1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_CHROMEOS_OPTIONS_CERT_LIBRARY_H_ 6 #define CHROME_BROWSER_CHROMEOS_OPTIONS_CERT_LIBRARY_H_ 7 8 #include <string> 9 10 #include "base/strings/string16.h" 11 #include "chromeos/cert_loader.h" 12 #include "net/cert/x509_certificate.h" 13 14 namespace chromeos { 15 16 class CertNameComparator; 17 18 // This class is responsible for keeping track of certificates in a UI 19 // friendly manner. It observes CertLoader to receive certificate list 20 // updates and sorts them by type for the UI. All public APIs are expected 21 // to be called from the UI thread and are non blocking. Observers will also 22 // be called on the UI thread. 23 class CertLibrary : public CertLoader::Observer { 24 public: 25 class Observer { 26 public: 27 virtual ~Observer() {} 28 29 // Called for any Observers whenever the certificates are loaded. 30 // |initial_load| is true the first time this is called. 31 virtual void OnCertificatesLoaded(bool initial_load) = 0; 32 33 protected: 34 Observer() {} 35 36 private: 37 DISALLOW_COPY_AND_ASSIGN(Observer); 38 }; 39 40 enum CertType { 41 CERT_TYPE_DEFAULT, 42 CERT_TYPE_USER, 43 CERT_TYPE_SERVER, 44 CERT_TYPE_SERVER_CA 45 }; 46 47 // Manage the global instance. 48 static void Initialize(); 49 static void Shutdown(); 50 static CertLibrary* Get(); 51 static bool IsInitialized(); 52 53 // Add / Remove Observer 54 void AddObserver(Observer* observer); 55 void RemoveObserver(Observer* observer); 56 57 // Returns true when the certificate list has been requested but not loaded. 58 bool CertificatesLoading() const; 59 60 // Returns true when the certificate list has been initiailized. 61 bool CertificatesLoaded() const; 62 63 // Returns true if the TPM is available for hardware-backed certificates. 64 bool IsHardwareBacked() const; 65 66 // Retruns the number of certificates available for |type|. 67 int NumCertificates(CertType type) const; 68 69 // Retreives the certificate property for |type| at |index|. 70 base::string16 GetCertDisplayStringAt(CertType type, int index) const; 71 std::string GetCertPEMAt(CertType type, int index) const; 72 std::string GetCertPkcs11IdAt(CertType type, int index) const; 73 bool IsCertHardwareBackedAt(CertType type, int index) const; 74 75 // Returns the index of a Certificate matching |pem_encoded| or -1 if none 76 // found. This function may be slow depending on the number of stored 77 // certificates. 78 // TOOD(pneubeck): Either make this more efficient, asynchronous or get rid of 79 // it. 80 int GetCertIndexByPEM(CertType type, const std::string& pem_encoded) const; 81 // Same as above but for a PKCS#11 id. TODO(stevenjb): Replace this with a 82 // better mechanism for uniquely idientifying certificates, crbug.com/236978. 83 int GetCertIndexByPkcs11Id(CertType type, const std::string& pkcs11_id) const; 84 85 // CertLoader::Observer 86 virtual void OnCertificatesLoaded(const net::CertificateList&, 87 bool initial_load) OVERRIDE; 88 89 private: 90 CertLibrary(); 91 virtual ~CertLibrary(); 92 93 net::X509Certificate* GetCertificateAt(CertType type, int index) const; 94 const net::CertificateList& GetCertificateListForType(CertType type) const; 95 96 ObserverList<CertLibrary::Observer> observer_list_; 97 98 // Sorted certificate lists 99 net::CertificateList certs_; 100 net::CertificateList user_certs_; 101 net::CertificateList server_certs_; 102 net::CertificateList server_ca_certs_; 103 104 DISALLOW_COPY_AND_ASSIGN(CertLibrary); 105 }; 106 107 } // namespace chromeos 108 109 #endif // CHROME_BROWSER_CHROMEOS_OPTIONS_CERT_LIBRARY_H_ 110