Add NSS PKCS12 import/export functions to CertDatabase.

Use sql: prefix when opening NSS UserDB (this will affect existing Chromeos installations, which had been using the old berkelydb format.)

BUG=19991,51327,51328,51330,51332
TEST=net/base/cert_database_nss_unittest.cc

Review URL: http://codereview.chromium.org/3018038

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55798 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 19 insertions, 0 deletions

diff --git a/net/base/cert_database.h b/net/base/cert_database.h
index 9621e45..a264f19 100644
--- a/net/base/cert_database.h
+++ b/net/base/cert_database.h
@@ -6,11 +6,17 @@
 #define NET_BASE_CERT_DATABASE_H_
 #pragma once
 
+#include <string>
+#include <vector>
+
 #include "base/basictypes.h"
+#include "base/string16.h"
+#include "base/ref_counted.h"
 
 namespace net {
 
 class X509Certificate;
+typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;
 
 // This class provides functions to manipulate the local
 // certificate store.
@@ -32,6 +38,19 @@ class CertDatabase {
   // the platform cert database, or possibly other network error codes.
   int AddUserCert(X509Certificate* cert);
 
+#if defined(USE_NSS)
+  // Import certificates and private keys from PKCS #12 blob.
+  // Returns OK or a network error code such as ERR_PKCS12_IMPORT_BAD_PASSWORD
+  // or ERR_PKCS12_IMPORT_ERROR.
+  int ImportFromPKCS12(const std::string& data, const string16& password);
+
+  // Export the given certificates and private keys into a PKCS #12 blob,
+  // storing into |output|.
+  // Returns the number of certificates successfully exported.
+  int ExportToPKCS12(const CertificateList& certs, const string16& password,
+                     std::string* output);
+#endif
+
  private:
   DISALLOW_COPY_AND_ASSIGN(CertDatabase);
 };