Google Git
Sign in
chromium / chromium / src.git / main / . / chrome / browser / net / nss_service.h
blob: 6f6cc54cef759375b3265e17d3152197cfe4a65c [file] [log] [blame]
Avi Drissman4a8573c2022-09-09 19:35:54[diff] [blame]1// Copyright 2021 The Chromium Authors
Ryan Sleevi38e98422021-11-09 21:26:41[diff] [blame]2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_NET_NSS_SERVICE_H_
6#define CHROME_BROWSER_NET_NSS_SERVICE_H_
7
8#include <memory>
9
Avi Drissman9269d4ed2023-01-07 01:38:06[diff] [blame]10#include "base/functional/callback.h"
Keishi Hattori376784e2022-06-28 06:01:42[diff] [blame]11#include "base/memory/raw_ptr.h"
Ryan Sleevi38e98422021-11-09 21:26:41[diff] [blame]12#include "build/buildflag.h"
13#include "build/chromeos_buildflags.h"
14#include "components/keyed_service/core/keyed_service.h"
15
16namespace content {
17class BrowserContext;
18} // namespace content
19
20namespace net {
21class NSSCertDatabase;
22} // namespace net
23
24// `NssCertDatabaseGetter` is a callback that MUST only be invoked on the IO
25// thread, and will either synchronously return the associated
26// `NSSCertDatabase*` (if available), or nullptr along with a commitment to
27// asynchronously invoke the caller-supplied callback once the
28// `NSSCertDatabase*` has been initialized.
29// Ownership of the `NSSCertDatabase` is not transferred, and the lifetime
30// should only be considered valid for the current Task.
31//
Alison Gale3f4203f72024-04-26 19:27:42[diff] [blame]32// TODO(crbug.com/40753707): Provide better lifetime guarantees.
Ryan Sleevi38e98422021-11-09 21:26:41[diff] [blame]33using NssCertDatabaseGetter = base::OnceCallback<net::NSSCertDatabase*(
34 base::OnceCallback<void(net::NSSCertDatabase*)> callback)>;
35
36// Service that owns and initializes the per-`BrowserContext` certificate
37// database.
38// On some platforms, this may be a per-`BrowserContext` `KeyedService` that
39// returns a system-wide shared `NSSCertDatabase`, if the configuration is
40// system-wide.
41class NssService : public KeyedService {
42 public:
43 explicit NssService(content::BrowserContext* context);
44 NssService(const NssService&) = delete;
45 NssService& operator=(const NssService&) = delete;
46 ~NssService() override;
47
48 // Returns an `NssCertDatabaseGetter` that may only be invoked on the IO
49 // thread. To avoid UAF, the getter must be immediately posted to the IO
50 // thread and then invoked. While the returned getter must be invoked on
51 // the IO thread, this method itself may only be invoked on the UI thread,
52 // where the NssService lives.
Michael Ershov4eec94f92022-09-15 10:20:09[diff] [blame]53 virtual NssCertDatabaseGetter CreateNSSCertDatabaseGetterForIOThread();
Ryan Sleevi38e98422021-11-09 21:26:41[diff] [blame]54
55 // Unsafely returns the `NssCertDatabase` directly to the caller (on the UI
56 // thread). This is unsafe, because if the `content::BrowserContext` / this
57 // `KeyedService` has begun shutting down, the `NssCertDatabase` may no
58 // longer be valid. For unit tests, this is simply a convenience helper when
59 // running everything on a single thread, but is not safe to use for
60 // production.
61 void UnsafelyGetNSSCertDatabaseForTesting(
62 base::OnceCallback<void(net::NSSCertDatabase*)> callback);
63
64 private:
Andrew Williams41c8b0c2025-01-07 18:20:30[diff] [blame]65#if BUILDFLAG(IS_CHROMEOS)
Ryan Sleevi38e98422021-11-09 21:26:41[diff] [blame]66 // Owns and manages access to the net::NSSCertDatabaseChromeOS.
67 class NSSCertDatabaseChromeOSManager;
68
69 // Created on the UI thread, but after that, initialized, accessed, and
70 // destroyed exclusively on the IO thread.
71 std::unique_ptr<NSSCertDatabaseChromeOSManager> nss_cert_database_manager_;
Ryan Sleevi38e98422021-11-09 21:26:41[diff] [blame]72#endif
73};
74
75#endif // CHROME_BROWSER_NET_NSS_SERVICE_H_