Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(70)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/platform_keys/platform_keys_nss.cc

Issue 1141253003: chrome.platformKeys: Add filtering by certificate types (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: addressed pneubeck's comments Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/chromeos/platform_keys/platform_keys.h ('k') | chrome/browser/chromeos/platform_keys/platform_keys_service.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" 5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h"
6 6
7 #include <cert.h> 7 #include <cert.h>
8 #include <cryptohi.h> 8 #include <cryptohi.h>
9 #include <keyhi.h> 9 #include <keyhi.h>
10 #include <secder.h> 10 #include <secder.h>
(...skipping 740 matching lines...) Expand 10 before | Expand all | Expand 10 after
751 // Get the pointer to |state| before base::Passed releases |state|. 751 // Get the pointer to |state| before base::Passed releases |state|.
752 NSSOperationState* state_ptr = state.get(); 752 NSSOperationState* state_ptr = state.get();
753 753
754 // The NSSCertDatabase object is not required. But in case it's not available 754 // The NSSCertDatabase object is not required. But in case it's not available
755 // we would get more informative error messages and we can double check that 755 // we would get more informative error messages and we can double check that
756 // we use a key of the correct token. 756 // we use a key of the correct token.
757 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)), 757 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)),
758 browser_context, state_ptr); 758 browser_context, state_ptr);
759 } 759 }
760 760
761 void SelectClientCertificates(const ClientCertificateRequest& request, 761 void SelectClientCertificates(
762 const SelectCertificatesCallback& callback, 762 const std::vector<std::string>& certificate_authorities,
763 content::BrowserContext* browser_context) { 763 const SelectCertificatesCallback& callback,
764 content::BrowserContext* browser_context) {
764 DCHECK_CURRENTLY_ON(BrowserThread::UI); 765 DCHECK_CURRENTLY_ON(BrowserThread::UI);
765 766
766 scoped_refptr<net::SSLCertRequestInfo> cert_request_info( 767 scoped_refptr<net::SSLCertRequestInfo> cert_request_info(
767 new net::SSLCertRequestInfo); 768 new net::SSLCertRequestInfo);
768 cert_request_info->cert_key_types = request.certificate_key_types; 769
769 cert_request_info->cert_authorities = request.certificate_authorities; 770 // Currently we do not pass down the requested certificate type to the net
771 // layer, as it does not support filtering certificates by type. Rather, we
772 // do not constrain the certificate type here, instead the caller has to apply
773 // filtering afterwards.
774 cert_request_info->cert_authorities = certificate_authorities;
770 775
771 const user_manager::User* user = 776 const user_manager::User* user =
772 chromeos::ProfileHelper::Get()->GetUserByProfile( 777 chromeos::ProfileHelper::Get()->GetUserByProfile(
773 Profile::FromBrowserContext(browser_context)); 778 Profile::FromBrowserContext(browser_context));
774 779
775 // Use the device-wide system key slot only if the user is of the same 780 // Use the device-wide system key slot only if the user is of the same
776 // domain as the device is registered to. 781 // domain as the device is registered to.
777 policy::BrowserPolicyConnectorChromeOS* connector = 782 policy::BrowserPolicyConnectorChromeOS* connector =
778 g_browser_process->platform_part()->browser_policy_connector_chromeos(); 783 g_browser_process->platform_part()->browser_policy_connector_chromeos();
779 bool use_system_key_slot = connector->GetUserAffiliation(user->email()) == 784 bool use_system_key_slot = connector->GetUserAffiliation(user->email()) ==
(...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after
888 NSSOperationState* state_ptr = state.get(); 893 NSSOperationState* state_ptr = state.get();
889 GetCertDatabase(std::string() /* don't get any specific slot */, 894 GetCertDatabase(std::string() /* don't get any specific slot */,
890 base::Bind(&GetTokensWithDB, base::Passed(&state)), 895 base::Bind(&GetTokensWithDB, base::Passed(&state)),
891 browser_context, 896 browser_context,
892 state_ptr); 897 state_ptr);
893 } 898 }
894 899
895 } // namespace platform_keys 900 } // namespace platform_keys
896 901
897 } // namespace chromeos 902 } // namespace chromeos
OLDNEW
« no previous file with comments | « chrome/browser/chromeos/platform_keys/platform_keys.h ('k') | chrome/browser/chromeos/platform_keys/platform_keys_service.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698