1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_SSL_CLIENT_CERT_STORE_NSS_H_ 6 #define NET_SSL_CLIENT_CERT_STORE_NSS_H_ 7 8 #include "base/basictypes.h" 9 #include "base/callback.h" 10 #include "base/gtest_prod_util.h" 11 #include "net/base/net_export.h" 12 #include "net/ssl/client_cert_store.h" 13 #include "net/ssl/ssl_cert_request_info.h" 14 15 namespace crypto { 16 class CryptoModuleBlockingPasswordDelegate; 17 } 18 19 namespace net { 20 21 class NET_EXPORT ClientCertStoreNSS : public ClientCertStore { 22 public: 23 typedef base::Callback<crypto::CryptoModuleBlockingPasswordDelegate*( 24 const std::string& /* server */)> PasswordDelegateFactory; 25 26 explicit ClientCertStoreNSS( 27 const PasswordDelegateFactory& password_delegate_factory); 28 virtual ~ClientCertStoreNSS(); 29 30 // ClientCertStore: 31 virtual void GetClientCerts(const SSLCertRequestInfo& cert_request_info, 32 CertificateList* selected_certs, 33 const base::Closure& callback) OVERRIDE; 34 35 private: 36 friend class ClientCertStoreNSSTestDelegate; 37 38 // A hook for testing. Filters |input_certs| using the logic being used to 39 // filter the system store when GetClientCerts() is called. 40 // Implemented by creating a list of certificates that otherwise would be 41 // extracted from the system store and filtering it using the common logic 42 // (less adequate than the approach used on Windows). 43 bool SelectClientCertsForTesting(const CertificateList& input_certs, 44 const SSLCertRequestInfo& cert_request_info, 45 CertificateList* selected_certs); 46 47 // The factory for creating the delegate for requesting a password to a 48 // PKCS #11 token. May be null. 49 PasswordDelegateFactory password_delegate_factory_; 50 51 DISALLOW_COPY_AND_ASSIGN(ClientCertStoreNSS); 52 }; 53 54 } // namespace net 55 56 #endif // NET_SSL_CLIENT_CERT_STORE_NSS_H_ 57