Home | History | Annotate | Download | only in options
      1 // Copyright 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_CHROMEOS_OPTIONS_CERT_LIBRARY_H_
      6 #define CHROME_BROWSER_CHROMEOS_OPTIONS_CERT_LIBRARY_H_
      7 
      8 #include <string>
      9 
     10 #include "base/strings/string16.h"
     11 #include "chromeos/cert_loader.h"
     12 #include "net/cert/x509_certificate.h"
     13 
     14 namespace chromeos {
     15 
     16 class CertNameComparator;
     17 
     18 // This class is responsible for keeping track of certificates in a UI
     19 // friendly manner. It observes CertLoader to receive certificate list
     20 // updates and sorts them by type for the UI. All public APIs are expected
     21 // to be called from the UI thread and are non blocking. Observers will also
     22 // be called on the UI thread.
     23 class CertLibrary : public CertLoader::Observer {
     24  public:
     25   class Observer {
     26    public:
     27     virtual ~Observer() {}
     28 
     29     // Called for any Observers whenever the certificates are loaded.
     30     // |initial_load| is true the first time this is called.
     31     virtual void OnCertificatesLoaded(bool initial_load) = 0;
     32 
     33    protected:
     34     Observer() {}
     35 
     36    private:
     37     DISALLOW_COPY_AND_ASSIGN(Observer);
     38   };
     39 
     40   enum CertType {
     41     CERT_TYPE_DEFAULT,
     42     CERT_TYPE_USER,
     43     CERT_TYPE_SERVER,
     44     CERT_TYPE_SERVER_CA
     45   };
     46 
     47   // Manage the global instance.
     48   static void Initialize();
     49   static void Shutdown();
     50   static CertLibrary* Get();
     51   static bool IsInitialized();
     52 
     53   // Add / Remove Observer
     54   void AddObserver(Observer* observer);
     55   void RemoveObserver(Observer* observer);
     56 
     57   // Returns true when the certificate list has been requested but not loaded.
     58   bool CertificatesLoading() const;
     59 
     60   // Returns true when the certificate list has been initiailized.
     61   bool CertificatesLoaded() const;
     62 
     63   // Returns true if the TPM is available for hardware-backed certificates.
     64   bool IsHardwareBacked() const;
     65 
     66   // Retruns the number of certificates available for |type|.
     67   int NumCertificates(CertType type) const;
     68 
     69   // Retreives the certificate property for |type| at |index|.
     70   base::string16 GetCertDisplayStringAt(CertType type, int index) const;
     71   std::string GetCertPEMAt(CertType type, int index) const;
     72   std::string GetCertPkcs11IdAt(CertType type, int index) const;
     73   bool IsCertHardwareBackedAt(CertType type, int index) const;
     74 
     75   // Returns the index of a Certificate matching |pem_encoded| or -1 if none
     76   // found. This function may be slow depending on the number of stored
     77   // certificates.
     78   // TOOD(pneubeck): Either make this more efficient, asynchronous or get rid of
     79   // it.
     80   int GetCertIndexByPEM(CertType type, const std::string& pem_encoded) const;
     81   // Same as above but for a PKCS#11 id. TODO(stevenjb): Replace this with a
     82   // better mechanism for uniquely idientifying certificates, crbug.com/236978.
     83   int GetCertIndexByPkcs11Id(CertType type, const std::string& pkcs11_id) const;
     84 
     85   // CertLoader::Observer
     86   virtual void OnCertificatesLoaded(const net::CertificateList&,
     87                                     bool initial_load) OVERRIDE;
     88 
     89  private:
     90   CertLibrary();
     91   virtual ~CertLibrary();
     92 
     93   net::X509Certificate* GetCertificateAt(CertType type, int index) const;
     94   const net::CertificateList& GetCertificateListForType(CertType type) const;
     95 
     96   ObserverList<CertLibrary::Observer> observer_list_;
     97 
     98   // Sorted certificate lists
     99   net::CertificateList certs_;
    100   net::CertificateList user_certs_;
    101   net::CertificateList server_certs_;
    102   net::CertificateList server_ca_certs_;
    103 
    104   DISALLOW_COPY_AND_ASSIGN(CertLibrary);
    105 };
    106 
    107 }  // namespace chromeos
    108 
    109 #endif  // CHROME_BROWSER_CHROMEOS_OPTIONS_CERT_LIBRARY_H_
    110