Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(96)

Side by Side Diff: chromeos/cert_loader.h

Issue 22327005: Automatically resolve ClientCertificatePatterns. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fixed yet another issue with CertLoader. Created 7 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | chromeos/cert_loader.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CHROMEOS_CERT_LOADER_H_ 5 #ifndef CHROMEOS_CERT_LOADER_H_
6 #define CHROMEOS_CERT_LOADER_H_ 6 #define CHROMEOS_CERT_LOADER_H_
7 7
8 #include <string> 8 #include <string>
9 9
10 #include "base/basictypes.h" 10 #include "base/basictypes.h"
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after
62 static void Shutdown(); 62 static void Shutdown();
63 63
64 // Gets the global instance. Initialize() must be called first. 64 // Gets the global instance. Initialize() must be called first.
65 static CertLoader* Get(); 65 static CertLoader* Get();
66 66
67 // Returns true if the global instance has been initialized. 67 // Returns true if the global instance has been initialized.
68 static bool IsInitialized(); 68 static bool IsInitialized();
69 69
70 static std::string GetPkcs11IdForCert(const net::X509Certificate& cert); 70 static std::string GetPkcs11IdForCert(const net::X509Certificate& cert);
71 71
72 // By default, CertLoader tries to load the TPMToken only if running in a
73 // ChromeOS environment. Tests can call this function after Initialize() and
74 // before SetCryptoTaskRunner() to enable the TPM initialization.
75 void InitializeTPMForTest();
76
72 // |crypto_task_runner| is the task runner that any synchronous crypto calls 77 // |crypto_task_runner| is the task runner that any synchronous crypto calls
73 // should be made from, e.g. in Chrome this is the IO thread. Must be called 78 // should be made from, e.g. in Chrome this is the IO thread. Must be called
74 // after the thread is started. Certificate loading will not happen unless 79 // after the thread is started. Starts TPM initialization and Certificate
75 // this is set. 80 // loading.
76 void SetCryptoTaskRunner( 81 void SetCryptoTaskRunner(
77 const scoped_refptr<base::SequencedTaskRunner>& crypto_task_runner); 82 const scoped_refptr<base::SequencedTaskRunner>& crypto_task_runner);
78 83
79 // Sets the task runner that any slow calls will be made from, e.g. calls 84 // Sets the task runner that any slow calls will be made from, e.g. calls
80 // to the NSS database. If not set, uses base::WorkerPool. 85 // to the NSS database. If not set, uses base::WorkerPool.
81 void SetSlowTaskRunnerForTest( 86 void SetSlowTaskRunnerForTest(
82 const scoped_refptr<base::TaskRunner>& task_runner); 87 const scoped_refptr<base::TaskRunner>& task_runner);
83 88
84 void AddObserver(CertLoader::Observer* observer); 89 void AddObserver(CertLoader::Observer* observer);
85 void RemoveObserver(CertLoader::Observer* observer); 90 void RemoveObserver(CertLoader::Observer* observer);
(...skipping 12 matching lines...) Expand all
98 const std::string& tpm_token_slot() const { return tpm_token_slot_; } 103 const std::string& tpm_token_slot() const { return tpm_token_slot_; }
99 const std::string& tpm_user_pin() const { return tpm_user_pin_; } 104 const std::string& tpm_user_pin() const { return tpm_user_pin_; }
100 105
101 // This will be empty until certificates_loaded() is true. 106 // This will be empty until certificates_loaded() is true.
102 const net::CertificateList& cert_list() const { return cert_list_; } 107 const net::CertificateList& cert_list() const { return cert_list_; }
103 108
104 private: 109 private:
105 CertLoader(); 110 CertLoader();
106 virtual ~CertLoader(); 111 virtual ~CertLoader();
107 112
108 void Init();
109 void MaybeRequestCertificates(); 113 void MaybeRequestCertificates();
110 114
111 // This is the cyclic chain of callbacks to initialize the TPM token and to 115 // This is the cyclic chain of callbacks to initialize the TPM token and to
112 // kick off the update of the certificate list. 116 // kick off the update of the certificate list.
113 void InitializeTokenAndLoadCertificates(); 117 void InitializeTokenAndLoadCertificates();
114 void RetryTokenInitializationLater(); 118 void RetryTokenInitializationLater();
115 void OnPersistentNSSDBOpened(); 119 void OnPersistentNSSDBOpened();
116 void OnTpmIsEnabled(DBusMethodCallStatus call_status, 120 void OnTpmIsEnabled(DBusMethodCallStatus call_status,
117 bool tpm_is_enabled); 121 bool tpm_is_enabled);
118 void OnPkcs11IsTpmTokenReady(DBusMethodCallStatus call_status, 122 void OnPkcs11IsTpmTokenReady(DBusMethodCallStatus call_status,
119 bool is_tpm_token_ready); 123 bool is_tpm_token_ready);
120 void OnPkcs11GetTpmTokenInfo(DBusMethodCallStatus call_status, 124 void OnPkcs11GetTpmTokenInfo(DBusMethodCallStatus call_status,
121 const std::string& token_name, 125 const std::string& token_name,
122 const std::string& user_pin); 126 const std::string& user_pin);
123 void OnTPMTokenInitialized(bool success); 127 void OnTPMTokenInitialized(bool success);
124 128
125 // These calls handle the updating of the certificate list after the TPM token 129 // These calls handle the updating of the certificate list after the TPM token
126 // was initialized. 130 // was initialized.
131
132 // Start certificate loading. Must be called at most once.
127 void StartLoadCertificates(); 133 void StartLoadCertificates();
134
135 // Trigger a certificate load. If a certificate loading task is already in
136 // progress, will start a reload once the current task finised.
137 void LoadCertificates();
138
139 // Called if a certificate load task is finished.
128 void UpdateCertificates(net::CertificateList* cert_list); 140 void UpdateCertificates(net::CertificateList* cert_list);
129 141
130 void NotifyCertificatesLoaded(bool initial_load); 142 void NotifyCertificatesLoaded(bool initial_load);
131 143
132 // net::CertDatabase::Observer 144 // net::CertDatabase::Observer
133 virtual void OnCertTrustChanged(const net::X509Certificate* cert) OVERRIDE; 145 virtual void OnCertTrustChanged(const net::X509Certificate* cert) OVERRIDE;
134 virtual void OnCertAdded(const net::X509Certificate* cert) OVERRIDE; 146 virtual void OnCertAdded(const net::X509Certificate* cert) OVERRIDE;
135 virtual void OnCertRemoved(const net::X509Certificate* cert) OVERRIDE; 147 virtual void OnCertRemoved(const net::X509Certificate* cert) OVERRIDE;
136 148
137 // LoginState::Observer 149 // LoginState::Observer
138 virtual void LoggedInStateChanged(LoginState::LoggedInState state) OVERRIDE; 150 virtual void LoggedInStateChanged(LoginState::LoggedInState state) OVERRIDE;
139 151
152 bool initialize_tpm_for_test_;
153
140 ObserverList<Observer> observers_; 154 ObserverList<Observer> observers_;
141 155
142 bool certificates_requested_; 156 bool certificates_requested_;
143 bool certificates_loaded_; 157 bool certificates_loaded_;
144 bool certificates_update_required_; 158 bool certificates_update_required_;
145 bool certificates_update_running_; 159 bool certificates_update_running_;
146 160
147 // The states are traversed in this order but some might get omitted or never 161 // The states are traversed in this order but some might get omitted or never
148 // be left. 162 // be left.
149 enum TPMTokenState { 163 enum TPMTokenState {
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
184 // This factory should be used only for callbacks during updating the 198 // This factory should be used only for callbacks during updating the
185 // certificate list. 199 // certificate list.
186 base::WeakPtrFactory<CertLoader> update_certificates_factory_; 200 base::WeakPtrFactory<CertLoader> update_certificates_factory_;
187 201
188 DISALLOW_COPY_AND_ASSIGN(CertLoader); 202 DISALLOW_COPY_AND_ASSIGN(CertLoader);
189 }; 203 };
190 204
191 } // namespace chromeos 205 } // namespace chromeos
192 206
193 #endif // CHROMEOS_CERT_LOADER_H_ 207 #endif // CHROMEOS_CERT_LOADER_H_
OLDNEW
« no previous file with comments | « no previous file | chromeos/cert_loader.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698