net/ssl/client_cert_store_chromeos.cc

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/ssl/client_cert_store_chromeos.h"
   6
   7 #include <cert.h>
   8 #include <algorithm>
   9
  10 #include "base/bind.h"
  11 #include "base/bind_helpers.h"
  12 #include "base/callback.h"
  13
  14 namespace net {
  15
  16 namespace {
  17
  18 class CertNotAllowedPredicate {
  19  public:
  20   explicit CertNotAllowedPredicate(
  21       const ClientCertStoreChromeOS::CertFilter& filter)
  22       : filter_(filter) {}
  23   bool operator()(const scoped_refptr<X509Certificate>& cert) const {
  24     return !filter_.IsCertAllowed(cert);
  25   }
  26
  27  private:
  28   const ClientCertStoreChromeOS::CertFilter& filter_;
  29 };
  30
  31 }  // namespace
  32
  33 ClientCertStoreChromeOS::ClientCertStoreChromeOS(
  34     scoped_ptr<CertFilter> cert_filter,
  35     const PasswordDelegateFactory& password_delegate_factory)
  36     : ClientCertStoreNSS(password_delegate_factory),
  37       cert_filter_(cert_filter.Pass()) {
  38 }
  39
  40 ClientCertStoreChromeOS::~ClientCertStoreChromeOS() {}
  41
  42 void ClientCertStoreChromeOS::GetClientCerts(
  43     const SSLCertRequestInfo& cert_request_info,
  44     CertificateList* selected_certs,
  45     const base::Closure& callback) {
  46   base::Closure bound_callback =
  47       base::Bind(&ClientCertStoreChromeOS::CertFilterInitialized,
  48                  // Caller is responsible for keeping the ClientCertStore alive
  49                  // until the callback is run.
  50                  base::Unretained(this),
  51                  &cert_request_info,
  52                  selected_certs,
  53                  callback);
  54
  55   if (cert_filter_->Init(bound_callback))
  56     bound_callback.Run();
  57 }
  58
  59 void ClientCertStoreChromeOS::GetClientCertsImpl(
  60     CERTCertList* cert_list,
  61     const SSLCertRequestInfo& request,
  62     bool query_nssdb,
  63     CertificateList* selected_certs) {
  64   ClientCertStoreNSS::GetClientCertsImpl(
  65       cert_list, request, query_nssdb, selected_certs);
  66
  67   size_t pre_size = selected_certs->size();
  68   selected_certs->erase(std::remove_if(selected_certs->begin(),
  69                                        selected_certs->end(),
  70                                        CertNotAllowedPredicate(*cert_filter_)),
  71                         selected_certs->end());
  72   DVLOG(1) << "filtered " << pre_size - selected_certs->size() << " of "
  73            << pre_size << " certs";
  74 }
  75
  76 void ClientCertStoreChromeOS::CertFilterInitialized(
  77     const SSLCertRequestInfo* request,
  78     CertificateList* selected_certs,
  79     const base::Closure& callback) {
  80   ClientCertStoreNSS::GetClientCerts(*request, selected_certs, callback);
  81 }
  82
  83 }  // namespace net