRef;
     DOMString? ClientCertType;
     DOMString? Identity;
@@ -248,6 +249,7 @@ namespace networkingPrivate {
   dictionary ManagedEAPProperties {
     ManagedDOMString? AnonymousIdentity;
     ManagedCertificatePattern? ClientCertPattern;
+    ManagedDOMString? ClientCertPKCS11Id;
     ManagedDOMString? ClientCertRef;
     ManagedDOMString? ClientCertType;
     ManagedDOMString? Identity;
@@ -833,6 +835,34 @@ namespace networkingPrivate {
     boolean? AllowOnlyPolicyNetworksToConnect;
   };
 
+  dictionary Certificate {
+    // Unique hash for the certificate.
+    DOMString hash;
+
+    // Certificate issuer common name.
+    DOMString issuedBy;
+
+    // Certificate name or nickname.
+    DOMString issuedTo;
+
+    // PEM for server ca certificatess.
+    DOMString? pem;
+
+    // PKCS#11 id for user certificates.
+    DOMString? PKCS11Id;
+
+    // Whether or not the certificate is hardware backed.
+    boolean hardwareBacked;
+  };
+
+  dictionary CertificateLists {
+    // Certificates available for the ServerCA property.
+    Certificate[] server_ca_certificates;
+
+    // Certificates available for the UserCert property.
+    Certificate[] user_certificates;
+  };
+
   callback VoidCallback = void();
   callback BooleanCallback = void(boolean result);
   callback StringCallback = void(DOMString result);
@@ -846,6 +876,7 @@ namespace networkingPrivate {
   callback GetEnabledNetworkTypesCallback = void(NetworkType[] result);
   callback CaptivePortalStatusCallback = void(CaptivePortalStatus result);
   callback GetGlobalPolicyCallback = void(GlobalPolicy result);
+  callback GetCertificateListsCallback = void(CertificateLists result);
 
   // These functions all report failures via chrome.runtime.lastError.
   interface Functions {
@@ -1071,6 +1102,9 @@ namespace networkingPrivate {
     // Gets the global policy properties. These properties are not expected to
     // change during a session.
     static void getGlobalPolicy(GetGlobalPolicyCallback callback);
+
+    // Gets the lists of certificates available for network configuration.
+    static void getCertificateLists(GetCertificateListsCallback callback);
   };
 
   interface Events {
@@ -1090,5 +1124,8 @@ namespace networkingPrivate {
     // the network and the corresponding captive portal status.
     static void onPortalDetectionCompleted(DOMString networkGuid,
                                            CaptivePortalStatus status);
+
+    // Fired when any certificate list has changed.
+    static void onCertificateListsChanged();
   };
 };