OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/cert_database.h" | 5 #include "net/base/cert_database.h" |
6 | 6 |
7 #include <cert.h> | 7 #include <cert.h> |
8 #include <certdb.h> | 8 #include <certdb.h> |
9 #include <keyhi.h> | 9 #include <keyhi.h> |
10 #include <pk11pub.h> | 10 #include <pk11pub.h> |
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
69 slot = PK11_ImportCertForKey( | 69 slot = PK11_ImportCertForKey( |
70 cert, | 70 cert, |
71 cert_obj->GetDefaultNickname(net::USER_CERT).c_str(), | 71 cert_obj->GetDefaultNickname(net::USER_CERT).c_str(), |
72 NULL); | 72 NULL); |
73 } | 73 } |
74 | 74 |
75 if (!slot) { | 75 if (!slot) { |
76 LOG(ERROR) << "Couldn't import user certificate."; | 76 LOG(ERROR) << "Couldn't import user certificate."; |
77 return ERR_ADD_USER_CERT_FAILED; | 77 return ERR_ADD_USER_CERT_FAILED; |
78 } | 78 } |
| 79 const X509Certificate::OSCertHandles& intermediate_certs = |
| 80 cert_obj->GetIntermediateCertificates(); |
| 81 for (size_t i = 0; i < intermediate_certs.size(); ++i) { |
| 82 CERTCertificate* intermediate_cert = intermediate_certs[i]; |
| 83 // TODO(wtc): skip intermediate_cert if it is a self-signed root cert? |
| 84 // It is not useful to import a root cert without trust settings. |
| 85 char* nickname = CERT_MakeCANickname(intermediate_cert); |
| 86 PK11_ImportCert(slot, intermediate_cert, CK_INVALID_HANDLE, nickname, |
| 87 PR_FALSE); |
| 88 PORT_Free(nickname); |
| 89 } |
79 PK11_FreeSlot(slot); | 90 PK11_FreeSlot(slot); |
80 CertDatabase::NotifyObserversOfUserCertAdded(cert_obj); | 91 CertDatabase::NotifyObserversOfUserCertAdded(cert_obj); |
81 return OK; | 92 return OK; |
82 } | 93 } |
83 | 94 |
84 void CertDatabase::ListCerts(CertificateList* certs) { | 95 void CertDatabase::ListCerts(CertificateList* certs) { |
85 certs->clear(); | 96 certs->clear(); |
86 | 97 |
87 CERTCertList* cert_list = PK11_ListCerts(PK11CertListUnique, NULL); | 98 CERTCertList* cert_list = PK11_ListCerts(PK11CertListUnique, NULL); |
88 CERTCertListNode* node; | 99 CERTCertListNode* node; |
(...skipping 224 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
313 | 324 |
314 return true; | 325 return true; |
315 } | 326 } |
316 | 327 |
317 bool CertDatabase::IsReadOnly(const X509Certificate* cert) const { | 328 bool CertDatabase::IsReadOnly(const X509Certificate* cert) const { |
318 PK11SlotInfo* slot = cert->os_cert_handle()->slot; | 329 PK11SlotInfo* slot = cert->os_cert_handle()->slot; |
319 return slot && PK11_IsReadOnly(slot); | 330 return slot && PK11_IsReadOnly(slot); |
320 } | 331 } |
321 | 332 |
322 } // namespace net | 333 } // namespace net |
OLD | NEW |