Lots of random cleanups, mostly for native_theme_win.cc:
[chromium-blink-merge.git] / net / ssl / server_bound_cert_store.h
blob0de0f3eebd86e2b7dd2b484ad1bdffb5082c3c48
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_SSL_SERVER_BOUND_CERT_STORE_H_
6 #define NET_SSL_SERVER_BOUND_CERT_STORE_H_
8 #include <list>
9 #include <string>
11 #include "base/callback.h"
12 #include "base/threading/non_thread_safe.h"
13 #include "base/time/time.h"
14 #include "net/base/net_export.h"
16 namespace net {
18 // An interface for storing and retrieving server bound certs.
19 // There isn't a domain bound certs spec yet, but the old origin bound
20 // certificates are specified in
21 // http://balfanz.github.com/tls-obc-spec/draft-balfanz-tls-obc-01.html.
23 // Owned only by a single ServerBoundCertService object, which is responsible
24 // for deleting it.
25 class NET_EXPORT ServerBoundCertStore
26 : NON_EXPORTED_BASE(public base::NonThreadSafe) {
27 public:
28 // The ServerBoundCert class contains a private key in addition to the server
29 // cert.
30 class NET_EXPORT ServerBoundCert {
31 public:
32 ServerBoundCert();
33 ServerBoundCert(const std::string& server_identifier,
34 base::Time creation_time,
35 base::Time expiration_time,
36 const std::string& private_key,
37 const std::string& cert);
38 ~ServerBoundCert();
40 // Server identifier. For domain bound certs, for instance "verisign.com".
41 const std::string& server_identifier() const { return server_identifier_; }
42 // The time the certificate was created, also the start of the certificate
43 // validity period.
44 base::Time creation_time() const { return creation_time_; }
45 // The time after which this certificate is no longer valid.
46 base::Time expiration_time() const { return expiration_time_; }
47 // The encoding of the private key depends on the type.
48 // rsa_sign: DER-encoded PrivateKeyInfo struct.
49 // ecdsa_sign: DER-encoded EncryptedPrivateKeyInfo struct.
50 const std::string& private_key() const { return private_key_; }
51 // DER-encoded certificate.
52 const std::string& cert() const { return cert_; }
54 private:
55 std::string server_identifier_;
56 base::Time creation_time_;
57 base::Time expiration_time_;
58 std::string private_key_;
59 std::string cert_;
62 typedef std::list<ServerBoundCert> ServerBoundCertList;
64 typedef base::Callback<void(
65 int,
66 const std::string&,
67 base::Time,
68 const std::string&,
69 const std::string&)> GetCertCallback;
70 typedef base::Callback<void(const ServerBoundCertList&)> GetCertListCallback;
72 virtual ~ServerBoundCertStore() {}
74 // GetServerBoundCert may return the result synchronously through the
75 // output parameters, in which case it will return either OK if a cert is
76 // found in the store, or ERR_FILE_NOT_FOUND if none is found. If the
77 // result cannot be returned synchronously, GetServerBoundCert will
78 // return ERR_IO_PENDING and the callback will be called with the result
79 // asynchronously.
80 virtual int GetServerBoundCert(
81 const std::string& server_identifier,
82 base::Time* expiration_time,
83 std::string* private_key_result,
84 std::string* cert_result,
85 const GetCertCallback& callback) = 0;
87 // Adds a server bound cert and the corresponding private key to the store.
88 virtual void SetServerBoundCert(
89 const std::string& server_identifier,
90 base::Time creation_time,
91 base::Time expiration_time,
92 const std::string& private_key,
93 const std::string& cert) = 0;
95 // Removes a server bound cert and the corresponding private key from the
96 // store.
97 virtual void DeleteServerBoundCert(
98 const std::string& server_identifier,
99 const base::Closure& completion_callback) = 0;
101 // Deletes all of the server bound certs that have a creation_date greater
102 // than or equal to |delete_begin| and less than |delete_end|. If a
103 // base::Time value is_null, that side of the comparison is unbounded.
104 virtual void DeleteAllCreatedBetween(
105 base::Time delete_begin,
106 base::Time delete_end,
107 const base::Closure& completion_callback) = 0;
109 // Removes all server bound certs and the corresponding private keys from
110 // the store.
111 virtual void DeleteAll(const base::Closure& completion_callback) = 0;
113 // Returns all server bound certs and the corresponding private keys.
114 virtual void GetAllServerBoundCerts(const GetCertListCallback& callback) = 0;
116 // Helper function that adds all certs from |list| into this instance.
117 void InitializeFrom(const ServerBoundCertList& list);
119 // Returns the number of certs in the store. May return 0 if the backing
120 // store is not loaded yet.
121 // Public only for unit testing.
122 virtual int GetCertCount() = 0;
124 // When invoked, instructs the store to keep session related data on
125 // destruction.
126 virtual void SetForceKeepSessionState() = 0;
129 } // namespace net
131 #endif // NET_SSL_SERVER_BOUND_CERT_STORE_H_