| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl_client_certificate_selector.h" | 5 #include "chrome/browser/ssl_client_certificate_selector.h" |
| 6 | 6 |
| 7 #include <windows.h> | 7 #include <windows.h> |
| 8 #include <cryptuiapi.h> | 8 #include <cryptuiapi.h> |
| 9 #pragma comment(lib, "cryptui.lib") | 9 #pragma comment(lib, "cryptui.lib") |
| 10 | 10 |
| 11 #include "app/l10n_util.h" | 11 #include "app/l10n_util.h" |
| 12 #include "base/string_util.h" | 12 #include "base/string_util.h" |
| 13 #include "base/utf_string_conversions.h" | 13 #include "base/utf_string_conversions.h" |
| 14 #include "chrome/browser/browser_list.h" | 14 #include "chrome/browser/browser_list.h" |
| 15 #include "chrome/browser/browser.h" | 15 #include "chrome/browser/browser.h" |
| 16 #include "chrome/browser/browser_window.h" | 16 #include "chrome/browser/browser_window.h" |
| 17 #include "chrome/browser/chrome_thread.h" | 17 #include "chrome/browser/chrome_thread.h" |
| 18 #include "chrome/browser/ssl/ssl_client_auth_handler.h" | 18 #include "chrome/browser/ssl/ssl_client_auth_handler.h" |
| 19 #include "chrome/browser/tab_contents/tab_contents.h" | 19 #include "chrome/browser/tab_contents/tab_contents.h" |
| 20 #include "grit/generated_resources.h" | 20 #include "grit/generated_resources.h" |
| 21 #include "net/url_request/url_request.h" | 21 #include "net/url_request/url_request.h" |
| 22 | 22 |
| 23 namespace browser { | 23 namespace browser { |
| 24 | 24 |
| 25 void ShowSSLClientCertificateSelector( | 25 void ShowSSLClientCertificateSelector( |
| 26 TabContents* parent, | 26 TabContents* parent, |
| 27 net::SSLCertRequestInfo* cert_request_info, | 27 net::SSLCertRequestInfo* cert_request_info, |
| 28 SSLClientAuthHandler* delegate) { | 28 SSLClientAuthHandler* delegate) { |
| 29 net::X509Certificate* cert = NULL; | |
| 30 // TODO(jcampan): replace this with our own cert selection dialog. | 29 // TODO(jcampan): replace this with our own cert selection dialog. |
| 31 // CryptUIDlgSelectCertificateFromStore is blocking (but still processes | 30 // CryptUIDlgSelectCertificateFromStore is blocking (but still processes |
| 32 // Windows messages), which is scary. | 31 // Windows messages), which is scary. |
| 33 // | 32 // |
| 34 // TODO(davidben): Make this dialog tab-modal to the | 33 // TODO(davidben): Make this dialog tab-modal to the |
| 35 // TabContents. This depends on the above TODO. | 34 // TabContents. This depends on the above TODO. |
| 36 HCERTSTORE client_certs = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, NULL, | 35 HCERTSTORE client_certs = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, NULL, |
| 37 0, NULL); | 36 0, NULL); |
| 38 BOOL ok; | 37 BOOL ok; |
| 39 for (size_t i = 0; i < cert_request_info->client_certs.size(); ++i) { | 38 for (size_t i = 0; i < cert_request_info->client_certs.size(); ++i) { |
| 40 PCCERT_CONTEXT cc = cert_request_info->client_certs[i]->os_cert_handle(); | 39 PCCERT_CONTEXT cc = cert_request_info->client_certs[i]->os_cert_handle(); |
| 41 ok = CertAddCertificateContextToStore(client_certs, cc, | 40 ok = CertAddCertificateContextToStore(client_certs, cc, |
| 42 CERT_STORE_ADD_ALWAYS, NULL); | 41 CERT_STORE_ADD_ALWAYS, NULL); |
| 43 DCHECK(ok); | 42 DCHECK(ok); |
| 44 } | 43 } |
| 45 | 44 |
| 46 std::wstring title = l10n_util::GetString(IDS_CLIENT_CERT_DIALOG_TITLE); | 45 std::wstring title = l10n_util::GetString(IDS_CLIENT_CERT_DIALOG_TITLE); |
| 47 std::wstring text = l10n_util::GetStringF( | 46 std::wstring text = l10n_util::GetStringF( |
| 48 IDS_CLIENT_CERT_DIALOG_TEXT, | 47 IDS_CLIENT_CERT_DIALOG_TEXT, |
| 49 ASCIIToWide(cert_request_info->host_and_port)); | 48 ASCIIToWide(cert_request_info->host_and_port)); |
| 50 PCCERT_CONTEXT cert_context = CryptUIDlgSelectCertificateFromStore( | 49 PCCERT_CONTEXT cert_context = CryptUIDlgSelectCertificateFromStore( |
| 51 client_certs, parent->GetMessageBoxRootWindow(), | 50 client_certs, parent->GetMessageBoxRootWindow(), |
| 52 title.c_str(), text.c_str(), 0, 0, NULL); | 51 title.c_str(), text.c_str(), 0, 0, NULL); |
| 53 | 52 |
| 53 net::X509Certificate* cert = NULL; |
| 54 if (cert_context) { | 54 if (cert_context) { |
| 55 cert = net::X509Certificate::CreateFromHandle( | 55 for (size_t i = 0; i < cert_request_info->client_certs.size(); ++i) { |
| 56 cert_context, | 56 net::X509Certificate* client_cert = cert_request_info->client_certs[i]; |
| 57 net::X509Certificate::SOURCE_LONE_CERT_IMPORT, | 57 if (net::X509Certificate::IsSameOSCert(cert_context, |
| 58 net::X509Certificate::OSCertHandles()); | 58 client_cert->os_cert_handle())) { |
| 59 cert = client_cert; |
| 60 break; |
| 61 } |
| 62 } |
| 63 DCHECK(cert != NULL); |
| 59 net::X509Certificate::FreeOSCertHandle(cert_context); | 64 net::X509Certificate::FreeOSCertHandle(cert_context); |
| 60 } | 65 } |
| 61 | 66 |
| 62 ok = CertCloseStore(client_certs, CERT_CLOSE_STORE_CHECK_FLAG); | 67 ok = CertCloseStore(client_certs, CERT_CLOSE_STORE_CHECK_FLAG); |
| 63 DCHECK(ok); | 68 DCHECK(ok); |
| 64 | 69 |
| 65 delegate->CertificateSelected(cert); | 70 delegate->CertificateSelected(cert); |
| 66 } | 71 } |
| 67 | 72 |
| 68 } // namespace browser | 73 } // namespace browser |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3170019:
Remove dependency on X509Certificate::Cache behaviour when selecting a client certificate on Win (Closed)
