1 // Copyright 2019 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_PATTERN_H_ 6 #define CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_PATTERN_H_ 7 8 #include <memory> 9 #include <string> 10 #include <vector> 11 12 #include "base/optional.h" 13 #include "components/certificate_matching/certificate_principal_pattern.h" 14 15 namespace base { 16 class Value; 17 } 18 19 namespace net { 20 class X509Certificate; 21 } 22 23 namespace chromeos { 24 25 // A class to contain a certificate pattern and find existing matches to the 26 // pattern in the certificate database. COMPONENT_EXPORT(CHROMEOS_NETWORK)27class COMPONENT_EXPORT(CHROMEOS_NETWORK) OncCertificatePattern { 28 public: 29 OncCertificatePattern(); 30 OncCertificatePattern(const OncCertificatePattern& other); 31 OncCertificatePattern(OncCertificatePattern&& other); 32 ~OncCertificatePattern(); 33 34 OncCertificatePattern& operator=(const OncCertificatePattern& rhs); 35 OncCertificatePattern& operator=(OncCertificatePattern&& rhs); 36 37 // Returns true if this pattern has nothing set (and so would match all 38 // certs). Ignores enrollment_uri_; 39 bool Empty() const; 40 41 bool Matches(const net::X509Certificate& certificate, 42 const std::string& pem_encoded_issuer_ca) const; 43 44 const std::vector<std::string>& pem_encoded_issuer_cas() const { 45 return pem_encoded_issuer_cas_; 46 } 47 const certificate_matching::CertificatePrincipalPattern& issuer_pattern() 48 const { 49 return issuer_pattern_; 50 } 51 const certificate_matching::CertificatePrincipalPattern& subject_pattern() 52 const { 53 return subject_pattern_; 54 } 55 const std::vector<std::string>& enrollment_uri_list() const { 56 return enrollment_uri_list_; 57 } 58 59 // Reads a |OncCertificatePattern| from an ONC dictionary. 60 static base::Optional<OncCertificatePattern> ReadFromONCDictionary( 61 const base::Value& dictionary); 62 63 private: 64 OncCertificatePattern( 65 std::vector<std::string> pem_encoded_issuer_cas, 66 certificate_matching::CertificatePrincipalPattern issuer_pattern, 67 certificate_matching::CertificatePrincipalPattern subject_pattern, 68 std::vector<std::string> enrollment_uri_list_); 69 70 std::vector<std::string> pem_encoded_issuer_cas_; 71 certificate_matching::CertificatePrincipalPattern issuer_pattern_; 72 certificate_matching::CertificatePrincipalPattern subject_pattern_; 73 std::vector<std::string> enrollment_uri_list_; 74 }; 75 76 } // namespace chromeos 77 78 #endif // CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_PATTERN_H_ 79