| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_BASE_SERVER_BOUND_CERT_STORE_H_ | 5 #ifndef NET_BASE_SERVER_BOUND_CERT_STORE_H_ |
| 6 #define NET_BASE_SERVER_BOUND_CERT_STORE_H_ | 6 #define NET_BASE_SERVER_BOUND_CERT_STORE_H_ |
| 7 | 7 |
| 8 #include <list> | 8 #include <list> |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| 11 #include "base/callback.h" |
| 11 #include "base/threading/non_thread_safe.h" | 12 #include "base/threading/non_thread_safe.h" |
| 12 #include "base/time.h" | 13 #include "base/time.h" |
| 13 #include "net/base/net_export.h" | 14 #include "net/base/net_export.h" |
| 14 #include "net/base/ssl_client_cert_type.h" | 15 #include "net/base/ssl_client_cert_type.h" |
| 15 | 16 |
| 16 namespace net { | 17 namespace net { |
| 17 | 18 |
| 18 // An interface for storing and retrieving server bound certs. | 19 // An interface for storing and retrieving server bound certs. |
| 19 // There isn't a domain bound certs spec yet, but the old origin bound | 20 // There isn't a domain bound certs spec yet, but the old origin bound |
| 20 // certificates are specified in | 21 // certificates are specified in |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 58 std::string server_identifier_; | 59 std::string server_identifier_; |
| 59 SSLClientCertType type_; | 60 SSLClientCertType type_; |
| 60 base::Time creation_time_; | 61 base::Time creation_time_; |
| 61 base::Time expiration_time_; | 62 base::Time expiration_time_; |
| 62 std::string private_key_; | 63 std::string private_key_; |
| 63 std::string cert_; | 64 std::string cert_; |
| 64 }; | 65 }; |
| 65 | 66 |
| 66 typedef std::list<ServerBoundCert> ServerBoundCertList; | 67 typedef std::list<ServerBoundCert> ServerBoundCertList; |
| 67 | 68 |
| 69 typedef base::Callback<void( |
| 70 const std::string&, |
| 71 SSLClientCertType, |
| 72 base::Time, |
| 73 const std::string&, |
| 74 const std::string&)> GetCertCallback; |
| 75 typedef base::Callback<void(const ServerBoundCertList&)> GetCertListCallback; |
| 76 |
| 68 virtual ~ServerBoundCertStore() {} | 77 virtual ~ServerBoundCertStore() {} |
| 69 | 78 |
| 70 // TODO(rkn): File I/O may be required, so this should have an asynchronous | 79 // GetServerBoundCert may return the result synchronously through the |
| 71 // interface. | 80 // output parameters, in which case it will return true. Otherwise it will |
| 72 // Returns true on success. |private_key_result| stores a DER-encoded | 81 // return false and the callback will be called with the result |
| 73 // PrivateKeyInfo struct, |cert_result| stores a DER-encoded certificate, | 82 // asynchronously. |
| 74 // |type| is the ClientCertificateType of the returned certificate, | 83 // In either case, the type will be CLIENT_CERT_INVALID_TYPE if no cert |
| 75 // |creation_time| stores the start of the validity period of the certificate | 84 // existed for the given |server_identifier|. |
| 76 // and |expiration_time| is the expiration time of the certificate. | |
| 77 // Returns false if no server bound cert exists for the specified server. | |
| 78 virtual bool GetServerBoundCert( | 85 virtual bool GetServerBoundCert( |
| 79 const std::string& server_identifier, | 86 const std::string& server_identifier, |
| 80 SSLClientCertType* type, | 87 SSLClientCertType* type, |
| 81 base::Time* creation_time, | |
| 82 base::Time* expiration_time, | 88 base::Time* expiration_time, |
| 83 std::string* private_key_result, | 89 std::string* private_key_result, |
| 84 std::string* cert_result) = 0; | 90 std::string* cert_result, |
| 91 const GetCertCallback& callback) = 0; |
| 85 | 92 |
| 86 // Adds a server bound cert and the corresponding private key to the store. | 93 // Adds a server bound cert and the corresponding private key to the store. |
| 87 virtual void SetServerBoundCert( | 94 virtual void SetServerBoundCert( |
| 88 const std::string& server_identifier, | 95 const std::string& server_identifier, |
| 89 SSLClientCertType type, | 96 SSLClientCertType type, |
| 90 base::Time creation_time, | 97 base::Time creation_time, |
| 91 base::Time expiration_time, | 98 base::Time expiration_time, |
| 92 const std::string& private_key, | 99 const std::string& private_key, |
| 93 const std::string& cert) = 0; | 100 const std::string& cert) = 0; |
| 94 | 101 |
| 95 // Removes a server bound cert and the corresponding private key from the | 102 // Removes a server bound cert and the corresponding private key from the |
| 96 // store. | 103 // store. |
| 97 virtual void DeleteServerBoundCert(const std::string& server_identifier) = 0; | 104 virtual void DeleteServerBoundCert( |
| 105 const std::string& server_identifier, |
| 106 const base::Closure& completion_callback) = 0; |
| 98 | 107 |
| 99 // Deletes all of the server bound certs that have a creation_date greater | 108 // Deletes all of the server bound certs that have a creation_date greater |
| 100 // than or equal to |delete_begin| and less than |delete_end|. If a | 109 // than or equal to |delete_begin| and less than |delete_end|. If a |
| 101 // base::Time value is_null, that side of the comparison is unbounded. | 110 // base::Time value is_null, that side of the comparison is unbounded. |
| 102 virtual void DeleteAllCreatedBetween(base::Time delete_begin, | 111 virtual void DeleteAllCreatedBetween( |
| 103 base::Time delete_end) = 0; | 112 base::Time delete_begin, |
| 113 base::Time delete_end, |
| 114 const base::Closure& completion_callback) = 0; |
| 104 | 115 |
| 105 // Removes all server bound certs and the corresponding private keys from | 116 // Removes all server bound certs and the corresponding private keys from |
| 106 // the store. | 117 // the store. |
| 107 virtual void DeleteAll() = 0; | 118 virtual void DeleteAll(const base::Closure& completion_callback) = 0; |
| 108 | 119 |
| 109 // Returns all server bound certs and the corresponding private keys. | 120 // Returns all server bound certs and the corresponding private keys. |
| 110 virtual void GetAllServerBoundCerts( | 121 virtual void GetAllServerBoundCerts(const GetCertListCallback& callback) = 0; |
| 111 ServerBoundCertList* server_bound_certs) = 0; | |
| 112 | 122 |
| 113 // Helper function that adds all certs from |list| into this instance. | 123 // Helper function that adds all certs from |list| into this instance. |
| 114 void InitializeFrom(const ServerBoundCertList& list); | 124 void InitializeFrom(const ServerBoundCertList& list); |
| 115 | 125 |
| 116 // Returns the number of certs in the store. | 126 // Returns the number of certs in the store. May return 0 if the backing |
| 127 // store is not loaded yet. |
| 117 // Public only for unit testing. | 128 // Public only for unit testing. |
| 118 virtual int GetCertCount() = 0; | 129 virtual int GetCertCount() = 0; |
| 119 | 130 |
| 120 // When invoked, instructs the store to keep session related data on | 131 // When invoked, instructs the store to keep session related data on |
| 121 // destruction. | 132 // destruction. |
| 122 virtual void SetForceKeepSessionState() = 0; | 133 virtual void SetForceKeepSessionState() = 0; |
| 123 }; | 134 }; |
| 124 | 135 |
| 125 } // namespace net | 136 } // namespace net |
| 126 | 137 |
| 127 #endif // NET_BASE_SERVER_BOUND_CERT_STORE_H_ | 138 #endif // NET_BASE_SERVER_BOUND_CERT_STORE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11742037:
Make ServerBoundCertStore interface async, move SQLiteServerBoundCertStore load onto DB thread. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src