Home | History | Annotate | Download | only in options 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_UI_WEBUI_OPTIONS_CERTIFICATE_MANAGER_HANDLER_H_
      6 #define CHROME_BROWSER_UI_WEBUI_OPTIONS_CERTIFICATE_MANAGER_HANDLER_H_
      7 
      8 #include <string>
      9 
     10 #include "base/compiler_specific.h"
     11 #include "base/memory/scoped_ptr.h"
     12 #include "base/memory/weak_ptr.h"
     13 #include "chrome/browser/certificate_manager_model.h"
     14 #include "chrome/browser/ui/webui/options/options_ui.h"
     15 #include "chrome/common/cancelable_task_tracker.h"
     16 #include "net/cert/nss_cert_database.h"
     17 #include "ui/gfx/native_widget_types.h"
     18 #include "ui/shell_dialogs/select_file_dialog.h"
     19 
     20 #if defined(OS_CHROMEOS)
     21 #include "chromeos/dbus/cryptohome_client.h"
     22 #endif
     23 
     24 namespace options {
     25 
     26 class CertIdMap;
     27 class FileAccessProvider;
     28 
     29 class CertificateManagerHandler
     30     : public OptionsPageUIHandler,
     31       public CertificateManagerModel::Observer,
     32       public ui::SelectFileDialog::Listener {
     33  public:
     34   CertificateManagerHandler();
     35   virtual ~CertificateManagerHandler();
     36 
     37   // OptionsPageUIHandler implementation.
     38   virtual void GetLocalizedValues(
     39       base::DictionaryValue* localized_strings) OVERRIDE;
     40   virtual void RegisterMessages() OVERRIDE;
     41 
     42   // CertificateManagerModel::Observer implementation.
     43   virtual void CertificatesRefreshed() OVERRIDE;
     44 
     45   // SelectFileDialog::Listener implementation.
     46   virtual void FileSelected(const base::FilePath& path,
     47                             int index,
     48                             void* params) OVERRIDE;
     49   virtual void FileSelectionCanceled(void* params) OVERRIDE;
     50 
     51  private:
     52   // View certificate.
     53   void View(const base::ListValue* args);
     54 
     55   // Edit server certificate trust values.
     56   void EditServer(const base::ListValue* args);
     57 
     58   // Edit certificate authority trust values.  The sequence goes like:
     59   //  1. user clicks edit button -> CertificateEditCaTrustOverlay.show ->
     60   //  GetCATrust -> CertificateEditCaTrustOverlay.populateTrust
     61   //  2. user clicks ok -> EditCATrust -> CertificateEditCaTrustOverlay.dismiss
     62   void GetCATrust(const base::ListValue* args);
     63   void EditCATrust(const base::ListValue* args);
     64 
     65   // Cleanup state stored during import or export process.
     66   void CancelImportExportProcess(const base::ListValue* args);
     67   void ImportExportCleanup();
     68 
     69   // Export to PKCS #12 file.  The sequence goes like:
     70   //  1a. user click on export button -> ExportPersonal -> launches file
     71   //  selector
     72   //  1b. user click on export all button -> ExportAllPersonal -> launches file
     73   //  selector
     74   //  2. user selects file -> ExportPersonalFileSelected -> launches password
     75   //  dialog
     76   //  3. user enters password -> ExportPersonalPasswordSelected -> unlock slots
     77   //  4. slots unlocked -> ExportPersonalSlotsUnlocked -> exports to memory
     78   //  buffer -> starts async write operation
     79   //  5. write finishes (or fails) -> ExportPersonalFileWritten
     80   void ExportPersonal(const base::ListValue* args);
     81   void ExportAllPersonal(const base::ListValue* args);
     82   void ExportPersonalFileSelected(const base::FilePath& path);
     83   void ExportPersonalPasswordSelected(const base::ListValue* args);
     84   void ExportPersonalSlotsUnlocked();
     85   void ExportPersonalFileWritten(const int* write_errno,
     86                                  const int* bytes_written);
     87 
     88   // Import from PKCS #12 file.  The sequence goes like:
     89   //  1. user click on import button -> StartImportPersonal -> launches file
     90   //  selector
     91   //  2. user selects file -> ImportPersonalFileSelected -> launches password
     92   //  dialog
     93   //  3. user enters password -> ImportPersonalPasswordSelected -> starts async
     94   //  read operation
     95   //  4. read operation completes -> ImportPersonalFileRead -> unlock slot
     96   //  5. slot unlocked -> ImportPersonalSlotUnlocked attempts to
     97   //  import with previously entered password
     98   //  6a. if import succeeds -> ImportExportCleanup
     99   //  6b. if import fails -> show error, ImportExportCleanup
    100   //  TODO(mattm): allow retrying with different password
    101   void StartImportPersonal(const base::ListValue* args);
    102   void ImportPersonalFileSelected(const base::FilePath& path);
    103   void ImportPersonalPasswordSelected(const base::ListValue* args);
    104   void ImportPersonalFileRead(const int* read_errno, const std::string* data);
    105   void ImportPersonalSlotUnlocked();
    106 
    107   // Import Server certificates from file.  Sequence goes like:
    108   //  1. user clicks on import button -> ImportServer -> launches file selector
    109   //  2. user selects file -> ImportServerFileSelected -> starts async read
    110   //  3. read completes -> ImportServerFileRead -> parse certs -> attempt import
    111   //  4a. if import succeeds -> ImportExportCleanup
    112   //  4b. if import fails -> show error, ImportExportCleanup
    113   void ImportServer(const base::ListValue* args);
    114   void ImportServerFileSelected(const base::FilePath& path);
    115   void ImportServerFileRead(const int* read_errno, const std::string* data);
    116 
    117   // Import Certificate Authorities from file.  Sequence goes like:
    118   //  1. user clicks on import button -> ImportCA -> launches file selector
    119   //  2. user selects file -> ImportCAFileSelected -> starts async read
    120   //  3. read completes -> ImportCAFileRead -> parse certs ->
    121   //  CertificateEditCaTrustOverlay.showImport
    122   //  4. user clicks ok -> ImportCATrustSelected -> attempt import
    123   //  5a. if import succeeds -> ImportExportCleanup
    124   //  5b. if import fails -> show error, ImportExportCleanup
    125   void ImportCA(const base::ListValue* args);
    126   void ImportCAFileSelected(const base::FilePath& path);
    127   void ImportCAFileRead(const int* read_errno, const std::string* data);
    128   void ImportCATrustSelected(const base::ListValue* args);
    129 
    130   // Export a certificate.
    131   void Export(const base::ListValue* args);
    132 
    133   // Delete certificate and private key (if any).
    134   void Delete(const base::ListValue* args);
    135 
    136   // Populate the trees in all the tabs.
    137   void Populate(const base::ListValue* args);
    138 
    139   // Populate the given tab's tree.
    140   void PopulateTree(const std::string& tab_name,
    141                     net::CertType type,
    142                     const net::CertificateList& web_trust_certs);
    143 
    144   // Populate the tree after retrieving the list of policy-installed
    145   // web-trusted certificates.
    146   void OnPolicyWebTrustCertsRetrieved(
    147       const net::CertificateList& web_trust_certs);
    148 
    149   // Display a WebUI error message box.
    150   void ShowError(const std::string& title, const std::string& error) const;
    151 
    152   // Display a WebUI error message box for import failures.
    153   // Depends on |selected_cert_list_| being set to the imports that we
    154   // attempted to import.
    155   void ShowImportErrors(
    156       const std::string& title,
    157       const net::NSSCertDatabase::ImportCertFailureList& not_imported) const;
    158 
    159 #if defined(OS_CHROMEOS)
    160   // Check whether Tpm token is ready and notifiy JS side.
    161   void CheckTpmTokenReady(const base::ListValue* args);
    162   void CheckTpmTokenReadyInternal(
    163       chromeos::DBusMethodCallStatus call_status,
    164       bool is_tpm_token_ready);
    165 #endif
    166 
    167   gfx::NativeWindow GetParentWindow() const;
    168 
    169   // The Certificates Manager model
    170   scoped_ptr<CertificateManagerModel> certificate_manager_model_;
    171 
    172   // For multi-step import or export processes, we need to store the path,
    173   // password, etc the user chose while we wait for them to enter a password,
    174   // wait for file to be read, etc.
    175   base::FilePath file_path_;
    176   string16 password_;
    177   bool use_hardware_backed_;
    178   std::string file_data_;
    179   net::CertificateList selected_cert_list_;
    180   scoped_refptr<ui::SelectFileDialog> select_file_dialog_;
    181   scoped_refptr<net::CryptoModule> module_;
    182 
    183   // Used in reading and writing certificate files.
    184   CancelableTaskTracker tracker_;
    185   scoped_refptr<FileAccessProvider> file_access_provider_;
    186 
    187   base::WeakPtrFactory<CertificateManagerHandler> weak_ptr_factory_;
    188 
    189   scoped_ptr<CertIdMap> cert_id_map_;
    190 
    191   DISALLOW_COPY_AND_ASSIGN(CertificateManagerHandler);
    192 };
    193 
    194 }  // namespace options
    195 
    196 #endif  // CHROME_BROWSER_UI_WEBUI_OPTIONS_CERTIFICATE_MANAGER_HANDLER_H_
    197