Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(115)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/ssl_client_auth_handler_mac.mm

Issue 651090: Mac client-side SSL cert improvements. (Closed)
Patch Set: Created 10 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/base/x509_certificate.h » ('j') | net/base/x509_certificate.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/ssl_client_auth_handler.h" 5 #include "chrome/browser/ssl/ssl_client_auth_handler.h"
6 6
7 #import <SecurityInterface/SFChooseIdentityPanel.h> 7 #import <SecurityInterface/SFChooseIdentityPanel.h>
8 8
9 #include "app/l10n_util_mac.h" 9 #include "app/l10n_util_mac.h"
10 #include "base/scoped_cftyperef.h" 10 #include "base/scoped_cftyperef.h"
11 #include "base/scoped_nsobject.h" 11 #include "base/scoped_nsobject.h"
12 #include "base/string_util.h" 12 #include "base/string_util.h"
13 #include "base/sys_string_conversions.h"
13 #include "chrome/browser/chrome_thread.h" 14 #include "chrome/browser/chrome_thread.h"
14 #include "grit/generated_resources.h" 15 #include "grit/generated_resources.h"
15 #include "net/base/x509_certificate.h" 16 #include "net/base/x509_certificate.h"
16 17
17 void SSLClientAuthHandler::DoSelectCertificate() { 18 void SSLClientAuthHandler::DoSelectCertificate() {
18 net::X509Certificate* cert = NULL; 19 net::X509Certificate* cert = NULL;
19 // Create an array of CFIdentityRefs for the certificates: 20 // Create an array of CFIdentityRefs for the certificates:
20 size_t num_certs = cert_request_info_->client_certs.size(); 21 size_t num_certs = cert_request_info_->client_certs.size();
21 NSMutableArray* identities = [NSMutableArray arrayWithCapacity:num_certs]; 22 NSMutableArray* identities = [NSMutableArray arrayWithCapacity:num_certs];
22 for (size_t i = 0; i < num_certs; ++i) { 23 for (size_t i = 0; i < num_certs; ++i) {
23 SecCertificateRef cert; 24 SecCertificateRef cert;
24 cert = cert_request_info_->client_certs[i]->os_cert_handle(); 25 cert = cert_request_info_->client_certs[i]->os_cert_handle();
25 SecIdentityRef identity; 26 SecIdentityRef identity;
26 if (SecIdentityCreateWithCertificate(NULL, cert, &identity) == noErr) { 27 if (SecIdentityCreateWithCertificate(NULL, cert, &identity) == noErr) {
27 [identities addObject:(id)identity]; 28 [identities addObject:(id)identity];
28 CFRelease(identity); 29 CFRelease(identity);
29 } 30 }
30 } 31 }
31 32
32 // Get the message to display: 33 // Get the message to display:
33 NSString* title = l10n_util::GetNSString(IDS_CLIENT_CERT_DIALOG_TITLE); 34 NSString* title = l10n_util::GetNSString(IDS_CLIENT_CERT_DIALOG_TITLE);
34 NSString* message = l10n_util::GetNSStringF( 35 NSString* message = l10n_util::GetNSStringF(
35 IDS_CLIENT_CERT_DIALOG_TEXT, 36 IDS_CLIENT_CERT_DIALOG_TEXT,
36 ASCIIToUTF16(cert_request_info_->host_and_port)); 37 ASCIIToUTF16(cert_request_info_->host_and_port));
37 38
38 // Create and set up a system choose-identity panel. 39 // Create and set up a system choose-identity panel.
39 scoped_nsobject<SFChooseIdentityPanel> panel ( 40 scoped_nsobject<SFChooseIdentityPanel> panel (
40 [[SFChooseIdentityPanel alloc] init]); 41 [[SFChooseIdentityPanel alloc] init]);
42 NSString* domain = base::SysUTF8ToNSString(
43 "https://" + cert_request_info_->host_and_port);
44 [panel setDomain:domain];
wtc 2010/02/24 01:44:51 Does this call SecIdentitySetPreference under the
41 [panel setInformativeText:message]; 45 [panel setInformativeText:message];
42 [panel setAlternateButtonTitle:l10n_util::GetNSString(IDS_CANCEL)]; 46 [panel setAlternateButtonTitle:l10n_util::GetNSString(IDS_CANCEL)];
43 SecPolicyRef sslPolicy; 47 SecPolicyRef sslPolicy;
44 if (net::X509Certificate::CreateSSLClientPolicy(&sslPolicy) == noErr) { 48 if (net::X509Certificate::CreateSSLClientPolicy(&sslPolicy) == noErr) {
45 [panel setPolicies:(id)sslPolicy]; 49 [panel setPolicies:(id)sslPolicy];
46 CFRelease(sslPolicy); 50 CFRelease(sslPolicy);
47 } 51 }
48 52
49 // Run the panel, modally. 53 // Run the panel, modally.
50 // TODO(snej): Change this into a sheet so it doesn't block the runloop! 54 // TODO(snej): Change this into a sheet so it doesn't block the runloop!
51 if ([panel runModalForIdentities:identities message:title] == NSOKButton) { 55 if ([panel runModalForIdentities:identities message:title] == NSOKButton) {
52 NSUInteger index = [identities indexOfObject:(id)[panel identity]]; 56 NSUInteger index = [identities indexOfObject:(id)[panel identity]];
53 DCHECK(index != NSNotFound); 57 DCHECK(index != NSNotFound);
54 cert = cert_request_info_->client_certs[index]; 58 cert = cert_request_info_->client_certs[index];
55 } 59 }
56 60
57 // Finally, tell the back end which identity (or none) the user selected. 61 // Finally, tell the back end which identity (or none) the user selected.
58 CertificateSelected(cert); 62 CertificateSelected(cert);
59 } 63 }
OLDNEW
« no previous file with comments | « no previous file | net/base/x509_certificate.h » ('j') | net/base/x509_certificate.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698