• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2011 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_SSL_SSL_CLIENT_AUTH_CACHE_H_
6 #define NET_SSL_SSL_CLIENT_AUTH_CACHE_H_
7 
8 #include <map>
9 #include <utility>
10 
11 #include "base/compiler_specific.h"
12 #include "base/memory/scoped_refptr.h"
13 #include "net/base/host_port_pair.h"
14 #include "net/base/net_export.h"
15 #include "net/ssl/ssl_private_key.h"
16 
17 namespace net {
18 
19 class X509Certificate;
20 
21 // The SSLClientAuthCache class is a simple cache structure to store SSL
22 // client certificate decisions. Provides lookup, insertion, and deletion of
23 // entries based on a server's host and port.
24 class NET_EXPORT_PRIVATE SSLClientAuthCache {
25  public:
26   SSLClientAuthCache();
27   ~SSLClientAuthCache();
28 
29   // Checks for a client certificate preference for SSL server at |server|.
30   // Returns true if a preference is found, and sets |*certificate| to the
31   // desired client certificate. The desired certificate may be NULL, which
32   // indicates a preference to not send any certificate to |server|.
33   // If a certificate preference is not found, returns false.
34   bool Lookup(const HostPortPair& server,
35               scoped_refptr<X509Certificate>* certificate,
36               scoped_refptr<SSLPrivateKey>* private_key);
37 
38   // Add a client certificate and private key for |server| to the cache. If
39   // there is already a client certificate for |server|, it will be
40   // overwritten. A NULL |client_cert| indicates a preference that no client
41   // certificate should be sent to |server|.
42   void Add(const HostPortPair& server,
43            scoped_refptr<X509Certificate> client_cert,
44            scoped_refptr<SSLPrivateKey> private_key);
45 
46   // Remove cached client certificate decisions for |server| from the cache.
47   // Returns true if one was removed and false otherwise.
48   bool Remove(const HostPortPair& server);
49 
50   // Removes all cached client certificate decisions.
51   void Clear();
52 
53  private:
54   typedef HostPortPair AuthCacheKey;
55   typedef std::pair<scoped_refptr<X509Certificate>,
56                     scoped_refptr<SSLPrivateKey>> AuthCacheValue;
57   typedef std::map<AuthCacheKey, AuthCacheValue> AuthCacheMap;
58 
59   // internal representation of cache, an STL map.
60   AuthCacheMap cache_;
61 };
62 
63 }  // namespace net
64 
65 #endif  // NET_SSL_SSL_CLIENT_AUTH_CACHE_H_
66