Home | History | Annotate | Download | only in network 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_
      6 #define CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_
      7 
      8 #include <string>
      9 
     10 #include "base/memory/ref_counted.h"
     11 #include "chromeos/chromeos_export.h"
     12 
     13 namespace base {
     14 class DictionaryValue;
     15 }
     16 
     17 namespace net {
     18 struct CertPrincipal;
     19 class X509Certificate;
     20 }
     21 
     22 namespace chromeos {
     23 
     24 class CertificatePattern;
     25 class IssuerSubjectPattern;
     26 
     27 namespace client_cert {
     28 
     29 enum ConfigType {
     30   CONFIG_TYPE_NONE,
     31   CONFIG_TYPE_OPENVPN,
     32   CONFIG_TYPE_IPSEC,
     33   CONFIG_TYPE_EAP
     34 };
     35 
     36 // Returns true only if any fields set in this pattern match exactly with
     37 // similar fields in the principal.  If organization_ or organizational_unit_
     38 // are set, then at least one of the organizations or units in the principal
     39 // must match.
     40 bool CertPrincipalMatches(const IssuerSubjectPattern& pattern,
     41                           const net::CertPrincipal& principal);
     42 
     43 // Fetches the matching certificate that has the latest valid start date.
     44 // Returns a NULL refptr if there is no such match.
     45 CHROMEOS_EXPORT scoped_refptr<net::X509Certificate> GetCertificateMatch(
     46     const CertificatePattern& pattern);
     47 
     48 // If not empty, sets the TPM properties in |properties|. If |pkcs11_id| is not
     49 // NULL, also sets the ClientCertID. |cert_config_type| determines which
     50 // dictionary entries to set.
     51 void SetShillProperties(const ConfigType cert_config_type,
     52                         const std::string& tpm_slot,
     53                         const std::string& tpm_pin,
     54                         const std::string* pkcs11_id,
     55                         base::DictionaryValue* properties);
     56 
     57 // Returns true if all required configuration properties are set and not empty.
     58 bool IsCertificateConfigured(const client_cert::ConfigType cert_config_type,
     59                              const base::DictionaryValue& service_properties);
     60 
     61 }  // namespace client_cert
     62 
     63 }  // namespace chromeos
     64 
     65 #endif  // CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_
     66