1// Copyright 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_CHROMEOS_OPTIONS_CERT_LIBRARY_H_ 6#define CHROME_BROWSER_CHROMEOS_OPTIONS_CERT_LIBRARY_H_ 7 8#include <string> 9 10#include "base/strings/string16.h" 11#include "chromeos/cert_loader.h" 12#include "net/cert/x509_certificate.h" 13 14namespace chromeos { 15 16class CertNameComparator; 17 18// This class is responsible for keeping track of certificates in a UI 19// friendly manner. It observes CertLoader to receive certificate list 20// updates and sorts them by type for the UI. All public APIs are expected 21// to be called from the UI thread and are non blocking. Observers will also 22// be called on the UI thread. 23class CertLibrary : public CertLoader::Observer { 24 public: 25 class Observer { 26 public: 27 virtual ~Observer() {} 28 29 // Called for any Observers whenever the certificates are loaded. 30 // |initial_load| is true the first time this is called. 31 virtual void OnCertificatesLoaded(bool initial_load) = 0; 32 33 protected: 34 Observer() {} 35 36 private: 37 DISALLOW_COPY_AND_ASSIGN(Observer); 38 }; 39 40 enum CertType { 41 CERT_TYPE_DEFAULT, 42 CERT_TYPE_USER, 43 CERT_TYPE_SERVER, 44 CERT_TYPE_SERVER_CA 45 }; 46 47 // Manage the global instance. 48 static void Initialize(); 49 static void Shutdown(); 50 static CertLibrary* Get(); 51 static bool IsInitialized(); 52 53 // Add / Remove Observer 54 void AddObserver(Observer* observer); 55 void RemoveObserver(Observer* observer); 56 57 // Returns true when the certificate list has been requested but not loaded. 58 bool CertificatesLoading() const; 59 60 // Returns true when the certificate list has been initiailized. 61 bool CertificatesLoaded() const; 62 63 // Returns true if the TPM is available for hardware-backed certificates. 64 bool IsHardwareBacked() const; 65 66 // Retruns the number of certificates available for |type|. 67 int NumCertificates(CertType type) const; 68 69 // Retreives the certificate property for |type| at |index|. 70 base::string16 GetCertDisplayStringAt(CertType type, int index) const; 71 std::string GetServerCACertPEMAt(int index) const; 72 std::string GetUserCertPkcs11IdAt(int index, int* slot_id) const; 73 bool IsCertHardwareBackedAt(CertType type, int index) const; 74 75 // Returns the index of a Certificate matching |pem_encoded| or -1 if none 76 // found. This function may be slow depending on the number of stored 77 // certificates. 78 // TOOD(pneubeck): Either make this more efficient, asynchronous or get rid of 79 // it. 80 int GetServerCACertIndexByPEM(const std::string& pem_encoded) const; 81 // Same as above but for a PKCS#11 id. 82 int GetUserCertIndexByPkcs11Id(const std::string& pkcs11_id) const; 83 84 // CertLoader::Observer 85 virtual void OnCertificatesLoaded(const net::CertificateList&, 86 bool initial_load) OVERRIDE; 87 88 private: 89 CertLibrary(); 90 virtual ~CertLibrary(); 91 92 net::X509Certificate* GetCertificateAt(CertType type, int index) const; 93 const net::CertificateList& GetCertificateListForType(CertType type) const; 94 95 ObserverList<CertLibrary::Observer> observer_list_; 96 97 // Sorted certificate lists 98 net::CertificateList certs_; 99 net::CertificateList user_certs_; 100 net::CertificateList server_certs_; 101 net::CertificateList server_ca_certs_; 102 103 DISALLOW_COPY_AND_ASSIGN(CertLibrary); 104}; 105 106} // namespace chromeos 107 108#endif // CHROME_BROWSER_CHROMEOS_OPTIONS_CERT_LIBRARY_H_ 109