Improved support for loading client certificates on smart cards on macOS

net/ssl/client_cert_store_mac.h

Index: net/ssl/client_cert_store_mac.h
diff --git a/net/ssl/client_cert_store_mac.h b/net/ssl/client_cert_store_mac.h
index 1bad779dd35377fb284356148a9d8eb1f1f5bd3d..94d9436468961e72bc8e650a6edab2cd87114754 100644
--- a/net/ssl/client_cert_store_mac.h
+++ b/net/ssl/client_cert_store_mac.h
@@ -5,6 +5,8 @@
 #ifndef NET_SSL_CLIENT_CERT_STORE_MAC_H_
 #define NET_SSL_CLIENT_CERT_STORE_MAC_H_
 
+#include <Security/Security.h>
+
 #include "base/callback.h"
 #include "base/macros.h"
 #include "net/base/net_export.h"
@@ -45,6 +47,16 @@ class NET_EXPORT ClientCertStoreMac : public ClientCertStore {
       const SSLCertRequestInfo& request,
       CertificateList* selected_certs);
 
+
+  // Given an |identity|, adds it to either |regular_certs| or assigns
+  // |preferred_cert| if it it shte |preferred_identity.

[Ryan Sleevi, 2017/05/30 18:00:01]

typo: if it is the |preferred_identity|

[Ryan Sleevi, 2017/05/30 18:00:01]

Could you expand on what you're trying to document here? What's the distinction
between |preferred_identity| and |identity| here as the parameters? Some further
documentation seems warranted here in the header, although complete
documentation of the method in the header would be undesirable.

[agaynor, 2017/05/31 02:37:33]

Done.

+  void AddIdentity(
+      CertificateList& regular_certs,
+      scoped_refptr<X509Certificate>& preferred_cert,
+      SecIdentityRef preferred_identity,
+      SecIdentityRef identity);
+
+
   DISALLOW_COPY_AND_ASSIGN(ClientCertStoreMac);
 };