1 // Copyright 2012 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_CERT_CERT_DATABASE_H_ 6 #define NET_CERT_CERT_DATABASE_H_ 7 8 #include "base/memory/raw_ptr.h" 9 #include "base/memory/scoped_refptr.h" 10 #include "build/build_config.h" 11 #include "net/base/net_export.h" 12 13 namespace base { 14 template <typename T> struct DefaultSingletonTraits; 15 16 template <class ObserverType> 17 class ObserverListThreadSafe; 18 } 19 20 namespace net { 21 22 // This class allows callers to observe changes to the underlying certificate 23 // stores. 24 // 25 // TODO(davidben): This class is really just a giant global ObserverList. It 26 // does not do anything with the platform certificate and, in principle, //net's 27 // dependency on the platform is abstracted behind the CertVerifier and 28 // ClientCertStore interfaces. Ideally these signals would originate out of 29 // those interfaces' platform implementations. 30 31 class NET_EXPORT CertDatabase { 32 public: 33 // A CertDatabase::Observer will be notified on certificate database changes. 34 // The change could be either a user certificate is added/removed or trust on 35 // a certificate is changed. Observers can be registered via 36 // CertDatabase::AddObserver, and can un-register with 37 // CertDatabase::RemoveObserver. 38 class NET_EXPORT Observer { 39 public: 40 Observer(const Observer&) = delete; 41 Observer& operator=(const Observer&) = delete; 42 43 virtual ~Observer() = default; 44 45 // Called whenever the Cert Database is known to have changed. 46 // Typically, this will be in response to a CA certificate being added, 47 // removed, or its trust changed, but may also signal on client 48 // certificate events when they can be reliably detected. OnCertDBChanged()49 virtual void OnCertDBChanged() {} 50 51 protected: 52 Observer() = default; 53 }; 54 55 // Returns the CertDatabase singleton. 56 static CertDatabase* GetInstance(); 57 58 CertDatabase(const CertDatabase&) = delete; 59 CertDatabase& operator=(const CertDatabase&) = delete; 60 61 // Registers |observer| to receive notifications of certificate changes. The 62 // thread on which this is called is the thread on which |observer| will be 63 // called back with notifications. 64 void AddObserver(Observer* observer); 65 66 // Unregisters |observer| from receiving notifications. This must be called 67 // on the same thread on which AddObserver() was called. 68 void RemoveObserver(Observer* observer); 69 70 #if BUILDFLAG(IS_MAC) 71 // Start observing and forwarding events from Keychain services on the 72 // current thread. Current thread must have an associated CFRunLoop, 73 // which means that this must be called from a MessageLoop of TYPE_UI. 74 void StartListeningForKeychainEvents(); 75 #endif 76 77 // Synthetically injects notifications to all observers. In general, this 78 // should only be called by the creator of the CertDatabase. Used to inject 79 // notifications from other DB interfaces. 80 void NotifyObserversCertDBChanged(); 81 82 private: 83 friend struct base::DefaultSingletonTraits<CertDatabase>; 84 85 CertDatabase(); 86 ~CertDatabase(); 87 88 const scoped_refptr<base::ObserverListThreadSafe<Observer>> observer_list_; 89 90 #if BUILDFLAG(IS_MAC) 91 void ReleaseNotifier(); 92 93 class Notifier; 94 friend class Notifier; 95 raw_ptr<Notifier> notifier_ = nullptr; 96 #endif 97 }; 98 99 } // namespace net 100 101 #endif // NET_CERT_CERT_DATABASE_H_ 102