• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_BASE_SSL_CLIENT_AUTH_CACHE_H_
6 #define NET_BASE_SSL_CLIENT_AUTH_CACHE_H_
7 #pragma once
8 
9 #include <string>
10 #include <map>
11 
12 #include "base/memory/ref_counted.h"
13 #include "net/base/cert_database.h"
14 
15 namespace net {
16 
17 class X509Certificate;
18 
19 // The SSLClientAuthCache class is a simple cache structure to store SSL
20 // client certificates. Provides lookup, insertion, and deletion of entries.
21 // The parameter for doing lookups, insertions, and deletions is the server's
22 // host and port.
23 //
24 // TODO(wtc): This class is based on FtpAuthCache.  We can extract the common
25 // code to a template class.
26 class SSLClientAuthCache : public CertDatabase::Observer {
27  public:
28   SSLClientAuthCache();
29   ~SSLClientAuthCache();
30 
31   // Checks for a client certificate preference for SSL server at |server|.
32   // Returns true if a preference is found, and sets |*certificate| to the
33   // desired client certificate. The desired certificate may be NULL, which
34   // indicates a preference to not send any certificate to |server|.
35   // If a certificate preference is not found, returns false.
36   bool Lookup(const std::string& server,
37               scoped_refptr<X509Certificate>* certificate);
38 
39   // Add a client certificate for |server| to the cache. If there is already
40   // a client certificate for |server|, it will be overwritten. A NULL
41   // |client_cert| indicates a preference that no client certificate should
42   // be sent to |server|.
43   void Add(const std::string& server, X509Certificate* client_cert);
44 
45   // Remove the client certificate for |server| from the cache, if one exists.
46   void Remove(const std::string& server);
47 
48   // CertDatabase::Observer methods:
49   virtual void OnUserCertAdded(const X509Certificate* cert);
50 
51  private:
52   typedef std::string AuthCacheKey;
53   typedef scoped_refptr<X509Certificate> AuthCacheValue;
54   typedef std::map<AuthCacheKey, AuthCacheValue> AuthCacheMap;
55 
56   // internal representation of cache, an STL map.
57   AuthCacheMap cache_;
58 };
59 
60 }  // namespace net
61 
62 #endif  // NET_BASE_SSL_CLIENT_AUTH_CACHE_H_
63