1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_UI_WEBUI_OPTIONS_CERTIFICATE_MANAGER_HANDLER_H_
6 #define CHROME_BROWSER_UI_WEBUI_OPTIONS_CERTIFICATE_MANAGER_HANDLER_H_
10 #include "base/compiler_specific.h"
11 #include "base/memory/scoped_ptr.h"
12 #include "base/memory/weak_ptr.h"
13 #include "chrome/browser/certificate_manager_model.h"
14 #include "chrome/browser/ui/webui/options/options_ui.h"
15 #include "chrome/common/cancelable_task_tracker.h"
16 #include "net/cert/nss_cert_database.h"
17 #include "ui/gfx/native_widget_types.h"
18 #include "ui/shell_dialogs/select_file_dialog.h"
20 #if defined(OS_CHROMEOS)
21 #include "chromeos/dbus/cryptohome_client.h"
27 class FileAccessProvider;
29 class CertificateManagerHandler
30 : public OptionsPageUIHandler,
31 public CertificateManagerModel::Observer,
32 public ui::SelectFileDialog::Listener {
34 CertificateManagerHandler();
35 virtual ~CertificateManagerHandler();
37 // OptionsPageUIHandler implementation.
38 virtual void GetLocalizedValues(
39 base::DictionaryValue* localized_strings) OVERRIDE;
40 virtual void RegisterMessages() OVERRIDE;
42 // CertificateManagerModel::Observer implementation.
43 virtual void CertificatesRefreshed() OVERRIDE;
45 // SelectFileDialog::Listener implementation.
46 virtual void FileSelected(const base::FilePath& path,
48 void* params) OVERRIDE;
49 virtual void FileSelectionCanceled(void* params) OVERRIDE;
53 void View(const base::ListValue* args);
55 // Edit server certificate trust values.
56 void EditServer(const base::ListValue* args);
58 // Edit certificate authority trust values. The sequence goes like:
59 // 1. user clicks edit button -> CertificateEditCaTrustOverlay.show ->
60 // GetCATrust -> CertificateEditCaTrustOverlay.populateTrust
61 // 2. user clicks ok -> EditCATrust -> CertificateEditCaTrustOverlay.dismiss
62 void GetCATrust(const base::ListValue* args);
63 void EditCATrust(const base::ListValue* args);
65 // Cleanup state stored during import or export process.
66 void CancelImportExportProcess(const base::ListValue* args);
67 void ImportExportCleanup();
69 // Export to PKCS #12 file. The sequence goes like:
70 // 1a. user click on export button -> ExportPersonal -> launches file
72 // 1b. user click on export all button -> ExportAllPersonal -> launches file
74 // 2. user selects file -> ExportPersonalFileSelected -> launches password
76 // 3. user enters password -> ExportPersonalPasswordSelected -> unlock slots
77 // 4. slots unlocked -> ExportPersonalSlotsUnlocked -> exports to memory
78 // buffer -> starts async write operation
79 // 5. write finishes (or fails) -> ExportPersonalFileWritten
80 void ExportPersonal(const base::ListValue* args);
81 void ExportAllPersonal(const base::ListValue* args);
82 void ExportPersonalFileSelected(const base::FilePath& path);
83 void ExportPersonalPasswordSelected(const base::ListValue* args);
84 void ExportPersonalSlotsUnlocked();
85 void ExportPersonalFileWritten(const int* write_errno,
86 const int* bytes_written);
88 // Import from PKCS #12 file. The sequence goes like:
89 // 1. user click on import button -> StartImportPersonal -> launches file
91 // 2. user selects file -> ImportPersonalFileSelected -> launches password
93 // 3. user enters password -> ImportPersonalPasswordSelected -> starts async
95 // 4. read operation completes -> ImportPersonalFileRead -> unlock slot
96 // 5. slot unlocked -> ImportPersonalSlotUnlocked attempts to
97 // import with previously entered password
98 // 6a. if import succeeds -> ImportExportCleanup
99 // 6b. if import fails -> show error, ImportExportCleanup
100 // TODO(mattm): allow retrying with different password
101 void StartImportPersonal(const base::ListValue* args);
102 void ImportPersonalFileSelected(const base::FilePath& path);
103 void ImportPersonalPasswordSelected(const base::ListValue* args);
104 void ImportPersonalFileRead(const int* read_errno, const std::string* data);
105 void ImportPersonalSlotUnlocked();
107 // Import Server certificates from file. Sequence goes like:
108 // 1. user clicks on import button -> ImportServer -> launches file selector
109 // 2. user selects file -> ImportServerFileSelected -> starts async read
110 // 3. read completes -> ImportServerFileRead -> parse certs -> attempt import
111 // 4a. if import succeeds -> ImportExportCleanup
112 // 4b. if import fails -> show error, ImportExportCleanup
113 void ImportServer(const base::ListValue* args);
114 void ImportServerFileSelected(const base::FilePath& path);
115 void ImportServerFileRead(const int* read_errno, const std::string* data);
117 // Import Certificate Authorities from file. Sequence goes like:
118 // 1. user clicks on import button -> ImportCA -> launches file selector
119 // 2. user selects file -> ImportCAFileSelected -> starts async read
120 // 3. read completes -> ImportCAFileRead -> parse certs ->
121 // CertificateEditCaTrustOverlay.showImport
122 // 4. user clicks ok -> ImportCATrustSelected -> attempt import
123 // 5a. if import succeeds -> ImportExportCleanup
124 // 5b. if import fails -> show error, ImportExportCleanup
125 void ImportCA(const base::ListValue* args);
126 void ImportCAFileSelected(const base::FilePath& path);
127 void ImportCAFileRead(const int* read_errno, const std::string* data);
128 void ImportCATrustSelected(const base::ListValue* args);
130 // Export a certificate.
131 void Export(const base::ListValue* args);
133 // Delete certificate and private key (if any).
134 void Delete(const base::ListValue* args);
136 // Populate the trees in all the tabs.
137 void Populate(const base::ListValue* args);
139 // Populate the given tab's tree.
140 void PopulateTree(const std::string& tab_name,
142 const net::CertificateList& web_trust_certs);
144 // Populate the tree after retrieving the list of policy-installed
145 // web-trusted certificates.
146 void OnPolicyWebTrustCertsRetrieved(
147 const net::CertificateList& web_trust_certs);
149 // Display a WebUI error message box.
150 void ShowError(const std::string& title, const std::string& error) const;
152 // Display a WebUI error message box for import failures.
153 // Depends on |selected_cert_list_| being set to the imports that we
154 // attempted to import.
155 void ShowImportErrors(
156 const std::string& title,
157 const net::NSSCertDatabase::ImportCertFailureList& not_imported) const;
159 #if defined(OS_CHROMEOS)
160 // Check whether Tpm token is ready and notifiy JS side.
161 void CheckTpmTokenReady(const base::ListValue* args);
162 void CheckTpmTokenReadyInternal(
163 chromeos::DBusMethodCallStatus call_status,
164 bool is_tpm_token_ready);
167 gfx::NativeWindow GetParentWindow() const;
169 // The Certificates Manager model
170 scoped_ptr<CertificateManagerModel> certificate_manager_model_;
172 // For multi-step import or export processes, we need to store the path,
173 // password, etc the user chose while we wait for them to enter a password,
174 // wait for file to be read, etc.
175 base::FilePath file_path_;
177 bool use_hardware_backed_;
178 std::string file_data_;
179 net::CertificateList selected_cert_list_;
180 scoped_refptr<ui::SelectFileDialog> select_file_dialog_;
181 scoped_refptr<net::CryptoModule> module_;
183 // Used in reading and writing certificate files.
184 CancelableTaskTracker tracker_;
185 scoped_refptr<FileAccessProvider> file_access_provider_;
187 scoped_ptr<CertIdMap> cert_id_map_;
189 base::WeakPtrFactory<CertificateManagerHandler> weak_ptr_factory_;
191 DISALLOW_COPY_AND_ASSIGN(CertificateManagerHandler);
194 } // namespace options
196 #endif // CHROME_BROWSER_UI_WEBUI_OPTIONS_CERTIFICATE_MANAGER_HANDLER_H_