src/net/ssl/client_cert_store_chromeos.h

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_SSL_CLIENT_CERT_STORE_CHROMEOS_H_
   6 #define NET_SSL_CLIENT_CERT_STORE_CHROMEOS_H_
   7
   8 #include <string>
   9
  10 #include "base/memory/scoped_ptr.h"
  11 #include "net/ssl/client_cert_store_nss.h"
  12
  13 namespace net {
  14
  15 class X509Certificate;
  16
  17 class NET_EXPORT ClientCertStoreChromeOS : public ClientCertStoreNSS {
  18  public:
  19   class CertFilter {
  20    public:
  21     virtual ~CertFilter() {}
  22
  23     // Initializes this filter. Returns true if it finished initialization,
  24     // otherwise returns false and calls |callback| once the initialization is
  25     // completed.
  26     // Must be called at most once.
  27     virtual bool Init(const base::Closure& callback) = 0;
  28
  29     // Returns true if |cert| is allowed to be used as a client certificate
  30     // (e.g. for a certain browser context or user).
  31     // This is only called once initialization is finished, see Init().
  32     virtual bool IsCertAllowed(
  33         const scoped_refptr<X509Certificate>& cert) const = 0;
  34   };
  35
  36   // This ClientCertStore will return only client certs that pass the filter
  37   // |cert_filter|.
  38   ClientCertStoreChromeOS(
  39       scoped_ptr<CertFilter> cert_filter,
  40       const PasswordDelegateFactory& password_delegate_factory);
  41   virtual ~ClientCertStoreChromeOS();
  42
  43   // ClientCertStoreNSS:
  44   virtual void GetClientCerts(const SSLCertRequestInfo& cert_request_info,
  45                               CertificateList* selected_certs,
  46                               const base::Closure& callback) override;
  47
  48  protected:
  49   // ClientCertStoreNSS:
  50   virtual void GetClientCertsImpl(CERTCertList* cert_list,
  51                                   const SSLCertRequestInfo& request,
  52                                   bool query_nssdb,
  53                                   CertificateList* selected_certs) override;
  54
  55  private:
  56   void CertFilterInitialized(const SSLCertRequestInfo* request,
  57                              CertificateList* selected_certs,
  58                              const base::Closure& callback);
  59
  60   scoped_ptr<CertFilter> cert_filter_;
  61
  62   DISALLOW_COPY_AND_ASSIGN(ClientCertStoreChromeOS);
  63 };
  64
  65 }  // namespace net
  66
  67 #endif  // NET_SSL_CLIENT_CERT_STORE_CHROMEOS_H_