1 // Copyright 2013 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_SSL_CLIENT_CERT_STORE_WIN_H_ 6 #define NET_SSL_CLIENT_CERT_STORE_WIN_H_ 7 8 #include "base/functional/callback.h" 9 #include "base/win/wincrypt_shim.h" 10 #include "crypto/scoped_capi_types.h" 11 #include "net/base/net_export.h" 12 #include "net/ssl/client_cert_store.h" 13 #include "net/ssl/ssl_cert_request_info.h" 14 15 namespace net { 16 17 class NET_EXPORT ClientCertStoreWin : public ClientCertStore { 18 public: 19 // Uses the "MY" current user system certificate store. 20 ClientCertStoreWin(); 21 22 // Calls |cert_store_callback| on the platform key thread to determine the 23 // certificate store. 24 explicit ClientCertStoreWin( 25 base::RepeatingCallback<crypto::ScopedHCERTSTORE()> cert_store_callback); 26 27 ClientCertStoreWin(const ClientCertStoreWin&) = delete; 28 ClientCertStoreWin& operator=(const ClientCertStoreWin&) = delete; 29 30 ~ClientCertStoreWin() override; 31 32 // If a cert store has been provided at construction time GetClientCerts 33 // will use that. Otherwise it will use the current user's "MY" cert store 34 // instead. 35 void GetClientCerts(const SSLCertRequestInfo& cert_request_info, 36 ClientCertListCallback callback) override; 37 38 private: 39 friend class ClientCertStoreWinTestDelegate; 40 41 // Opens the cert store and uses it to lookup the client certs. 42 static ClientCertIdentityList GetClientCertsWithCertStore( 43 const SSLCertRequestInfo& request, 44 const base::RepeatingCallback<crypto::ScopedHCERTSTORE()>& 45 cert_store_callback); 46 47 // A hook for testing. Filters |input_certs| using the logic being used to 48 // filter the system store when GetClientCerts() is called. 49 // Implemented by creating a temporary in-memory store and filtering it 50 // using the common logic. 51 bool SelectClientCertsForTesting(const CertificateList& input_certs, 52 const SSLCertRequestInfo& cert_request_info, 53 ClientCertIdentityList* selected_identities); 54 55 base::RepeatingCallback<crypto::ScopedHCERTSTORE()> cert_store_callback_; 56 }; 57 58 } // namespace net 59 60 #endif // NET_SSL_CLIENT_CERT_STORE_WIN_H_ 61