1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_SSL_CLIENT_CERT_STORE_MAC_H_
6#define NET_SSL_CLIENT_CERT_STORE_MAC_H_
7
8#include "base/basictypes.h"
9#include "base/callback.h"
10#include "base/gtest_prod_util.h"
11#include "net/base/net_export.h"
12#include "net/ssl/client_cert_store.h"
13#include "net/ssl/ssl_cert_request_info.h"
14
15namespace net {
16
17class NET_EXPORT ClientCertStoreMac : public ClientCertStore {
18 public:
19  ClientCertStoreMac();
20  virtual ~ClientCertStoreMac();
21
22  // ClientCertStore:
23  virtual void GetClientCerts(const SSLCertRequestInfo& cert_request_info,
24                              CertificateList* selected_certs,
25                              const base::Closure& callback) OVERRIDE;
26
27 private:
28  friend class ClientCertStoreMacTest;
29  friend class ClientCertStoreMacTestDelegate;
30
31  // A hook for testing. Filters |input_certs| using the logic being used to
32  // filter the system store when GetClientCerts() is called.
33  // Implemented by creating a list of certificates that otherwise would be
34  // extracted from the system store and filtering it using the common logic
35  // (less adequate than the approach used on Windows).
36  bool SelectClientCertsForTesting(const CertificateList& input_certs,
37                                   const SSLCertRequestInfo& cert_request_info,
38                                   CertificateList* selected_certs);
39
40  // Testing hook specific to Mac, where the internal logic recognizes preferred
41  // certificates for particular domains. If the preferred certificate is
42  // present in the output list (i.e. it doesn't get filtered out), it should
43  // always come first.
44  bool SelectClientCertsGivenPreferredForTesting(
45      const scoped_refptr<X509Certificate>& preferred_cert,
46      const CertificateList& regular_certs,
47      const SSLCertRequestInfo& request,
48      CertificateList* selected_certs);
49
50  DISALLOW_COPY_AND_ASSIGN(ClientCertStoreMac);
51};
52
53}  // namespace net
54
55#endif  // NET_SSL_CLIENT_CERT_STORE_MAC_H_
56