1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_
6 #define CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_
11 #include "base/memory/ref_counted.h"
12 #include "chromeos/chromeos_export.h"
15 class DictionaryValue;
20 class X509Certificate;
21 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;
26 class CertificatePattern;
27 class IssuerSubjectPattern;
29 namespace client_cert {
38 // Returns true only if any fields set in this pattern match exactly with
39 // similar fields in the principal. If organization_ or organizational_unit_
40 // are set, then at least one of the organizations or units in the principal
42 bool CertPrincipalMatches(const IssuerSubjectPattern& pattern,
43 const net::CertPrincipal& principal);
45 // Fetches the matching certificate that has the latest valid start date.
46 // Returns a NULL refptr if there is no such match.
47 CHROMEOS_EXPORT scoped_refptr<net::X509Certificate> GetCertificateMatch(
48 const CertificatePattern& pattern,
49 const net::CertificateList& all_certs);
51 // If not empty, sets the TPM properties in |properties|. If |pkcs11_id| is not
52 // NULL, also sets the ClientCertID. |cert_config_type| determines which
53 // dictionary entries to set.
54 void SetShillProperties(const ConfigType cert_config_type,
55 const std::string& tpm_slot,
56 const std::string& tpm_pin,
57 const std::string* pkcs11_id,
58 base::DictionaryValue* properties);
60 // Returns true if all required configuration properties are set and not empty.
61 bool IsCertificateConfigured(const client_cert::ConfigType cert_config_type,
62 const base::DictionaryValue& service_properties);
64 } // namespace client_cert
66 } // namespace chromeos
68 #endif // CHROMEOS_NETWORK_CLIENT_CERT_UTIL_H_