OLD | NEW |
---|---|
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/cert_database.h" | 5 #include "net/base/cert_database.h" |
6 | 6 |
7 #include <cert.h> | 7 #include <cert.h> |
8 #include <certdb.h> | 8 #include <certdb.h> |
9 #include <keyhi.h> | 9 #include <keyhi.h> |
10 #include <pk11pub.h> | 10 #include <pk11pub.h> |
11 #include <secmod.h> | 11 #include <secmod.h> |
12 | 12 |
13 #include "base/logging.h" | 13 #include "base/logging.h" |
14 #include "base/nss_util.h" | 14 #include "base/nss_util.h" |
15 #include "base/scoped_ptr.h" | 15 #include "base/scoped_ptr.h" |
16 #include "net/base/net_errors.h" | 16 #include "net/base/net_errors.h" |
17 #include "net/base/pk11_slot.h" | |
17 #include "net/base/x509_certificate.h" | 18 #include "net/base/x509_certificate.h" |
18 #include "net/third_party/mozilla_security_manager/nsNSSCertificateDB.h" | 19 #include "net/third_party/mozilla_security_manager/nsNSSCertificateDB.h" |
19 #include "net/third_party/mozilla_security_manager/nsNSSCertTrust.h" | 20 #include "net/third_party/mozilla_security_manager/nsNSSCertTrust.h" |
20 #include "net/third_party/mozilla_security_manager/nsPKCS12Blob.h" | 21 #include "net/third_party/mozilla_security_manager/nsPKCS12Blob.h" |
21 | 22 |
22 // PSM = Mozilla's Personal Security Manager. | 23 // PSM = Mozilla's Personal Security Manager. |
23 namespace psm = mozilla_security_manager; | 24 namespace psm = mozilla_security_manager; |
24 | 25 |
25 namespace net { | 26 namespace net { |
26 | 27 |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
99 !CERT_LIST_END(node, cert_list); | 100 !CERT_LIST_END(node, cert_list); |
100 node = CERT_LIST_NEXT(node)) { | 101 node = CERT_LIST_NEXT(node)) { |
101 certs->push_back(X509Certificate::CreateFromHandle( | 102 certs->push_back(X509Certificate::CreateFromHandle( |
102 node->cert, | 103 node->cert, |
103 X509Certificate::SOURCE_LONE_CERT_IMPORT, | 104 X509Certificate::SOURCE_LONE_CERT_IMPORT, |
104 X509Certificate::OSCertHandles())); | 105 X509Certificate::OSCertHandles())); |
105 } | 106 } |
106 CERT_DestroyCertList(cert_list); | 107 CERT_DestroyCertList(cert_list); |
107 } | 108 } |
108 | 109 |
110 void CertDatabase::ListTokensForPKCS12(PK11SlotList* slots) const { | |
111 slots->clear(); | |
112 | |
113 ::PK11SlotList* slot_list = NULL; | |
114 slot_list = PK11_GetAllTokens(CKM_RSA_PKCS, | |
wtc
2010/12/15 20:54:36
BUG: I think you should pass CKM_INVALID_MECHANISM
mattm
2011/01/12 01:22:07
Done.
| |
115 PR_TRUE, // needRW | |
116 PR_TRUE, // loadCerts (unused) | |
117 NULL); // wincx | |
118 | |
119 ::PK11SlotListElement* slot_element = PK11_GetFirstSafe(slot_list); | |
120 while (slot_element) { | |
121 slots->push_back(PK11Slot::CreateFromHandle(slot_element->slot)); | |
122 slot_element = PK11_GetNextSafe(slot_list, slot_element, | |
123 PR_FALSE); // restart | |
124 } | |
125 | |
126 PK11_FreeSlotList(slot_list); | |
127 } | |
128 | |
109 int CertDatabase::ImportFromPKCS12( | 129 int CertDatabase::ImportFromPKCS12( |
110 const std::string& data, const string16& password) { | 130 net::PK11Slot* slot, const std::string& data, const string16& password) { |
wtc
2010/12/15 20:54:36
Nit: in this form, we probably should list one par
mattm
2011/01/12 01:22:07
Done.
| |
111 return psm::nsPKCS12Blob_Import(data.data(), data.size(), password); | 131 return psm::nsPKCS12Blob_Import(slot->os_slot_handle(), |
132 data.data(), data.size(), | |
133 password); | |
112 } | 134 } |
113 | 135 |
114 int CertDatabase::ExportToPKCS12( | 136 int CertDatabase::ExportToPKCS12( |
115 const CertificateList& certs, | 137 const CertificateList& certs, |
116 const string16& password, | 138 const string16& password, |
117 std::string* output) const { | 139 std::string* output) const { |
118 return psm::nsPKCS12Blob_Export(output, certs, password); | 140 return psm::nsPKCS12Blob_Export(output, certs, password); |
119 } | 141 } |
120 | 142 |
121 X509Certificate* CertDatabase::FindRootInList( | 143 X509Certificate* CertDatabase::FindRootInList( |
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
203 } | 225 } |
204 return true; | 226 return true; |
205 } | 227 } |
206 | 228 |
207 bool CertDatabase::IsReadOnly(const X509Certificate* cert) const { | 229 bool CertDatabase::IsReadOnly(const X509Certificate* cert) const { |
208 PK11SlotInfo* slot = cert->os_cert_handle()->slot; | 230 PK11SlotInfo* slot = cert->os_cert_handle()->slot; |
209 return slot && PK11_IsReadOnly(slot); | 231 return slot && PK11_IsReadOnly(slot); |
210 } | 232 } |
211 | 233 |
212 } // namespace net | 234 } // namespace net |
OLD | NEW |