OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_BASE_CERT_DATABASE_H_ | 5 #ifndef NET_BASE_CERT_DATABASE_H_ |
6 #define NET_BASE_CERT_DATABASE_H_ | 6 #define NET_BASE_CERT_DATABASE_H_ |
7 #pragma once | 7 #pragma once |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 #include <vector> | 10 #include <vector> |
11 | 11 |
12 #include "base/basictypes.h" | 12 #include "base/basictypes.h" |
13 #include "base/string16.h" | 13 #include "base/string16.h" |
14 #include "base/ref_counted.h" | 14 #include "base/ref_counted.h" |
15 #include "net/base/cert_type.h" | 15 #include "net/base/cert_type.h" |
16 | 16 |
17 namespace net { | 17 namespace net { |
18 | 18 |
| 19 class CryptoModule; |
19 class X509Certificate; | 20 class X509Certificate; |
20 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList; | 21 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList; |
21 | 22 |
22 | 23 |
23 // This class provides functions to manipulate the local | 24 // This class provides functions to manipulate the local |
24 // certificate store. | 25 // certificate store. |
25 | 26 |
26 // TODO(gauravsh): This class could be augmented with methods | 27 // TODO(gauravsh): This class could be augmented with methods |
27 // for all operations that manipulate the underlying system | 28 // for all operations that manipulate the underlying system |
28 // certificate store. | 29 // certificate store. |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
65 // Store user (client) certificate. Assumes CheckUserCert has already passed. | 66 // Store user (client) certificate. Assumes CheckUserCert has already passed. |
66 // Returns OK, or ERR_ADD_USER_CERT_FAILED if there was a problem saving to | 67 // Returns OK, or ERR_ADD_USER_CERT_FAILED if there was a problem saving to |
67 // the platform cert database, or possibly other network error codes. | 68 // the platform cert database, or possibly other network error codes. |
68 int AddUserCert(X509Certificate* cert); | 69 int AddUserCert(X509Certificate* cert); |
69 | 70 |
70 #if defined(USE_NSS) || defined(USE_OPENSSL) | 71 #if defined(USE_NSS) || defined(USE_OPENSSL) |
71 // Get a list of unique certificates in the certificate database. (One | 72 // Get a list of unique certificates in the certificate database. (One |
72 // instance of all certificates.) | 73 // instance of all certificates.) |
73 void ListCerts(CertificateList* certs); | 74 void ListCerts(CertificateList* certs); |
74 | 75 |
75 // Import certificates and private keys from PKCS #12 blob. | 76 // Get the default module. |
| 77 // The returned pointer must be stored in a scoped_refptr<CryptoModule>. |
| 78 CryptoModule* GetDefaultModule() const; |
| 79 |
| 80 // Import certificates and private keys from PKCS #12 blob into the module. |
76 // Returns OK or a network error code such as ERR_PKCS12_IMPORT_BAD_PASSWORD | 81 // Returns OK or a network error code such as ERR_PKCS12_IMPORT_BAD_PASSWORD |
77 // or ERR_PKCS12_IMPORT_ERROR. | 82 // or ERR_PKCS12_IMPORT_ERROR. |
78 int ImportFromPKCS12(const std::string& data, const string16& password); | 83 int ImportFromPKCS12(net::CryptoModule* module, |
| 84 const std::string& data, |
| 85 const string16& password); |
79 | 86 |
80 // Export the given certificates and private keys into a PKCS #12 blob, | 87 // Export the given certificates and private keys into a PKCS #12 blob, |
81 // storing into |output|. | 88 // storing into |output|. |
82 // Returns the number of certificates successfully exported. | 89 // Returns the number of certificates successfully exported. |
83 int ExportToPKCS12(const CertificateList& certs, const string16& password, | 90 int ExportToPKCS12(const CertificateList& certs, const string16& password, |
84 std::string* output) const; | 91 std::string* output) const; |
85 | 92 |
86 // Uses similar logic to nsNSSCertificateDB::handleCACertDownload to find the | 93 // Uses similar logic to nsNSSCertificateDB::handleCACertDownload to find the |
87 // root. Assumes the list is an ordered hierarchy with the root being either | 94 // root. Assumes the list is an ordered hierarchy with the root being either |
88 // the first or last element. | 95 // the first or last element. |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
129 bool IsReadOnly(const X509Certificate* cert) const; | 136 bool IsReadOnly(const X509Certificate* cert) const; |
130 #endif | 137 #endif |
131 | 138 |
132 private: | 139 private: |
133 DISALLOW_COPY_AND_ASSIGN(CertDatabase); | 140 DISALLOW_COPY_AND_ASSIGN(CertDatabase); |
134 }; | 141 }; |
135 | 142 |
136 } // namespace net | 143 } // namespace net |
137 | 144 |
138 #endif // NET_BASE_CERT_DATABASE_H_ | 145 #endif // NET_BASE_CERT_DATABASE_H_ |
OLD | NEW |