File: policy_certificate_provider.h

package info (click to toggle)
chromium 138.0.7204.183-1
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 6,071,908 kB
  • sloc: cpp: 34,937,088; ansic: 7,176,967; javascript: 4,110,704; python: 1,419,953; asm: 946,768; xml: 739,971; pascal: 187,324; sh: 89,623; perl: 88,663; objc: 79,944; sql: 50,304; cs: 41,786; fortran: 24,137; makefile: 21,806; php: 13,980; tcl: 13,166; yacc: 8,925; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (78 lines) | stat: -rw-r--r-- 3,057 bytes parent folder | download | duplicates (9) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
 
// Copyright 2018 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef CHROMEOS_ASH_COMPONENTS_NETWORK_POLICY_CERTIFICATE_PROVIDER_H_
#define CHROMEOS_ASH_COMPONENTS_NETWORK_POLICY_CERTIFICATE_PROVIDER_H_

#include <set>
#include <string>
#include <vector>

#include "base/memory/ref_counted.h"
#include "chromeos/components/onc/certificate_scope.h"

namespace net {
class X509Certificate;
using CertificateList = std::vector<scoped_refptr<X509Certificate>>;
}  // namespace net

namespace ash {

// An interface for a class which makes server and authority certificates
// available from enterprise policy. Clients of this interface can register as
// |Observer|s to receive update notifications.
class PolicyCertificateProvider {
 public:
  virtual ~PolicyCertificateProvider() {}

  class Observer {
   public:
    virtual ~Observer() = default;

    // Called every time the list of policy-set server and authority
    // certificates changes.
    virtual void OnPolicyProvidedCertsChanged() = 0;
    // Called when the PolicyCertificateProvider is being destroyed.
    // Observers should unregister themselves.
    virtual void OnPolicyCertificateProviderDestroying() {}
  };

  virtual void AddPolicyProvidedCertsObserver(Observer* observer) = 0;
  virtual void RemovePolicyProvidedCertsObserver(Observer* observer) = 0;

  // Returns all server and authority certificates successfully parsed from ONC,
  // independent of their trust bits.
  virtual net::CertificateList GetAllServerAndAuthorityCertificates(
      const chromeos::onc::CertificateScope& scope) const = 0;

  // Returns all authority certificates successfully parsed from ONC,
  // independent of their trust bits.
  virtual net::CertificateList GetAllAuthorityCertificates(
      const chromeos::onc::CertificateScope& scope) const = 0;

  // Returns the server and authority certificates which were successfully
  // parsed from ONC and were granted web trust. This means that the
  // certificates had the "Web" trust bit set, and this
  // NetworkConfigurationUpdater instance was created with
  // |allow_trusted_certs_from_policy| = true.
  virtual net::CertificateList GetWebTrustedCertificates(
      const chromeos::onc::CertificateScope& scope) const = 0;

  // Returns the server and authority certificates which were successfully
  // parsed from ONC and did not request or were not granted web trust.
  // This is equivalent to calling |GetAllServerAndAuthorityCertificates| and
  // then removing all certificates returned by |GetWebTrustedCertificates| from
  // the result.
  virtual net::CertificateList GetCertificatesWithoutWebTrust(
      const chromeos::onc::CertificateScope& scope) const = 0;

  // Lists extension IDs for which policy-provided certificates have been
  // specified.
  virtual const std::set<std::string>& GetExtensionIdsWithPolicyCertificates()
      const = 0;
};

}  // namespace ash

#endif  // CHROMEOS_ASH_COMPONENTS_NETWORK_POLICY_CERTIFICATE_PROVIDER_H_