client_cert_util.h revision 5d1f7b1de12d16ceb2c938c56701a3e8bfa558f7
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_ 6#define CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_ 7 8#include <string> 9#include <vector> 10 11#include "base/memory/ref_counted.h" 12#include "chromeos/chromeos_export.h" 13 14namespace base { 15class DictionaryValue; 16} 17 18namespace net { 19struct CertPrincipal; 20class X509Certificate; 21typedef std::vector<scoped_refptr<X509Certificate> > CertificateList; 22} 23 24namespace chromeos { 25 26class CertificatePattern; 27class IssuerSubjectPattern; 28 29namespace client_cert { 30 31enum ConfigType { 32 CONFIG_TYPE_NONE, 33 CONFIG_TYPE_OPENVPN, 34 CONFIG_TYPE_IPSEC, 35 CONFIG_TYPE_EAP 36}; 37 38// Returns true only if any fields set in this pattern match exactly with 39// similar fields in the principal. If organization_ or organizational_unit_ 40// are set, then at least one of the organizations or units in the principal 41// must match. 42bool CertPrincipalMatches(const IssuerSubjectPattern& pattern, 43 const net::CertPrincipal& principal); 44 45// Fetches the matching certificate that has the latest valid start date. 46// Returns a NULL refptr if there is no such match. 47CHROMEOS_EXPORT scoped_refptr<net::X509Certificate> GetCertificateMatch( 48 const CertificatePattern& pattern, 49 const net::CertificateList& all_certs); 50 51// If not empty, sets the TPM properties in |properties|. If |pkcs11_id| is not 52// NULL, also sets the ClientCertID. |cert_config_type| determines which 53// dictionary entries to set. 54void SetShillProperties(const ConfigType cert_config_type, 55 const std::string& tpm_slot, 56 const std::string& tpm_pin, 57 const std::string* pkcs11_id, 58 base::DictionaryValue* properties); 59 60// Returns true if all required configuration properties are set and not empty. 61bool IsCertificateConfigured(const client_cert::ConfigType cert_config_type, 62 const base::DictionaryValue& service_properties); 63 64} // namespace client_cert 65 66} // namespace chromeos 67 68#endif // CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_ 69