services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom - chromium/src.git - Git at Google

 // Copyright 2020 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 module cert_verifier.mojom;

 import "mojo/public/mojom/base/file_path.mojom";
 import "services/network/public/mojom/cert_verifier_service.mojom";

 [EnableIf=is_trial_comparison_cert_verifier_supported]
 import "services/cert_verifier/public/mojom/trial_comparison_cert_verifier.mojom";

 // Parameters to specify how the net::CertVerifier and net::CertVerifyProc
 // objects should be instantiated.
 struct CertVerifierCreationParams {
   // Specifies the path to the directory where NSS will store its database.
   // Example: /home/chronos/u-<hash>
   [EnableIf=is_chromeos_ash]
   mojo_base.mojom.FilePath? nss_path;

   // Specifies the path to the software NSS database.
   // Example: /home/chronos/u-<hash>/.pki/nssdb
   [EnableIf=is_chromeos_lacros]
   mojo_base.mojom.FilePath? nss_full_path;

   // This is used in combination with nss_path, to ensure that the NSS database
   // isn't opened multiple times for NetworkContexts in the same profie.
   [EnableIf=is_chromeos_ash]
   string username_hash;

   // Specifies which cert verifier implementation to use.
   [EnableIf=is_builtin_cert_verifier_feature_supported]
   enum CertVerifierImpl {
     // kDefault - Decided by base::Feature
     kDefault,
     // kBuiltin - Use CertVerifyProcBuiltin
     kBuiltin,
     // kSystem  - Use the system CertVerifyProc implementation
     kSystem,
   };

   [EnableIf=is_builtin_cert_verifier_feature_supported]
   CertVerifierImpl use_builtin_cert_verifier = kDefault;

   // Specifies which root store to use
   //
   // This is a temporary interface until the Chrome Root Store is rolled out
   // for all platforms; embedders should not use it.
   // See https://crbug.com/1216547
   // TODO(hchao, sleevi): remove after full launch of Chrome Root Store
   [EnableIf=is_chrome_root_store_supported]
   enum ChromeRootImpl {
     // kRootDefault - Decided by base::Feature
     kRootDefault,
     // kRootChrome  - Use Chrome root store
     kRootChrome,
     // kRootSystem  - Use the system root store
     kRootSystem,
   };

   [EnableIf=is_chrome_root_store_supported]
   ChromeRootImpl use_chrome_root_store = kRootDefault;

   // Parameters for the cert verifier comparison trial. This is a temporary
   // interface and embedders should not use it.
   // See https://crbug.com/649026
   [EnableIf=is_trial_comparison_cert_verifier_supported]
   TrialComparisonCertVerifierParams? trial_comparison_cert_verifier_params;
 };

 // Parent interface for the CertVerifierProcess. Hands out new
 // CertVerifierService's, which have their own underlying CertVerifier's
 // underneath.
 interface CertVerifierServiceFactory {
   // Gets a new CertVerifierFactory, which //net code can interface with using
   // cert_verifier::MojoCertVerifier.
   GetNewCertVerifier(pending_receiver<CertVerifierService> receiver,
                      CertVerifierCreationParams? creation_params);
 };
	// Copyright 2020 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	module cert_verifier.mojom;

	import "mojo/public/mojom/base/file_path.mojom";
	import "services/network/public/mojom/cert_verifier_service.mojom";

	[EnableIf=is_trial_comparison_cert_verifier_supported]
	import "services/cert_verifier/public/mojom/trial_comparison_cert_verifier.mojom";

	// Parameters to specify how the net::CertVerifier and net::CertVerifyProc
	// objects should be instantiated.
	struct CertVerifierCreationParams {
	// Specifies the path to the directory where NSS will store its database.
	// Example: /home/chronos/u-<hash>
	[EnableIf=is_chromeos_ash]
	mojo_base.mojom.FilePath? nss_path;

	// Specifies the path to the software NSS database.
	// Example: /home/chronos/u-<hash>/.pki/nssdb
	[EnableIf=is_chromeos_lacros]
	mojo_base.mojom.FilePath? nss_full_path;

	// This is used in combination with nss_path, to ensure that the NSS database
	// isn't opened multiple times for NetworkContexts in the same profie.
	[EnableIf=is_chromeos_ash]
	string username_hash;

	// Specifies which cert verifier implementation to use.
	[EnableIf=is_builtin_cert_verifier_feature_supported]
	enum CertVerifierImpl {
	// kDefault - Decided by base::Feature
	kDefault,
	// kBuiltin - Use CertVerifyProcBuiltin
	kBuiltin,
	// kSystem - Use the system CertVerifyProc implementation
	kSystem,
	};

	[EnableIf=is_builtin_cert_verifier_feature_supported]
	CertVerifierImpl use_builtin_cert_verifier = kDefault;

	// Specifies which root store to use
	//
	// This is a temporary interface until the Chrome Root Store is rolled out
	// for all platforms; embedders should not use it.
	// See https://crbug.com/1216547
	// TODO(hchao, sleevi): remove after full launch of Chrome Root Store
	[EnableIf=is_chrome_root_store_supported]
	enum ChromeRootImpl {
	// kRootDefault - Decided by base::Feature
	kRootDefault,
	// kRootChrome - Use Chrome root store
	kRootChrome,
	// kRootSystem - Use the system root store
	kRootSystem,
	};

	[EnableIf=is_chrome_root_store_supported]
	ChromeRootImpl use_chrome_root_store = kRootDefault;

	// Parameters for the cert verifier comparison trial. This is a temporary
	// interface and embedders should not use it.
	// See https://crbug.com/649026
	[EnableIf=is_trial_comparison_cert_verifier_supported]
	TrialComparisonCertVerifierParams? trial_comparison_cert_verifier_params;
	};

	// Parent interface for the CertVerifierProcess. Hands out new
	// CertVerifierService's, which have their own underlying CertVerifier's
	// underneath.
	interface CertVerifierServiceFactory {
	// Gets a new CertVerifierFactory, which //net code can interface with using
	// cert_verifier::MojoCertVerifier.
	GetNewCertVerifier(pending_receiver<CertVerifierService> receiver,
	CertVerifierCreationParams? creation_params);
	};