Kcer-over-NSS: Implement AddObserver and notifications

Bug: b:244408716 Test: Kcer* unit tests Change-Id: I5d0faa19e08fb0bd75dc76cebe55eaa9bc9e2cf6 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4527198 Reviewed-by: Pavol Marko <pmarko@chromium.org> Commit-Queue: Michael Ershov <miersh@google.com> Cr-Commit-Position: refs/heads/main@{#1151960}
chromium · Jun 1, 2023 · ee8c3ad · ee8c3ad
1 parent 6234eb0
commit ee8c3ad
Show file tree

Hide file tree

Showing 7 changed files with 219 additions and 10 deletions.
diff --git a/chrome/browser/chromeos/kcer_nss/kcer_nss_unittest.cc b/chrome/browser/chromeos/kcer_nss/kcer_nss_unittest.cc
diff --git a/chrome/browser/chromeos/kcer_nss/kcer_token_impl_nss.cc b/chrome/browser/chromeos/kcer_nss/kcer_token_impl_nss.cc
@@ -1497,6 +1497,7 @@ void KcerTokenImplNss::UpdateCacheWithCerts(
 template <typename T>
 void KcerTokenImplNss::HandleInitializationFailed(
     base::OnceCallback<void(base::expected<T, Error>)> callback) {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::IO);
   std::move(callback).Run(base::unexpected(Error::kTokenInitializationFailed));
   // Multiple tasks might be handled in a row, schedule the next task
   // asynchronously to not overload the stack and not occupy the thread for

diff --git a/chromeos/components/kcer/BUILD.gn b/chromeos/components/kcer/BUILD.gn
@@ -13,6 +13,8 @@ component("kcer") {
     "kcer.h",
     "kcer_impl.cc",
     "kcer_impl.h",
+    "kcer_notifier_net.cc",
+    "kcer_notifier_net.h",
     "kcer_token.h",
     "token_key_finder.cc",
     "token_key_finder.h",

diff --git a/chromeos/components/kcer/kcer_impl.cc b/chromeos/components/kcer/kcer_impl.cc
@@ -30,14 +30,17 @@ KcerImpl::KcerImpl(scoped_refptr<base::TaskRunner> token_task_runner,
                    base::WeakPtr<KcerToken> device_token)
     : token_task_runner_(std::move(token_task_runner)),
       user_token_(std::move(user_token)),
-      device_token_(std::move(device_token)) {}
+      device_token_(std::move(device_token)) {
+  if (user_token_.MaybeValid() || device_token_.MaybeValid()) {
+    notifier_.Initialize();
+  }
+}
 
 KcerImpl::~KcerImpl() = default;
 
 base::CallbackListSubscription KcerImpl::AddObserver(
     base::RepeatingClosure callback) {
-  // TODO(244408716): Implement.
-  return {};
+  return notifier_.AddObserver(std::move(callback));
 }
 
 void KcerImpl::GenerateRsaKey(Token token,

diff --git a/chromeos/components/kcer/kcer_impl.h b/chromeos/components/kcer/kcer_impl.h
@@ -17,6 +17,7 @@
 #include "base/memory/weak_ptr.h"
 #include "base/task/task_runner.h"
 #include "chromeos/components/kcer/kcer.h"
+#include "chromeos/components/kcer/kcer_notifier_net.h"
 #include "chromeos/components/kcer/kcer_token.h"
 #include "net/cert/x509_certificate.h"
 
@@ -161,8 +162,7 @@ class KcerImpl : public Kcer {
   // very limited way (consult documentation for WeakPtr for details).
   base::WeakPtr<KcerToken> user_token_;
   base::WeakPtr<KcerToken> device_token_;
-
-  base::RepeatingCallbackList<void()> observers_;
+  KcerNotifierNet notifier_;
 
   base::WeakPtrFactory<KcerImpl> weak_factory_{this};
 };

diff --git a/chromeos/components/kcer/kcer_notifier_net.cc b/chromeos/components/kcer/kcer_notifier_net.cc
@@ -0,0 +1,29 @@
+// Copyright 2023 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chromeos/components/kcer/kcer_notifier_net.h"
+#include "base/callback_list.h"
+
+namespace kcer::internal {
+
+KcerNotifierNet::KcerNotifierNet() = default;
+
+KcerNotifierNet::~KcerNotifierNet() {
+  net::CertDatabase::GetInstance()->RemoveObserver(this);
+}
+
+void KcerNotifierNet::Initialize() {
+  net::CertDatabase::GetInstance()->AddObserver(this);
+}
+
+base::CallbackListSubscription KcerNotifierNet::AddObserver(
+    base::RepeatingClosure callback) {
+  return observers_.Add(std::move(callback));
+}
+
+void KcerNotifierNet::OnCertDBChanged() {
+  observers_.Notify();
+}
+
+}  // namespace kcer::internal
diff --git a/chromeos/components/kcer/kcer_notifier_net.h b/chromeos/components/kcer/kcer_notifier_net.h
@@ -0,0 +1,38 @@
+// Copyright 2023 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROMEOS_COMPONENTS_KCER_KCER_NOTIFIER_NET_H_
+#define CHROMEOS_COMPONENTS_KCER_KCER_NOTIFIER_NET_H_
+
+#include "base/callback_list.h"
+#include "net/cert/cert_database.h"
+
+namespace kcer::internal {
+
+// A helper class that implements notifications for Kcer. This implementation
+// just listens to the notifications from net::CertDatabase and forwards them to
+// the observers.
+// In the future this is planned to be replaced by listening to notifications
+// from Chaps. KcerToken-s will receive notifications related to them and
+// forward them to KcerImpl to notify the observers.
+class KcerNotifierNet : public net::CertDatabase::Observer {
+ public:
+  KcerNotifierNet();
+  ~KcerNotifierNet() override;
+
+  // Starts observing the notifications from net::CertDatabase.
+  void Initialize();
+
+  base::CallbackListSubscription AddObserver(base::RepeatingClosure callback);
+
+  // Implements net::CertDatabase::Observer
+  void OnCertDBChanged() override;
+
+ private:
+  base::RepeatingCallbackList<void()> observers_;
+};
+
+}  // namespace kcer::internal
+
+#endif  // CHROMEOS_COMPONENTS_KCER_KCER_NOTIFIER_NET_H_