Home | History | Annotate | Download | only in options 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_UI_WEBUI_OPTIONS_CERTIFICATE_MANAGER_HANDLER_H_
      6 #define CHROME_BROWSER_UI_WEBUI_OPTIONS_CERTIFICATE_MANAGER_HANDLER_H_
      7 
      8 #include <string>
      9 
     10 #include "base/compiler_specific.h"
     11 #include "base/memory/scoped_ptr.h"
     12 #include "base/memory/weak_ptr.h"
     13 #include "base/task/cancelable_task_tracker.h"
     14 #include "chrome/browser/certificate_manager_model.h"
     15 #include "chrome/browser/ui/webui/options/options_ui.h"
     16 #include "net/cert/nss_cert_database.h"
     17 #include "ui/gfx/native_widget_types.h"
     18 #include "ui/shell_dialogs/select_file_dialog.h"
     19 
     20 namespace options {
     21 
     22 class CertIdMap;
     23 class FileAccessProvider;
     24 
     25 class CertificateManagerHandler
     26     : public OptionsPageUIHandler,
     27       public CertificateManagerModel::Observer,
     28       public ui::SelectFileDialog::Listener {
     29  public:
     30   explicit CertificateManagerHandler(bool show_certs_in_modal_dialog);
     31   virtual ~CertificateManagerHandler();
     32 
     33   // OptionsPageUIHandler implementation.
     34   virtual void GetLocalizedValues(
     35       base::DictionaryValue* localized_strings) OVERRIDE;
     36   virtual void RegisterMessages() OVERRIDE;
     37 
     38   // CertificateManagerModel::Observer implementation.
     39   virtual void CertificatesRefreshed() OVERRIDE;
     40 
     41   // SelectFileDialog::Listener implementation.
     42   virtual void FileSelected(const base::FilePath& path,
     43                             int index,
     44                             void* params) OVERRIDE;
     45   virtual void FileSelectionCanceled(void* params) OVERRIDE;
     46 
     47  private:
     48   // View certificate.
     49   void View(const base::ListValue* args);
     50 
     51   // Edit server certificate trust values.
     52   void EditServer(const base::ListValue* args);
     53 
     54   // Edit certificate authority trust values.  The sequence goes like:
     55   //  1. user clicks edit button -> CertificateEditCaTrustOverlay.show ->
     56   //  GetCATrust -> CertificateEditCaTrustOverlay.populateTrust
     57   //  2. user clicks ok -> EditCATrust -> CertificateEditCaTrustOverlay.dismiss
     58   void GetCATrust(const base::ListValue* args);
     59   void EditCATrust(const base::ListValue* args);
     60 
     61   // Cleanup state stored during import or export process.
     62   void CancelImportExportProcess(const base::ListValue* args);
     63   void ImportExportCleanup();
     64 
     65   // Export to PKCS #12 file.  The sequence goes like:
     66   //  1a. user click on export button -> ExportPersonal -> launches file
     67   //  selector
     68   //  1b. user click on export all button -> ExportAllPersonal -> launches file
     69   //  selector
     70   //  2. user selects file -> ExportPersonalFileSelected -> launches password
     71   //  dialog
     72   //  3. user enters password -> ExportPersonalPasswordSelected -> unlock slots
     73   //  4. slots unlocked -> ExportPersonalSlotsUnlocked -> exports to memory
     74   //  buffer -> starts async write operation
     75   //  5. write finishes (or fails) -> ExportPersonalFileWritten
     76   void ExportPersonal(const base::ListValue* args);
     77   void ExportAllPersonal(const base::ListValue* args);
     78   void ExportPersonalFileSelected(const base::FilePath& path);
     79   void ExportPersonalPasswordSelected(const base::ListValue* args);
     80   void ExportPersonalSlotsUnlocked();
     81   void ExportPersonalFileWritten(const int* write_errno,
     82                                  const int* bytes_written);
     83 
     84   // Import from PKCS #12 file.  The sequence goes like:
     85   //  1. user click on import button -> StartImportPersonal -> launches file
     86   //  selector
     87   //  2. user selects file -> ImportPersonalFileSelected -> launches password
     88   //  dialog
     89   //  3. user enters password -> ImportPersonalPasswordSelected -> starts async
     90   //  read operation
     91   //  4. read operation completes -> ImportPersonalFileRead -> unlock slot
     92   //  5. slot unlocked -> ImportPersonalSlotUnlocked attempts to
     93   //  import with previously entered password
     94   //  6a. if import succeeds -> ImportExportCleanup
     95   //  6b. if import fails -> show error, ImportExportCleanup
     96   //  TODO(mattm): allow retrying with different password
     97   void StartImportPersonal(const base::ListValue* args);
     98   void ImportPersonalFileSelected(const base::FilePath& path);
     99   void ImportPersonalPasswordSelected(const base::ListValue* args);
    100   void ImportPersonalFileRead(const int* read_errno, const std::string* data);
    101   void ImportPersonalSlotUnlocked();
    102 
    103   // Import Server certificates from file.  Sequence goes like:
    104   //  1. user clicks on import button -> ImportServer -> launches file selector
    105   //  2. user selects file -> ImportServerFileSelected -> starts async read
    106   //  3. read completes -> ImportServerFileRead -> parse certs -> attempt import
    107   //  4a. if import succeeds -> ImportExportCleanup
    108   //  4b. if import fails -> show error, ImportExportCleanup
    109   void ImportServer(const base::ListValue* args);
    110   void ImportServerFileSelected(const base::FilePath& path);
    111   void ImportServerFileRead(const int* read_errno, const std::string* data);
    112 
    113   // Import Certificate Authorities from file.  Sequence goes like:
    114   //  1. user clicks on import button -> ImportCA -> launches file selector
    115   //  2. user selects file -> ImportCAFileSelected -> starts async read
    116   //  3. read completes -> ImportCAFileRead -> parse certs ->
    117   //  CertificateEditCaTrustOverlay.showImport
    118   //  4. user clicks ok -> ImportCATrustSelected -> attempt import
    119   //  5a. if import succeeds -> ImportExportCleanup
    120   //  5b. if import fails -> show error, ImportExportCleanup
    121   void ImportCA(const base::ListValue* args);
    122   void ImportCAFileSelected(const base::FilePath& path);
    123   void ImportCAFileRead(const int* read_errno, const std::string* data);
    124   void ImportCATrustSelected(const base::ListValue* args);
    125 
    126   // Export a certificate.
    127   void Export(const base::ListValue* args);
    128 
    129   // Delete certificate and private key (if any).
    130   void Delete(const base::ListValue* args);
    131 
    132   // Model initialization methods.
    133   void OnCertificateManagerModelCreated(
    134       scoped_ptr<CertificateManagerModel> model);
    135   void CertificateManagerModelReady();
    136 
    137   // Populate the trees in all the tabs.
    138   void Populate(const base::ListValue* args);
    139 
    140   // Populate the given tab's tree.
    141   void PopulateTree(const std::string& tab_name,
    142                     net::CertType type,
    143                     const net::CertificateList& web_trust_certs);
    144 
    145   // Populate the tree after retrieving the list of policy-installed
    146   // web-trusted certificates.
    147   void OnPolicyWebTrustCertsRetrieved(
    148       const net::CertificateList& web_trust_certs);
    149 
    150   // Display a WebUI error message box.
    151   void ShowError(const std::string& title, const std::string& error) const;
    152 
    153   // Display a WebUI error message box for import failures.
    154   // Depends on |selected_cert_list_| being set to the imports that we
    155   // attempted to import.
    156   void ShowImportErrors(
    157       const std::string& title,
    158       const net::NSSCertDatabase::ImportCertFailureList& not_imported) const;
    159 
    160   gfx::NativeWindow GetParentWindow() const;
    161 
    162   // True if certificate viewer should be shown in modal instead of constrianed
    163   // dialog.
    164   bool show_certs_in_modal_dialog_;
    165   // The Certificates Manager model
    166   bool requested_certificate_manager_model_;
    167   scoped_ptr<CertificateManagerModel> certificate_manager_model_;
    168 
    169   // For multi-step import or export processes, we need to store the path,
    170   // password, etc the user chose while we wait for them to enter a password,
    171   // wait for file to be read, etc.
    172   base::FilePath file_path_;
    173   base::string16 password_;
    174   bool use_hardware_backed_;
    175   std::string file_data_;
    176   net::CertificateList selected_cert_list_;
    177   scoped_refptr<ui::SelectFileDialog> select_file_dialog_;
    178   scoped_refptr<net::CryptoModule> module_;
    179 
    180   // Used in reading and writing certificate files.
    181   base::CancelableTaskTracker tracker_;
    182   scoped_refptr<FileAccessProvider> file_access_provider_;
    183 
    184   scoped_ptr<CertIdMap> cert_id_map_;
    185 
    186   base::WeakPtrFactory<CertificateManagerHandler> weak_ptr_factory_;
    187 
    188   DISALLOW_COPY_AND_ASSIGN(CertificateManagerHandler);
    189 };
    190 
    191 }  // namespace options
    192 
    193 #endif  // CHROME_BROWSER_UI_WEBUI_OPTIONS_CERTIFICATE_MANAGER_HANDLER_H_
    194