1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_
6 #define CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_
10 #include "base/memory/ref_counted.h"
11 #include "chromeos/chromeos_export.h"
14 class DictionaryValue;
19 class X509Certificate;
24 class CertificatePattern;
25 class IssuerSubjectPattern;
27 namespace client_cert {
36 // Returns true only if any fields set in this pattern match exactly with
37 // similar fields in the principal. If organization_ or organizational_unit_
38 // are set, then at least one of the organizations or units in the principal
40 bool CertPrincipalMatches(const IssuerSubjectPattern& pattern,
41 const net::CertPrincipal& principal);
43 // Fetches the matching certificate that has the latest valid start date.
44 // Returns a NULL refptr if there is no such match.
45 CHROMEOS_EXPORT scoped_refptr<net::X509Certificate> GetCertificateMatch(
46 const CertificatePattern& pattern);
48 // If not empty, sets the TPM properties in |properties|. If |pkcs11_id| is not
49 // NULL, also sets the ClientCertID. |cert_config_type| determines which
50 // dictionary entries to set.
51 void SetShillProperties(const ConfigType cert_config_type,
52 const std::string& tpm_slot,
53 const std::string& tpm_pin,
54 const std::string* pkcs11_id,
55 base::DictionaryValue* properties);
57 // Returns true if all required configuration properties are set and not empty.
58 bool IsCertificateConfigured(const client_cert::ConfigType cert_config_type,
59 const base::DictionaryValue& service_properties);
61 } // namespace client_cert
63 } // namespace chromeos
65 #endif // CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_