client_cert_store_nss.h revision a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7
1a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved. 2a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)// found in the LICENSE file. 4a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 5a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#ifndef NET_SSL_CLIENT_CERT_STORE_NSS_H_ 6a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#define NET_SSL_CLIENT_CERT_STORE_NSS_H_ 7a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 8a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "base/basictypes.h" 9a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "base/callback.h" 10a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "base/gtest_prod_util.h" 11a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "net/base/net_export.h" 12a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "net/ssl/client_cert_store.h" 13a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "net/ssl/ssl_cert_request_info.h" 14a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 15a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)namespace crypto { 16a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)class CryptoModuleBlockingPasswordDelegate; 17a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)} 18a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 19a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)namespace net { 20a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 21a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)class NET_EXPORT ClientCertStoreNSS : public ClientCertStore { 22a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) public: 23a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) typedef base::Callback<crypto::CryptoModuleBlockingPasswordDelegate*( 24a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const std::string& /* server */)> PasswordDelegateFactory; 25a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 26a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) explicit ClientCertStoreNSS( 27a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const PasswordDelegateFactory& password_delegate_factory); 28a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) virtual ~ClientCertStoreNSS(); 29a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 30a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // ClientCertStore: 31a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) virtual void GetClientCerts(const SSLCertRequestInfo& cert_request_info, 32a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) CertificateList* selected_certs, 33a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const base::Closure& callback) OVERRIDE; 34a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 35a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) private: 36a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) friend class ClientCertStoreNSSTestDelegate; 37a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 38a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // A hook for testing. Filters |input_certs| using the logic being used to 39a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // filter the system store when GetClientCerts() is called. 40a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // Implemented by creating a list of certificates that otherwise would be 41a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // extracted from the system store and filtering it using the common logic 42a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // (less adequate than the approach used on Windows). 43a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) bool SelectClientCertsForTesting(const CertificateList& input_certs, 44a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const SSLCertRequestInfo& cert_request_info, 45a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) CertificateList* selected_certs); 46a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 47a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // The factory for creating the delegate for requesting a password to a 48a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) // PKCS #11 token. May be null. 49a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) PasswordDelegateFactory password_delegate_factory_; 50a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 51a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(ClientCertStoreNSS); 52a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)}; 53a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 54a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)} // namespace net 55a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 56a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#endif // NET_SSL_CLIENT_CERT_STORE_NSS_H_ 57