src/net/cert/nss_cert_database_chromeos.cc

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/cert/nss_cert_database_chromeos.h"
   6
   7 #include <cert.h>
   8 #include <pk11pub.h>
   9
  10 #include <algorithm>
  11
  12 #include "base/bind.h"
  13 #include "base/callback.h"
  14 #include "base/location.h"
  15 #include "base/task_runner.h"
  16 #include "net/base/crypto_module.h"
  17 #include "net/cert/x509_certificate.h"
  18
  19 namespace net {
  20
  21 NSSCertDatabaseChromeOS::NSSCertDatabaseChromeOS(
  22     crypto::ScopedPK11Slot public_slot,
  23     crypto::ScopedPK11Slot private_slot)
  24     : public_slot_(public_slot.Pass()),
  25       private_slot_(private_slot.Pass()) {
  26   profile_filter_.Init(GetPublicSlot(), GetPrivateSlot());
  27 }
  28
  29 NSSCertDatabaseChromeOS::~NSSCertDatabaseChromeOS() {}
  30
  31 void NSSCertDatabaseChromeOS::ListCertsSync(CertificateList* certs) {
  32   ListCertsImpl(profile_filter_, certs);
  33 }
  34
  35 void NSSCertDatabaseChromeOS::ListCerts(
  36     const base::Callback<void(scoped_ptr<CertificateList> certs)>& callback) {
  37   scoped_ptr<CertificateList> certs(new CertificateList());
  38
  39   // base::Pased will NULL out |certs|, so cache the underlying pointer here.
  40   CertificateList* raw_certs = certs.get();
  41   GetSlowTaskRunner()->PostTaskAndReply(
  42       FROM_HERE,
  43       base::Bind(&NSSCertDatabaseChromeOS::ListCertsImpl,
  44                  profile_filter_,
  45                  base::Unretained(raw_certs)),
  46       base::Bind(callback, base::Passed(&certs)));
  47 }
  48
  49 crypto::ScopedPK11Slot NSSCertDatabaseChromeOS::GetPublicSlot() const {
  50   return crypto::ScopedPK11Slot(
  51       public_slot_ ? PK11_ReferenceSlot(public_slot_.get()) : NULL);
  52 }
  53
  54 crypto::ScopedPK11Slot NSSCertDatabaseChromeOS::GetPrivateSlot() const {
  55   return crypto::ScopedPK11Slot(
  56       private_slot_ ? PK11_ReferenceSlot(private_slot_.get()) : NULL);
  57 }
  58
  59 void NSSCertDatabaseChromeOS::ListModules(CryptoModuleList* modules,
  60                                           bool need_rw) const {
  61   NSSCertDatabase::ListModules(modules, need_rw);
  62
  63   size_t pre_size = modules->size();
  64   modules->erase(
  65       std::remove_if(
  66           modules->begin(),
  67           modules->end(),
  68           NSSProfileFilterChromeOS::ModuleNotAllowedForProfilePredicate(
  69               profile_filter_)),
  70       modules->end());
  71   DVLOG(1) << "filtered " << pre_size - modules->size() << " of " << pre_size
  72            << " modules";
  73 }
  74
  75 void NSSCertDatabaseChromeOS::ListCertsImpl(
  76     const NSSProfileFilterChromeOS& profile_filter,
  77     CertificateList* certs) {
  78   NSSCertDatabase::ListCertsImpl(certs);
  79
  80   size_t pre_size = certs->size();
  81   certs->erase(std::remove_if(
  82                    certs->begin(),
  83                    certs->end(),
  84                    NSSProfileFilterChromeOS::CertNotAllowedForProfilePredicate(
  85                        profile_filter)),
  86                certs->end());
  87   DVLOG(1) << "filtered " << pre_size - certs->size() << " of " << pre_size
  88            << " certs";
  89 }
  90
  91 }  // namespace net