xref: /aosp_15_r20/external/cronet/net/ssl/client_cert_store_win.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b)
1 // Copyright 2013 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_SSL_CLIENT_CERT_STORE_WIN_H_
6 #define NET_SSL_CLIENT_CERT_STORE_WIN_H_
7 
8 #include "base/functional/callback.h"
9 #include "base/win/wincrypt_shim.h"
10 #include "crypto/scoped_capi_types.h"
11 #include "net/base/net_export.h"
12 #include "net/ssl/client_cert_store.h"
13 #include "net/ssl/ssl_cert_request_info.h"
14 
15 namespace net {
16 
17 class NET_EXPORT ClientCertStoreWin : public ClientCertStore {
18  public:
19   // Uses the "MY" current user system certificate store.
20   ClientCertStoreWin();
21 
22   // Calls |cert_store_callback| on the platform key thread to determine the
23   // certificate store.
24   explicit ClientCertStoreWin(
25       base::RepeatingCallback<crypto::ScopedHCERTSTORE()> cert_store_callback);
26 
27   ClientCertStoreWin(const ClientCertStoreWin&) = delete;
28   ClientCertStoreWin& operator=(const ClientCertStoreWin&) = delete;
29 
30   ~ClientCertStoreWin() override;
31 
32   // If a cert store has been provided at construction time GetClientCerts
33   // will use that. Otherwise it will use the current user's "MY" cert store
34   // instead.
35   void GetClientCerts(const SSLCertRequestInfo& cert_request_info,
36                       ClientCertListCallback callback) override;
37 
38  private:
39   friend class ClientCertStoreWinTestDelegate;
40 
41   // Opens the cert store and uses it to lookup the client certs.
42   static ClientCertIdentityList GetClientCertsWithCertStore(
43       const SSLCertRequestInfo& request,
44       const base::RepeatingCallback<crypto::ScopedHCERTSTORE()>&
45           cert_store_callback);
46 
47   // A hook for testing. Filters |input_certs| using the logic being used to
48   // filter the system store when GetClientCerts() is called.
49   // Implemented by creating a temporary in-memory store and filtering it
50   // using the common logic.
51   bool SelectClientCertsForTesting(const CertificateList& input_certs,
52                                    const SSLCertRequestInfo& cert_request_info,
53                                    ClientCertIdentityList* selected_identities);
54 
55   base::RepeatingCallback<crypto::ScopedHCERTSTORE()> cert_store_callback_;
56 };
57 
58 }  // namespace net
59 
60 #endif  // NET_SSL_CLIENT_CERT_STORE_WIN_H_
61