Chromium Code Reviews Chromium Code Reviews
Issue 1141253003:
chrome.platformKeys: Add filtering by certificate types (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" | 5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" |
| 6 | 6 |
| 7 #include <cert.h> | 7 #include <cert.h> |
| 8 #include <cryptohi.h> | 8 #include <cryptohi.h> |
| 9 #include <keyhi.h> | 9 #include <keyhi.h> |
| 10 #include <secder.h> | 10 #include <secder.h> |
| (...skipping 740 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 751 // Get the pointer to |state| before base::Passed releases |state|. | 751 // Get the pointer to |state| before base::Passed releases |state|. |
| 752 NSSOperationState* state_ptr = state.get(); | 752 NSSOperationState* state_ptr = state.get(); |
| 753 | 753 |
| 754 // The NSSCertDatabase object is not required. But in case it's not available | 754 // The NSSCertDatabase object is not required. But in case it's not available |
| 755 // we would get more informative error messages and we can double check that | 755 // we would get more informative error messages and we can double check that |
| 756 // we use a key of the correct token. | 756 // we use a key of the correct token. |
| 757 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)), | 757 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)), |
| 758 browser_context, state_ptr); | 758 browser_context, state_ptr); |
| 759 } | 759 } |
| 760 | 760 |
| 761 void SelectClientCertificates(const ClientCertificateRequest& request, | 761 void SelectClientCertificates(const ClientCertificateRequest& request, |
|
pneubeck (no reviews)
2015/05/19 10:09:00
please check and update the documentation of this
cschuet (SLOW)
2015/05/19 11:36:23
Done.
| |
| 762 const SelectCertificatesCallback& callback, | 762 const SelectCertificatesCallback& callback, |
| 763 content::BrowserContext* browser_context) { | 763 content::BrowserContext* browser_context) { |
| 764 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 764 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 765 | 765 |
| 766 scoped_refptr<net::SSLCertRequestInfo> cert_request_info( | 766 scoped_refptr<net::SSLCertRequestInfo> cert_request_info( |
| 767 new net::SSLCertRequestInfo); | 767 new net::SSLCertRequestInfo); |
| 768 cert_request_info->cert_key_types = request.certificate_key_types; | 768 |
| 769 // Currently we omit passing down the requested certificate type to the NSS | |
|
pneubeck (no reviews)
2015/05/19 10:09:00
s/NSS/net/
cschuet (SLOW)
2015/05/19 11:36:23
Done.
| |
| 770 // layer, as NSS does not support filtering certificates by type. Rather we | |
|
pneubeck (no reviews)
2015/05/19 10:09:00
s/NSS/it/
cschuet (SLOW)
2015/05/19 11:36:23
Done.
| |
| 771 // retrieve certificates of all types and perform the filtering in | |
| 772 // PlaformKeysService::GotMatchingCerts(). | |
|
pneubeck (no reviews)
2015/05/19 10:09:00
... of all type and the caller has to apply filter
cschuet (SLOW)
2015/05/19 11:36:23
Done.
| |
| 769 cert_request_info->cert_authorities = request.certificate_authorities; | 773 cert_request_info->cert_authorities = request.certificate_authorities; |
| 770 | 774 |
| 771 const user_manager::User* user = | 775 const user_manager::User* user = |
| 772 chromeos::ProfileHelper::Get()->GetUserByProfile( | 776 chromeos::ProfileHelper::Get()->GetUserByProfile( |
| 773 Profile::FromBrowserContext(browser_context)); | 777 Profile::FromBrowserContext(browser_context)); |
| 774 | 778 |
| 775 // Use the device-wide system key slot only if the user is of the same | 779 // Use the device-wide system key slot only if the user is of the same |
| 776 // domain as the device is registered to. | 780 // domain as the device is registered to. |
| 777 policy::BrowserPolicyConnectorChromeOS* connector = | 781 policy::BrowserPolicyConnectorChromeOS* connector = |
| 778 g_browser_process->platform_part()->browser_policy_connector_chromeos(); | 782 g_browser_process->platform_part()->browser_policy_connector_chromeos(); |
| (...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 888 NSSOperationState* state_ptr = state.get(); | 892 NSSOperationState* state_ptr = state.get(); |
| 889 GetCertDatabase(std::string() /* don't get any specific slot */, | 893 GetCertDatabase(std::string() /* don't get any specific slot */, |
| 890 base::Bind(&GetTokensWithDB, base::Passed(&state)), | 894 base::Bind(&GetTokensWithDB, base::Passed(&state)), |
| 891 browser_context, | 895 browser_context, |
| 892 state_ptr); | 896 state_ptr); |
| 893 } | 897 } |
| 894 | 898 |
| 895 } // namespace platform_keys | 899 } // namespace platform_keys |
| 896 | 900 |
| 897 } // namespace chromeos | 901 } // namespace chromeos |
| OLD | NEW |
