15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2011 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 52a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#ifndef NET_SSL_SSL_CLIENT_AUTH_CACHE_H_ 62a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#define NET_SSL_SSL_CLIENT_AUTH_CACHE_H_ 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include <map> 92a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include <string> 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/compiler_specific.h" 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/memory/ref_counted.h" 135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "net/base/host_port_pair.h" 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/base/net_export.h" 15c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "net/cert/cert_database.h" 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace net { 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class X509Certificate; 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// The SSLClientAuthCache class is a simple cache structure to store SSL 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// client certificates. Provides lookup, insertion, and deletion of entries. 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// The parameter for doing lookups, insertions, and deletions is the server's 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// host and port. 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// TODO(wtc): This class is based on FtpAuthCache. We can extract the common 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// code to a template class. 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class NET_EXPORT_PRIVATE SSLClientAuthCache : public CertDatabase::Observer { 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLClientAuthCache(); 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual ~SSLClientAuthCache(); 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Checks for a client certificate preference for SSL server at |server|. 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Returns true if a preference is found, and sets |*certificate| to the 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // desired client certificate. The desired certificate may be NULL, which 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // indicates a preference to not send any certificate to |server|. 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // If a certificate preference is not found, returns false. 385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) bool Lookup(const HostPortPair& server, 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<X509Certificate>* certificate); 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Add a client certificate for |server| to the cache. If there is already 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // a client certificate for |server|, it will be overwritten. A NULL 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // |client_cert| indicates a preference that no client certificate should 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // be sent to |server|. 455d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) void Add(const HostPortPair& server, X509Certificate* client_cert); 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Remove the client certificate for |server| from the cache, if one exists. 485d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) void Remove(const HostPortPair& server); 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // CertDatabase::Observer methods: 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void OnCertAdded(const X509Certificate* cert) OVERRIDE; 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private: 545d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) typedef HostPortPair AuthCacheKey; 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) typedef scoped_refptr<X509Certificate> AuthCacheValue; 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) typedef std::map<AuthCacheKey, AuthCacheValue> AuthCacheMap; 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // internal representation of cache, an STL map. 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) AuthCacheMap cache_; 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace net 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#endif // NET_SSL_SSL_CLIENT_AUTH_CACHE_H_ 65