1// Copyright (c) 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_NET_NSS_CONTEXT_H_
6#define CHROME_BROWSER_NET_NSS_CONTEXT_H_
7
8#include <string>
9
10#include "base/callback.h"
11#include "base/compiler_specific.h"
12#include "crypto/scoped_nss_types.h"
13
14class Profile;
15
16namespace net {
17class NSSCertDatabase;
18}
19
20namespace content {
21class ResourceContext;
22}  // namespace content
23
24// Returns a reference to the public slot for the user associated with
25// |context|.  Should be called only on the IO thread.
26crypto::ScopedPK11Slot GetPublicNSSKeySlotForResourceContext(
27    content::ResourceContext* context);
28
29// Returns a reference to the private slot for the user associated with
30// |context|, if it is loaded. If it is not loaded and |callback| is non-null,
31// the |callback| will be run once the slot is loaded.
32// Should be called only on the IO thread.
33crypto::ScopedPK11Slot GetPrivateNSSKeySlotForResourceContext(
34    content::ResourceContext* context,
35    const base::Callback<void(crypto::ScopedPK11Slot)>& callback)
36    WARN_UNUSED_RESULT;
37
38// Returns a pointer to the NSSCertDatabase for the user associated with
39// |context|, if it is ready. If it is not ready and |callback| is non-null, the
40// |callback| will be run once the DB is initialized. Ownership is not
41// transferred, but the caller may save the pointer, which will remain valid for
42// the lifetime of the ResourceContext.
43// Must be called only on the IO thread.
44net::NSSCertDatabase* GetNSSCertDatabaseForResourceContext(
45    content::ResourceContext* context,
46    const base::Callback<void(net::NSSCertDatabase*)>& callback)
47    WARN_UNUSED_RESULT;
48
49#if defined(OS_CHROMEOS)
50// Enables the system key slot in the NSSCertDatabase for the user associated
51// with |context|.
52// Must be called only on the IO thread.
53void EnableNSSSystemKeySlotForResourceContext(
54    content::ResourceContext* context);
55#endif
56
57// Gets a pointer to the NSSCertDatabase for the user associated with |context|.
58// It's a wrapper around |GetNSSCertDatabaseForResourceContext| which makes
59// sure it's called on IO thread (with |profile|'s resource context). The
60// callback will be called on the originating message loop.
61// It's accessing profile, so it should be called on the UI thread.
62void GetNSSCertDatabaseForProfile(
63    Profile* profile,
64    const base::Callback<void(net::NSSCertDatabase*)>& callback);
65
66#endif  // CHROME_BROWSER_NET_NSS_CONTEXT_H_
67