OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_BASE_SERVER_BOUND_CERT_STORE_H_ | 5 #ifndef NET_BASE_SERVER_BOUND_CERT_STORE_H_ |
6 #define NET_BASE_SERVER_BOUND_CERT_STORE_H_ | 6 #define NET_BASE_SERVER_BOUND_CERT_STORE_H_ |
7 | 7 |
8 #include <list> | 8 #include <list> |
9 #include <string> | 9 #include <string> |
10 | 10 |
| 11 #include "base/callback.h" |
11 #include "base/threading/non_thread_safe.h" | 12 #include "base/threading/non_thread_safe.h" |
12 #include "base/time.h" | 13 #include "base/time.h" |
13 #include "net/base/net_export.h" | 14 #include "net/base/net_export.h" |
14 #include "net/base/ssl_client_cert_type.h" | 15 #include "net/base/ssl_client_cert_type.h" |
15 | 16 |
16 namespace net { | 17 namespace net { |
17 | 18 |
18 // An interface for storing and retrieving server bound certs. | 19 // An interface for storing and retrieving server bound certs. |
19 // There isn't a domain bound certs spec yet, but the old origin bound | 20 // There isn't a domain bound certs spec yet, but the old origin bound |
20 // certificates are specified in | 21 // certificates are specified in |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
58 std::string server_identifier_; | 59 std::string server_identifier_; |
59 SSLClientCertType type_; | 60 SSLClientCertType type_; |
60 base::Time creation_time_; | 61 base::Time creation_time_; |
61 base::Time expiration_time_; | 62 base::Time expiration_time_; |
62 std::string private_key_; | 63 std::string private_key_; |
63 std::string cert_; | 64 std::string cert_; |
64 }; | 65 }; |
65 | 66 |
66 typedef std::list<ServerBoundCert> ServerBoundCertList; | 67 typedef std::list<ServerBoundCert> ServerBoundCertList; |
67 | 68 |
| 69 typedef base::Callback<void( |
| 70 const std::string&, |
| 71 SSLClientCertType, |
| 72 base::Time, |
| 73 const std::string&, |
| 74 const std::string&)> GetCertCallback; |
| 75 typedef base::Callback<void(const ServerBoundCertList&)> GetCertListCallback; |
| 76 |
68 virtual ~ServerBoundCertStore() {} | 77 virtual ~ServerBoundCertStore() {} |
69 | 78 |
70 // TODO(rkn): File I/O may be required, so this should have an asynchronous | 79 // GetServerBoundCert may return the result synchronously through the |
71 // interface. | 80 // output parameters, in which case it will return true. Otherwise it will |
72 // Returns true on success. |private_key_result| stores a DER-encoded | 81 // return false and the callback will be called with the result |
73 // PrivateKeyInfo struct, |cert_result| stores a DER-encoded certificate, | 82 // asynchronously. |
74 // |type| is the ClientCertificateType of the returned certificate, | 83 // In either case, the type will be CLIENT_CERT_INVALID_TYPE if no cert |
75 // |creation_time| stores the start of the validity period of the certificate | 84 // existed for the given |server_identifier|. |
76 // and |expiration_time| is the expiration time of the certificate. | |
77 // Returns false if no server bound cert exists for the specified server. | |
78 virtual bool GetServerBoundCert( | 85 virtual bool GetServerBoundCert( |
79 const std::string& server_identifier, | 86 const std::string& server_identifier, |
80 SSLClientCertType* type, | 87 SSLClientCertType* type, |
81 base::Time* creation_time, | |
82 base::Time* expiration_time, | 88 base::Time* expiration_time, |
83 std::string* private_key_result, | 89 std::string* private_key_result, |
84 std::string* cert_result) = 0; | 90 std::string* cert_result, |
| 91 const GetCertCallback& callback) = 0; |
85 | 92 |
86 // Adds a server bound cert and the corresponding private key to the store. | 93 // Adds a server bound cert and the corresponding private key to the store. |
87 virtual void SetServerBoundCert( | 94 virtual void SetServerBoundCert( |
88 const std::string& server_identifier, | 95 const std::string& server_identifier, |
89 SSLClientCertType type, | 96 SSLClientCertType type, |
90 base::Time creation_time, | 97 base::Time creation_time, |
91 base::Time expiration_time, | 98 base::Time expiration_time, |
92 const std::string& private_key, | 99 const std::string& private_key, |
93 const std::string& cert) = 0; | 100 const std::string& cert) = 0; |
94 | 101 |
95 // Removes a server bound cert and the corresponding private key from the | 102 // Removes a server bound cert and the corresponding private key from the |
96 // store. | 103 // store. |
97 virtual void DeleteServerBoundCert(const std::string& server_identifier) = 0; | 104 virtual void DeleteServerBoundCert( |
| 105 const std::string& server_identifier, |
| 106 const base::Closure& completion_callback) = 0; |
98 | 107 |
99 // Deletes all of the server bound certs that have a creation_date greater | 108 // Deletes all of the server bound certs that have a creation_date greater |
100 // than or equal to |delete_begin| and less than |delete_end|. If a | 109 // than or equal to |delete_begin| and less than |delete_end|. If a |
101 // base::Time value is_null, that side of the comparison is unbounded. | 110 // base::Time value is_null, that side of the comparison is unbounded. |
102 virtual void DeleteAllCreatedBetween(base::Time delete_begin, | 111 virtual void DeleteAllCreatedBetween( |
103 base::Time delete_end) = 0; | 112 base::Time delete_begin, |
| 113 base::Time delete_end, |
| 114 const base::Closure& completion_callback) = 0; |
104 | 115 |
105 // Removes all server bound certs and the corresponding private keys from | 116 // Removes all server bound certs and the corresponding private keys from |
106 // the store. | 117 // the store. |
107 virtual void DeleteAll() = 0; | 118 virtual void DeleteAll(const base::Closure& completion_callback) = 0; |
108 | 119 |
109 // Returns all server bound certs and the corresponding private keys. | 120 // Returns all server bound certs and the corresponding private keys. |
110 virtual void GetAllServerBoundCerts( | 121 virtual void GetAllServerBoundCerts(const GetCertListCallback& callback) = 0; |
111 ServerBoundCertList* server_bound_certs) = 0; | |
112 | 122 |
113 // Helper function that adds all certs from |list| into this instance. | 123 // Helper function that adds all certs from |list| into this instance. |
114 void InitializeFrom(const ServerBoundCertList& list); | 124 void InitializeFrom(const ServerBoundCertList& list); |
115 | 125 |
116 // Returns the number of certs in the store. | 126 // Returns the number of certs in the store. May return 0 if the backing |
| 127 // store is not loaded yet. |
117 // Public only for unit testing. | 128 // Public only for unit testing. |
118 virtual int GetCertCount() = 0; | 129 virtual int GetCertCount() = 0; |
119 | 130 |
120 // When invoked, instructs the store to keep session related data on | 131 // When invoked, instructs the store to keep session related data on |
121 // destruction. | 132 // destruction. |
122 virtual void SetForceKeepSessionState() = 0; | 133 virtual void SetForceKeepSessionState() = 0; |
123 }; | 134 }; |
124 | 135 |
125 } // namespace net | 136 } // namespace net |
126 | 137 |
127 #endif // NET_BASE_SERVER_BOUND_CERT_STORE_H_ | 138 #endif // NET_BASE_SERVER_BOUND_CERT_STORE_H_ |
OLD | NEW |