OLD | NEW |
---|---|
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/dom_ui/options/certificate_manager_handler.h" | 5 #include "chrome/browser/dom_ui/options/certificate_manager_handler.h" |
6 | 6 |
7 #include "app/l10n_util.h" | 7 #include "app/l10n_util.h" |
8 #include "app/l10n_util_collator.h" | 8 #include "app/l10n_util_collator.h" |
9 #include "base/file_util.h" // for FileAccessProvider | 9 #include "base/file_util.h" // for FileAccessProvider |
10 #include "base/safe_strerror_posix.h" | 10 #include "base/safe_strerror_posix.h" |
11 #include "base/string_number_conversions.h" | 11 #include "base/string_number_conversions.h" |
12 #include "base/values.h" | 12 #include "base/values.h" |
13 #include "chrome/browser/browser_process.h" | 13 #include "chrome/browser/browser_process.h" |
14 #include "chrome/browser/browser_thread.h" // for FileAccessProvider | 14 #include "chrome/browser/browser_thread.h" // for FileAccessProvider |
15 #include "chrome/browser/certificate_manager_model.h" | 15 #include "chrome/browser/certificate_manager_model.h" |
16 #include "chrome/browser/certificate_viewer.h" | 16 #include "chrome/browser/certificate_viewer.h" |
17 #include "chrome/browser/gtk/certificate_dialogs.h" | 17 #include "chrome/browser/gtk/certificate_dialogs.h" |
18 #include "chrome/browser/tab_contents/tab_contents.h" | 18 #include "chrome/browser/tab_contents/tab_contents.h" |
19 #include "chrome/browser/tab_contents/tab_contents_view.h" | 19 #include "chrome/browser/tab_contents/tab_contents_view.h" |
20 #include "chrome/browser/ui/pk11_password_dialog.h" | |
20 #include "grit/generated_resources.h" | 21 #include "grit/generated_resources.h" |
22 #include "net/base/pk11_slot.h" | |
21 #include "net/base/x509_certificate.h" | 23 #include "net/base/x509_certificate.h" |
22 | 24 |
23 namespace { | 25 namespace { |
24 | 26 |
25 static const char kKeyId[] = "id"; | 27 static const char kKeyId[] = "id"; |
26 static const char kSubNodesId[] = "subnodes"; | 28 static const char kSubNodesId[] = "subnodes"; |
27 static const char kNameId[] = "name"; | 29 static const char kNameId[] = "name"; |
28 static const char kReadOnlyId[] = "readonly"; | 30 static const char kReadOnlyId[] = "readonly"; |
29 static const char kIconId[] = "icon"; | 31 static const char kIconId[] = "icon"; |
30 static const char kSecurityDeviceId[] = "device"; | 32 static const char kSecurityDeviceId[] = "device"; |
(...skipping 489 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
520 L"CertificateManager.exportPersonalAskPassword"); | 522 L"CertificateManager.exportPersonalAskPassword"); |
521 } | 523 } |
522 | 524 |
523 void CertificateManagerHandler::ExportPersonalPasswordSelected( | 525 void CertificateManagerHandler::ExportPersonalPasswordSelected( |
524 const ListValue* args) { | 526 const ListValue* args) { |
525 if (!args->GetString(0, &password_)){ | 527 if (!args->GetString(0, &password_)){ |
526 dom_ui_->CallJavascriptFunction(L"CertificateRestoreOverlay.dismiss"); | 528 dom_ui_->CallJavascriptFunction(L"CertificateRestoreOverlay.dismiss"); |
527 ImportExportCleanup(); | 529 ImportExportCleanup(); |
528 return; | 530 return; |
529 } | 531 } |
532 | |
533 // Currently, we don't support exporting more than one at a time. If we do, | |
534 // this would need some cleanup to handle unlocking multiple slots. | |
535 DCHECK_EQ(selected_cert_list_.size(), 1U); | |
536 | |
537 // TODO(mattm): do something smarter about non-extractable keys | |
538 browser::UnlockCertSlotIfNecessary( | |
539 selected_cert_list_[0].get(), | |
540 browser::kPK11PasswordCertExport, | |
541 "", // unused. | |
542 NewCallback(this, | |
543 &CertificateManagerHandler::ExportPersonalSlotsUnlocked)); | |
544 } | |
545 | |
546 void CertificateManagerHandler::ExportPersonalSlotsUnlocked() { | |
530 std::string output; | 547 std::string output; |
531 int num_exported = certificate_manager_model_->cert_db().ExportToPKCS12( | 548 int num_exported = certificate_manager_model_->cert_db().ExportToPKCS12( |
532 selected_cert_list_, | 549 selected_cert_list_, |
533 password_, | 550 password_, |
534 &output); | 551 &output); |
535 if (!num_exported) { | 552 if (!num_exported) { |
536 dom_ui_->CallJavascriptFunction(L"CertificateRestoreOverlay.dismiss"); | 553 dom_ui_->CallJavascriptFunction(L"CertificateRestoreOverlay.dismiss"); |
537 ShowError( | 554 ShowError( |
538 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_EXPORT_ERROR_TITLE), | 555 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_EXPORT_ERROR_TITLE), |
539 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_UNKNOWN_ERROR)); | 556 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_UNKNOWN_ERROR)); |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
588 ImportExportCleanup(); | 605 ImportExportCleanup(); |
589 return; | 606 return; |
590 } | 607 } |
591 file_access_provider_->StartRead( | 608 file_access_provider_->StartRead( |
592 file_path_, | 609 file_path_, |
593 &consumer_, | 610 &consumer_, |
594 NewCallback(this, &CertificateManagerHandler::ImportPersonalFileRead)); | 611 NewCallback(this, &CertificateManagerHandler::ImportPersonalFileRead)); |
595 } | 612 } |
596 | 613 |
597 void CertificateManagerHandler::ImportPersonalFileRead( | 614 void CertificateManagerHandler::ImportPersonalFileRead( |
598 int read_errno, std::string data) { | 615 int read_errno, std::string data) { |
wtc
2010/12/15 20:54:36
Should the second argument be
const std::string&
mattm
2011/01/12 01:22:07
Unfortunately it can't, since it has to match the
| |
599 if (read_errno) { | 616 if (read_errno) { |
600 ImportExportCleanup(); | 617 ImportExportCleanup(); |
601 dom_ui_->CallJavascriptFunction(L"CertificateRestoreOverlay.dismiss"); | 618 dom_ui_->CallJavascriptFunction(L"CertificateRestoreOverlay.dismiss"); |
602 ShowError( | 619 ShowError( |
603 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_IMPORT_ERROR_TITLE), | 620 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_IMPORT_ERROR_TITLE), |
604 l10n_util::GetStringFUTF8(IDS_CERT_MANAGER_READ_ERROR_FORMAT, | 621 l10n_util::GetStringFUTF8(IDS_CERT_MANAGER_READ_ERROR_FORMAT, |
605 UTF8ToUTF16(safe_strerror(read_errno)))); | 622 UTF8ToUTF16(safe_strerror(read_errno)))); |
606 return; | 623 return; |
607 } | 624 } |
608 int result = certificate_manager_model_->ImportFromPKCS12(data, password_); | 625 |
626 data_ = data; | |
wtc
2010/12/15 20:54:36
It's too bad we have to copy the data. If it's to
| |
627 | |
628 // TODO(mattm): allow user to choose a slot to import to. | |
629 net::PK11SlotList slots; | |
630 certificate_manager_model_->cert_db().ListTokensForPKCS12(&slots); | |
631 slot_ = slots[0]; | |
wtc
2010/12/15 20:54:36
IMPORTANT: Is the first slot (slots[0]) the right
mattm
2011/01/12 01:22:07
It should be fine for chrome, even chromeos, since
| |
632 | |
633 browser::UnlockSlotIfNecessary( | |
634 slot_.get(), | |
635 browser::kPK11PasswordCertImport, | |
636 "", // unused. | |
637 NewCallback(this, | |
638 &CertificateManagerHandler::ImportPersonalSlotUnlocked)); | |
639 } | |
640 | |
641 void CertificateManagerHandler::ImportPersonalSlotUnlocked() { | |
642 int result = certificate_manager_model_->ImportFromPKCS12( | |
643 slot_, data_, password_); | |
609 ImportExportCleanup(); | 644 ImportExportCleanup(); |
610 dom_ui_->CallJavascriptFunction(L"CertificateRestoreOverlay.dismiss"); | 645 dom_ui_->CallJavascriptFunction(L"CertificateRestoreOverlay.dismiss"); |
611 switch (result) { | 646 switch (result) { |
612 case net::OK: | 647 case net::OK: |
613 break; | 648 break; |
614 case net::ERR_PKCS12_IMPORT_BAD_PASSWORD: | 649 case net::ERR_PKCS12_IMPORT_BAD_PASSWORD: |
615 ShowError( | 650 ShowError( |
616 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_IMPORT_ERROR_TITLE), | 651 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_IMPORT_ERROR_TITLE), |
617 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_BAD_PASSWORD)); | 652 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_BAD_PASSWORD)); |
618 // TODO(mattm): if the error was a bad password, we should reshow the | 653 // TODO(mattm): if the error was a bad password, we should reshow the |
619 // password dialog after the user dismisses the error dialog. | 654 // password dialog after the user dismisses the error dialog. |
620 break; | 655 break; |
621 default: | 656 default: |
622 ShowError( | 657 ShowError( |
623 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_IMPORT_ERROR_TITLE), | 658 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_IMPORT_ERROR_TITLE), |
624 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_UNKNOWN_ERROR)); | 659 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_UNKNOWN_ERROR)); |
625 break; | 660 break; |
626 } | 661 } |
627 } | 662 } |
628 | 663 |
629 void CertificateManagerHandler::CancelImportExportProcess( | 664 void CertificateManagerHandler::CancelImportExportProcess( |
630 const ListValue* args) { | 665 const ListValue* args) { |
631 ImportExportCleanup(); | 666 ImportExportCleanup(); |
632 } | 667 } |
633 | 668 |
634 void CertificateManagerHandler::ImportExportCleanup() { | 669 void CertificateManagerHandler::ImportExportCleanup() { |
635 file_path_.clear(); | 670 file_path_.clear(); |
636 password_.clear(); | 671 password_.clear(); |
672 data_.clear(); | |
637 selected_cert_list_.clear(); | 673 selected_cert_list_.clear(); |
638 select_file_dialog_ = NULL; | 674 select_file_dialog_ = NULL; |
675 slot_ = NULL; | |
639 } | 676 } |
640 | 677 |
641 void CertificateManagerHandler::ImportServer(const ListValue* args) { | 678 void CertificateManagerHandler::ImportServer(const ListValue* args) { |
642 select_file_dialog_ = SelectFileDialog::Create(this); | 679 select_file_dialog_ = SelectFileDialog::Create(this); |
643 ShowCertSelectFileDialog( | 680 ShowCertSelectFileDialog( |
644 select_file_dialog_.get(), | 681 select_file_dialog_.get(), |
645 SelectFileDialog::SELECT_OPEN_FILE, | 682 SelectFileDialog::SELECT_OPEN_FILE, |
646 FilePath(), | 683 FilePath(), |
647 GetParentWindow(), | 684 GetParentWindow(), |
648 reinterpret_cast<void*>(IMPORT_SERVER_FILE_SELECTED)); | 685 reinterpret_cast<void*>(IMPORT_SERVER_FILE_SELECTED)); |
(...skipping 244 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
893 StringValue error_value(error); | 930 StringValue error_value(error); |
894 dom_ui_->CallJavascriptFunction(L"CertificateImportErrorOverlay.show", | 931 dom_ui_->CallJavascriptFunction(L"CertificateImportErrorOverlay.show", |
895 title_value, | 932 title_value, |
896 error_value, | 933 error_value, |
897 cert_error_list); | 934 cert_error_list); |
898 } | 935 } |
899 | 936 |
900 gfx::NativeWindow CertificateManagerHandler::GetParentWindow() const { | 937 gfx::NativeWindow CertificateManagerHandler::GetParentWindow() const { |
901 return dom_ui_->tab_contents()->view()->GetTopLevelNativeWindow(); | 938 return dom_ui_->tab_contents()->view()->GetTopLevelNativeWindow(); |
902 } | 939 } |
OLD | NEW |