| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/cros/cert_library.h" | 5 #include "chrome/browser/chromeos/cros/cert_library.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/chromeos/chromeos_version.h" | 9 #include "base/chromeos/chromeos_version.h" |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| (...skipping 10 matching lines...) Expand all Loading... |
| 21 #include "chrome/common/net/x509_certificate_model.h" | 21 #include "chrome/common/net/x509_certificate_model.h" |
| 22 #include "chromeos/dbus/cryptohome_client.h" | 22 #include "chromeos/dbus/cryptohome_client.h" |
| 23 #include "chromeos/dbus/dbus_thread_manager.h" | 23 #include "chromeos/dbus/dbus_thread_manager.h" |
| 24 #include "content/public/browser/browser_thread.h" | 24 #include "content/public/browser/browser_thread.h" |
| 25 #include "crypto/encryptor.h" | 25 #include "crypto/encryptor.h" |
| 26 #include "crypto/nss_util.h" | 26 #include "crypto/nss_util.h" |
| 27 #include "crypto/sha2.h" | 27 #include "crypto/sha2.h" |
| 28 #include "crypto/symmetric_key.h" | 28 #include "crypto/symmetric_key.h" |
| 29 #include "grit/generated_resources.h" | 29 #include "grit/generated_resources.h" |
| 30 #include "net/base/cert_database.h" | 30 #include "net/base/cert_database.h" |
| 31 #include "net/base/nss_cert_database.h" |
| 31 #include "ui/base/l10n/l10n_util.h" | 32 #include "ui/base/l10n/l10n_util.h" |
| 32 #include "ui/base/l10n/l10n_util_collator.h" | 33 #include "ui/base/l10n/l10n_util_collator.h" |
| 33 #include "unicode/coll.h" // icu::Collator | 34 #include "unicode/coll.h" // icu::Collator |
| 34 | 35 |
| 35 using content::BrowserThread; | 36 using content::BrowserThread; |
| 36 | 37 |
| 37 namespace chromeos { | 38 namespace chromeos { |
| 38 | 39 |
| 39 namespace { | 40 namespace { |
| 40 | 41 |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 121 user_logged_in_(false), | 122 user_logged_in_(false), |
| 122 certificates_requested_(false), | 123 certificates_requested_(false), |
| 123 certificates_loaded_(false), | 124 certificates_loaded_(false), |
| 124 key_store_loaded_(false), | 125 key_store_loaded_(false), |
| 125 ALLOW_THIS_IN_INITIALIZER_LIST(certs_(this)), | 126 ALLOW_THIS_IN_INITIALIZER_LIST(certs_(this)), |
| 126 ALLOW_THIS_IN_INITIALIZER_LIST(user_certs_(this)), | 127 ALLOW_THIS_IN_INITIALIZER_LIST(user_certs_(this)), |
| 127 ALLOW_THIS_IN_INITIALIZER_LIST(server_certs_(this)), | 128 ALLOW_THIS_IN_INITIALIZER_LIST(server_certs_(this)), |
| 128 ALLOW_THIS_IN_INITIALIZER_LIST(server_ca_certs_(this)), | 129 ALLOW_THIS_IN_INITIALIZER_LIST(server_ca_certs_(this)), |
| 129 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)) { | 130 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)) { |
| 130 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 131 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 131 net::CertDatabase::AddObserver(this); | 132 net::CertDatabase cert_db; |
| 133 cert_db.AddObserver(this); |
| 132 } | 134 } |
| 133 | 135 |
| 134 ~CertLibraryImpl() { | 136 ~CertLibraryImpl() { |
| 135 DCHECK(request_task_.is_null()); | 137 DCHECK(request_task_.is_null()); |
| 136 net::CertDatabase::RemoveObserver(this); | 138 net::CertDatabase cert_db; |
| 139 cert_db.RemoveObserver(this); |
| 137 } | 140 } |
| 138 | 141 |
| 139 // CertLibrary implementation. | 142 // CertLibrary implementation. |
| 140 virtual void AddObserver(CertLibrary::Observer* observer) OVERRIDE { | 143 virtual void AddObserver(CertLibrary::Observer* observer) OVERRIDE { |
| 141 observer_list_->AddObserver(observer); | 144 observer_list_->AddObserver(observer); |
| 142 } | 145 } |
| 143 | 146 |
| 144 virtual void RemoveObserver(CertLibrary::Observer* observer) OVERRIDE { | 147 virtual void RemoveObserver(CertLibrary::Observer* observer) OVERRIDE { |
| 145 observer_list_->RemoveObserver(observer); | 148 observer_list_->RemoveObserver(observer); |
| 146 } | 149 } |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 235 return DecryptTokenWithKey(supplemental_user_key_.get(), | 238 return DecryptTokenWithKey(supplemental_user_key_.get(), |
| 236 CrosLibrary::Get()->GetCryptohomeLibrary()->GetSystemSalt(), | 239 CrosLibrary::Get()->GetCryptohomeLibrary()->GetSystemSalt(), |
| 237 encrypted_token_hex); | 240 encrypted_token_hex); |
| 238 } | 241 } |
| 239 | 242 |
| 240 // net::CertDatabase::Observer implementation. Observer added on UI thread. | 243 // net::CertDatabase::Observer implementation. Observer added on UI thread. |
| 241 virtual void OnCertTrustChanged(const net::X509Certificate* cert) OVERRIDE { | 244 virtual void OnCertTrustChanged(const net::X509Certificate* cert) OVERRIDE { |
| 242 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 245 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 243 } | 246 } |
| 244 | 247 |
| 245 virtual void OnUserCertAdded(const net::X509Certificate* cert) OVERRIDE { | 248 virtual void OnCertAdded(const net::X509Certificate* cert) OVERRIDE { |
| 246 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 249 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 247 // Only load certificates if we have completed an initial request. | 250 // Only load certificates if we have completed an initial request. |
| 248 if (certificates_loaded_) { | 251 if (certificates_loaded_) { |
| 249 BrowserThread::PostTask( | 252 BrowserThread::PostTask( |
| 250 BrowserThread::DB, FROM_HERE, | 253 BrowserThread::DB, FROM_HERE, |
| 251 base::Bind(&CertLibraryImpl::LoadCertificates, | 254 base::Bind(&CertLibraryImpl::LoadCertificates, |
| 252 base::Unretained(this))); | 255 base::Unretained(this))); |
| 253 } | 256 } |
| 254 } | 257 } |
| 255 | 258 |
| 256 virtual void OnUserCertRemoved(const net::X509Certificate* cert) OVERRIDE { | 259 virtual void OnCertRemoved(const net::X509Certificate* cert) OVERRIDE { |
| 257 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 260 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 258 // Only load certificates if we have completed an initial request. | 261 // Only load certificates if we have completed an initial request. |
| 259 if (certificates_loaded_) { | 262 if (certificates_loaded_) { |
| 260 BrowserThread::PostTask( | 263 BrowserThread::PostTask( |
| 261 BrowserThread::DB, FROM_HERE, | 264 BrowserThread::DB, FROM_HERE, |
| 262 base::Bind(&CertLibraryImpl::LoadCertificates, | 265 base::Bind(&CertLibraryImpl::LoadCertificates, |
| 263 base::Unretained(this))); | 266 base::Unretained(this))); |
| 264 } | 267 } |
| 265 } | 268 } |
| 266 | 269 |
| 267 virtual const std::string& GetTpmTokenName() const OVERRIDE { | 270 virtual const std::string& GetTpmTokenName() const OVERRIDE { |
| 268 return tpm_token_name_; | 271 return tpm_token_name_; |
| 269 } | 272 } |
| 270 | 273 |
| 271 private: | 274 private: |
| 272 void LoadCertificates() { | 275 void LoadCertificates() { |
| 273 VLOG(1) << " Loading Certificates."; | 276 VLOG(1) << " Loading Certificates."; |
| 274 // Certificate fetch occurs on the DB thread. | 277 // Certificate fetch occurs on the DB thread. |
| 275 CHECK(BrowserThread::CurrentlyOn(BrowserThread::DB)); | 278 CHECK(BrowserThread::CurrentlyOn(BrowserThread::DB)); |
| 276 net::CertDatabase cert_db; | 279 net::NSSCertDatabase cert_db; |
| 277 net::CertificateList* cert_list = new net::CertificateList(); | 280 net::CertificateList* cert_list = new net::CertificateList(); |
| 278 cert_db.ListCerts(cert_list); | 281 cert_db.ListCerts(cert_list); |
| 279 // Pass the list to the UI thread to safely update the local lists. | 282 // Pass the list to the UI thread to safely update the local lists. |
| 280 BrowserThread::PostTask( | 283 BrowserThread::PostTask( |
| 281 BrowserThread::UI, FROM_HERE, | 284 BrowserThread::UI, FROM_HERE, |
| 282 base::Bind(&CertLibraryImpl::UpdateCertificates, | 285 base::Bind(&CertLibraryImpl::UpdateCertificates, |
| 283 base::Unretained(this), cert_list)); | 286 base::Unretained(this), cert_list)); |
| 284 } | 287 } |
| 285 | 288 |
| 286 // Comparison functor for locale-sensitive sorting of certificates by name. | 289 // Comparison functor for locale-sensitive sorting of certificates by name. |
| (...skipping 317 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 604 net::X509Certificate* cert = GetCertificateAt(index); | 607 net::X509Certificate* cert = GetCertificateAt(index); |
| 605 net::X509Certificate::OSCertHandle cert_handle = cert->os_cert_handle(); | 608 net::X509Certificate::OSCertHandle cert_handle = cert->os_cert_handle(); |
| 606 std::string id = x509_certificate_model::GetPkcs11Id(cert_handle); | 609 std::string id = x509_certificate_model::GetPkcs11Id(cert_handle); |
| 607 if (id == pkcs11_id) | 610 if (id == pkcs11_id) |
| 608 return index; | 611 return index; |
| 609 } | 612 } |
| 610 return -1; // Not found. | 613 return -1; // Not found. |
| 611 } | 614 } |
| 612 | 615 |
| 613 } // chromeos | 616 } // chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10916094:
Move the NSS functions out of CertDatabase into a new NSSCertDatabase class. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src