chrome/browser/chromeos/net/client_cert_store_chromeos.cc

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h"
   6
   7 #include <cert.h>
   8 #include <algorithm>
   9
  10 #include "base/bind.h"
  11 #include "base/bind_helpers.h"
  12 #include "base/callback.h"
  13
  14 namespace chromeos {
  15
  16 namespace {
  17
  18 class CertNotAllowedPredicate {
  19  public:
  20   explicit CertNotAllowedPredicate(
  21       const ClientCertStoreChromeOS::CertFilter& filter)
  22       : filter_(filter) {}
  23   bool operator()(const scoped_refptr<net::X509Certificate>& cert) const {
  24     return !filter_.IsCertAllowed(cert);
  25   }
  26
  27  private:
  28   const ClientCertStoreChromeOS::CertFilter& filter_;
  29 };
  30
  31 }  // namespace
  32
  33 ClientCertStoreChromeOS::ClientCertStoreChromeOS(
  34     scoped_ptr<CertFilter> cert_filter,
  35     const PasswordDelegateFactory& password_delegate_factory)
  36     : ClientCertStoreNSS(password_delegate_factory),
  37       cert_filter_(cert_filter.Pass()) {}
  38
  39 ClientCertStoreChromeOS::~ClientCertStoreChromeOS() {}
  40
  41 void ClientCertStoreChromeOS::GetClientCerts(
  42     const net::SSLCertRequestInfo& cert_request_info,
  43     net::CertificateList* selected_certs,
  44     const base::Closure& callback) {
  45   base::Closure bound_callback = base::Bind(
  46       &ClientCertStoreChromeOS::CertFilterInitialized,
  47       // Caller is responsible for keeping the ClientCertStore alive
  48       // until the callback is run.
  49       base::Unretained(this), &cert_request_info, selected_certs, callback);
  50
  51   if (cert_filter_->Init(bound_callback))
  52     bound_callback.Run();
  53 }
  54
  55 void ClientCertStoreChromeOS::GetClientCertsImpl(
  56     CERTCertList* cert_list,
  57     const net::SSLCertRequestInfo& request,
  58     bool query_nssdb,
  59     net::CertificateList* selected_certs) {
  60   net::ClientCertStoreNSS::GetClientCertsImpl(cert_list, request, query_nssdb,
  61                                               selected_certs);
  62
  63   size_t pre_size = selected_certs->size();
  64   selected_certs->erase(
  65       std::remove_if(selected_certs->begin(), selected_certs->end(),
  66                      CertNotAllowedPredicate(*cert_filter_)),
  67       selected_certs->end());
  68   DVLOG(1) << "filtered " << pre_size - selected_certs->size() << " of "
  69            << pre_size << " certs";
  70 }
  71
  72 void ClientCertStoreChromeOS::CertFilterInitialized(
  73     const net::SSLCertRequestInfo* request,
  74     net::CertificateList* selected_certs,
  75     const base::Closure& callback) {
  76   net::ClientCertStoreNSS::GetClientCerts(*request, selected_certs, callback);
  77 }
  78
  79 }  // namespace chromeos