mirror of
https://github.com/klzgrad/naiveproxy.git
synced 2024-12-01 01:36:09 +03:00
111 lines
3.6 KiB
C++
111 lines
3.6 KiB
C++
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
#ifndef NET_CERT_CERT_DATABASE_H_
|
|
#define NET_CERT_CERT_DATABASE_H_
|
|
|
|
#include <memory>
|
|
|
|
#include "base/macros.h"
|
|
#include "base/memory/ref_counted.h"
|
|
#include "net/base/net_export.h"
|
|
#include "net/cert/x509_certificate.h"
|
|
|
|
namespace base {
|
|
template <typename T> struct DefaultSingletonTraits;
|
|
|
|
template <class ObserverType>
|
|
class ObserverListThreadSafe;
|
|
}
|
|
|
|
namespace net {
|
|
|
|
// This class provides cross-platform functions to verify and add user
|
|
// certificates, and to observe changes to the underlying certificate stores.
|
|
|
|
// TODO(gauravsh): This class could be augmented with methods
|
|
// for all operations that manipulate the underlying system
|
|
// certificate store.
|
|
|
|
class NET_EXPORT CertDatabase {
|
|
public:
|
|
// A CertDatabase::Observer will be notified on certificate database changes.
|
|
// The change could be either a user certificate is added/removed or trust on
|
|
// a certificate is changed. Observers can be registered via
|
|
// CertDatabase::AddObserver, and can un-register with
|
|
// CertDatabase::RemoveObserver.
|
|
class NET_EXPORT Observer {
|
|
public:
|
|
virtual ~Observer() {}
|
|
|
|
// Called whenever the Cert Database is known to have changed.
|
|
// Typically, this will be in response to a CA certificate being added,
|
|
// removed, or its trust changed, but may also signal on client
|
|
// certificate events when they can be reliably detected.
|
|
virtual void OnCertDBChanged() {}
|
|
|
|
protected:
|
|
Observer() {}
|
|
|
|
private:
|
|
DISALLOW_COPY_AND_ASSIGN(Observer);
|
|
};
|
|
|
|
// Returns the CertDatabase singleton.
|
|
static CertDatabase* GetInstance();
|
|
|
|
// Registers |observer| to receive notifications of certificate changes. The
|
|
// thread on which this is called is the thread on which |observer| will be
|
|
// called back with notifications.
|
|
void AddObserver(Observer* observer);
|
|
|
|
// Unregisters |observer| from receiving notifications. This must be called
|
|
// on the same thread on which AddObserver() was called.
|
|
void RemoveObserver(Observer* observer);
|
|
|
|
#if defined(OS_MACOSX) && !defined(OS_IOS)
|
|
// Configures the current message loop to observe and forward events from
|
|
// Keychain services. The MessageLoop must have an associated CFRunLoop,
|
|
// which means that this must be called from a MessageLoop of TYPE_UI.
|
|
void SetMessageLoopForKeychainEvents();
|
|
#endif
|
|
|
|
#if defined(OS_ANDROID)
|
|
// On Android, the system key store may be replaced with a device-specific
|
|
// KeyStore used for storing client certificates. When the Java side replaces
|
|
// the KeyStore used for client certificates, notifies the observers as if a
|
|
// new client certificate was added.
|
|
void OnAndroidKeyStoreChanged();
|
|
|
|
// On Android, the system database is used. When the system notifies the
|
|
// application that the certificates changed, the observers must be notified.
|
|
void OnAndroidKeyChainChanged();
|
|
#endif
|
|
|
|
// Synthetically injects notifications to all observers. In general, this
|
|
// should only be called by the creator of the CertDatabase. Used to inject
|
|
// notifcations from other DB interfaces.
|
|
void NotifyObserversCertDBChanged();
|
|
|
|
private:
|
|
friend struct base::DefaultSingletonTraits<CertDatabase>;
|
|
|
|
CertDatabase();
|
|
~CertDatabase();
|
|
|
|
const scoped_refptr<base::ObserverListThreadSafe<Observer>> observer_list_;
|
|
|
|
#if defined(OS_MACOSX) && !defined(OS_IOS)
|
|
class Notifier;
|
|
friend class Notifier;
|
|
std::unique_ptr<Notifier> notifier_;
|
|
#endif
|
|
|
|
DISALLOW_COPY_AND_ASSIGN(CertDatabase);
|
|
};
|
|
|
|
} // namespace net
|
|
|
|
#endif // NET_CERT_CERT_DATABASE_H_
|