xref: /aosp_15_r20/external/cronet/net/ssl/client_cert_store_mac.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2013 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_SSL_CLIENT_CERT_STORE_MAC_H_
6 #define NET_SSL_CLIENT_CERT_STORE_MAC_H_
7 
8 #include "base/functional/callback.h"
9 #include "net/base/net_export.h"
10 #include "net/ssl/client_cert_store.h"
11 #include "net/ssl/ssl_cert_request_info.h"
12 
13 namespace net {
14 
15 class ClientCertIdentityMac;
16 
17 class NET_EXPORT ClientCertStoreMac : public ClientCertStore {
18  public:
19   ClientCertStoreMac();
20 
21   ClientCertStoreMac(const ClientCertStoreMac&) = delete;
22   ClientCertStoreMac& operator=(const ClientCertStoreMac&) = delete;
23 
24   ~ClientCertStoreMac() override;
25 
26   // ClientCertStore:
27   void GetClientCerts(const SSLCertRequestInfo& cert_request_info,
28                       ClientCertListCallback callback) override;
29 
30  private:
31   // TODO(https://crbug.com/1302761): Improve test coverage and remove/reduce
32   // the friend tests and ForTesting methods.
33   friend class ClientCertStoreMacTest;
34   friend class ClientCertStoreMacTestDelegate;
35 
36   // A hook for testing. Filters |input_identities| using the logic being used
37   // to filter the system store when GetClientCerts() is called. Implemented by
38   // creating a list of certificates that otherwise would be extracted from the
39   // system store and filtering it using the common logic (less adequate than
40   // the approach used on Windows).
41   bool SelectClientCertsForTesting(
42       std::vector<std::unique_ptr<ClientCertIdentityMac>> input_identities,
43       const SSLCertRequestInfo& cert_request_info,
44       ClientCertIdentityList* selected_identities);
45 
46   // Testing hook specific to Mac, where the internal logic recognizes preferred
47   // certificates for particular domains. If the preferred certificate is
48   // present in the output list (i.e. it doesn't get filtered out), it should
49   // always come first.
50   bool SelectClientCertsGivenPreferredForTesting(
51       std::unique_ptr<ClientCertIdentityMac> preferred_identity,
52       std::vector<std::unique_ptr<ClientCertIdentityMac>> regular_identities,
53       const SSLCertRequestInfo& request,
54       ClientCertIdentityList* selected_identities);
55 };
56 
57 }  // namespace net
58 
59 #endif  // NET_SSL_CLIENT_CERT_STORE_MAC_H_
60