Chromium Code Reviews Chromium Code Reviews
Issue 1423333006:
Adding User Certificate (.crt) Import to Certificate Manager (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/options/certificate_manager_handler.h" | 5 #include "chrome/browser/ui/webui/options/certificate_manager_handler.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <map> | 8 #include <map> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 691 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 702 ui::SelectFileDialog::FileTypeInfo file_type_info; | 702 ui::SelectFileDialog::FileTypeInfo file_type_info; |
| 703 if (!args->GetBoolean(0, &use_hardware_backed_)) { | 703 if (!args->GetBoolean(0, &use_hardware_backed_)) { |
| 704 // Unable to retrieve the hardware backed attribute from the args, | 704 // Unable to retrieve the hardware backed attribute from the args, |
| 705 // so bail. | 705 // so bail. |
| 706 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); | 706 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); |
| 707 ImportExportCleanup(); | 707 ImportExportCleanup(); |
| 708 return; | 708 return; |
| 709 } | 709 } |
| 710 file_type_info.extensions.resize(1); | 710 file_type_info.extensions.resize(1); |
| 711 file_type_info.extensions[0].push_back(FILE_PATH_LITERAL("p12")); | 711 file_type_info.extensions[0].push_back(FILE_PATH_LITERAL("p12")); |
| 712 file_type_info.extensions[0].push_back(FILE_PATH_LITERAL("crt")); | |
| 712 file_type_info.extension_description_overrides.push_back( | 713 file_type_info.extension_description_overrides.push_back( |
| 713 l10n_util::GetStringUTF16(IDS_CERT_MANAGER_PKCS12_FILES)); | 714 l10n_util::GetStringUTF16(IDS_CERT_USAGE_SSL_CLIENT)); |
| 714 file_type_info.include_all_files = true; | 715 file_type_info.include_all_files = true; |
| 715 select_file_dialog_ = ui::SelectFileDialog::Create( | 716 select_file_dialog_ = ui::SelectFileDialog::Create( |
| 716 this, new ChromeSelectFilePolicy(web_ui()->GetWebContents())); | 717 this, new ChromeSelectFilePolicy(web_ui()->GetWebContents())); |
| 717 select_file_dialog_->SelectFile( | 718 select_file_dialog_->SelectFile( |
| 718 ui::SelectFileDialog::SELECT_OPEN_FILE, base::string16(), | 719 ui::SelectFileDialog::SELECT_OPEN_FILE, base::string16(), |
| 719 base::FilePath(), &file_type_info, 1, FILE_PATH_LITERAL("p12"), | 720 base::FilePath(), &file_type_info, 1, FILE_PATH_LITERAL("p12"), |
| 720 GetParentWindow(), | 721 GetParentWindow(), |
| 721 reinterpret_cast<void*>(IMPORT_PERSONAL_FILE_SELECTED)); | 722 reinterpret_cast<void*>(IMPORT_PERSONAL_FILE_SELECTED)); |
| 722 } | 723 } |
| 723 | 724 |
| 724 void CertificateManagerHandler::ImportPersonalFileSelected( | 725 void CertificateManagerHandler::ImportPersonalFileSelected( |
| 725 const base::FilePath& path) { | 726 const base::FilePath& path) { |
| 726 file_path_ = path; | 727 file_path_ = path; |
| 727 web_ui()->CallJavascriptFunction( | 728 if (file_path_.MatchesExtension(FILE_PATH_LITERAL(".p12"))) { |
| 728 "CertificateManager.importPersonalAskPassword"); | 729 web_ui()->CallJavascriptFunction( |
| 730 "CertificateManager.importPersonalAskPassword"); | |
| 731 } else { | |
| 732 password_.clear(); | |
| 733 file_access_provider_->StartRead( | |
| 734 file_path_, | |
| 735 base::Bind(&CertificateManagerHandler::ImportPersonalFileRead, | |
| 736 base::Unretained(this)), | |
| 737 &tracker_); | |
| 738 } | |
| 729 } | 739 } |
| 730 | 740 |
| 731 void CertificateManagerHandler::ImportPersonalPasswordSelected( | 741 void CertificateManagerHandler::ImportPersonalPasswordSelected( |
| 732 const base::ListValue* args) { | 742 const base::ListValue* args) { |
| 733 if (!args->GetString(0, &password_)) { | 743 if (!args->GetString(0, &password_)) { |
| 734 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); | 744 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); |
| 735 ImportExportCleanup(); | 745 ImportExportCleanup(); |
| 736 return; | 746 return; |
| 737 } | 747 } |
| 738 file_access_provider_->StartRead( | 748 file_access_provider_->StartRead( |
| 739 file_path_, | 749 file_path_, |
| 740 base::Bind(&CertificateManagerHandler::ImportPersonalFileRead, | 750 base::Bind(&CertificateManagerHandler::ImportPersonalFileRead, |
| 741 base::Unretained(this)), | 751 base::Unretained(this)), |
| 742 &tracker_); | 752 &tracker_); |
| 743 } | 753 } |
| 744 | 754 |
| 745 void CertificateManagerHandler::ImportPersonalFileRead( | 755 void CertificateManagerHandler::ImportPersonalFileRead( |
| 746 const int* read_errno, const std::string* data) { | 756 const int* read_errno, const std::string* data) { |
| 747 if (*read_errno) { | 757 if (*read_errno) { |
| 748 ImportExportCleanup(); | 758 ImportExportCleanup(); |
| 749 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); | 759 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); |
| 750 ShowError( | 760 ShowError( |
| 751 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_IMPORT_ERROR_TITLE), | 761 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_IMPORT_ERROR_TITLE), |
|
mattm
2015/11/06 23:13:00
this would be the wrong message in the case of .cr
svaldez
2015/11/10 15:07:50
Done.
| |
| 752 l10n_util::GetStringFUTF8(IDS_CERT_MANAGER_READ_ERROR_FORMAT, | 762 l10n_util::GetStringFUTF8(IDS_CERT_MANAGER_READ_ERROR_FORMAT, |
| 753 UTF8ToUTF16( | 763 UTF8ToUTF16( |
| 754 base::safe_strerror(*read_errno)))); | 764 base::safe_strerror(*read_errno)))); |
| 755 return; | 765 return; |
| 756 } | 766 } |
| 757 | 767 |
| 758 file_data_ = *data; | 768 file_data_ = *data; |
| 759 | 769 |
| 760 if (use_hardware_backed_) { | 770 if (file_path_.MatchesExtension(FILE_PATH_LITERAL(".p12"))) { |
| 761 module_ = certificate_manager_model_->cert_db()->GetPrivateModule(); | 771 if (use_hardware_backed_) { |
| 772 module_ = certificate_manager_model_->cert_db()->GetPrivateModule(); | |
| 773 } else { | |
| 774 module_ = certificate_manager_model_->cert_db()->GetPublicModule(); | |
| 775 } | |
| 776 | |
| 777 net::CryptoModuleList modules; | |
| 778 modules.push_back(module_); | |
| 779 chrome::UnlockSlotsIfNecessary( | |
| 780 modules, | |
| 781 chrome::kCryptoModulePasswordCertImport, | |
| 782 net::HostPortPair(), // unused. | |
| 783 GetParentWindow(), | |
| 784 base::Bind(&CertificateManagerHandler::ImportPersonalSlotUnlocked, | |
| 785 base::Unretained(this))); | |
| 762 } else { | 786 } else { |
|
mattm
2015/11/06 23:12:59
This case needs to do the cleanup and overlay dism
svaldez
2015/11/10 15:07:50
Done.
| |
| 763 module_ = certificate_manager_model_->cert_db()->GetPublicModule(); | 787 int result = certificate_manager_model_->ImportUserCert(file_data_); |
| 788 int string_id; | |
| 789 switch (result) { | |
| 790 case net::OK: | |
| 791 return; | |
| 792 case net::ERR_NO_PRIVATE_KEY_FOR_CERT: | |
| 793 string_id = IDS_CERT_MANAGER_IMPORT_MISSING_KEY; | |
| 794 break; | |
| 795 case net::ERR_CERT_INVALID: | |
| 796 string_id = IDS_CERT_MANAGER_READ_ERROR_FORMAT; | |
| 797 break; | |
| 798 default: | |
| 799 string_id = IDS_CERT_MANAGER_UNKNOWN_ERROR; | |
| 800 break; | |
| 801 } | |
| 802 ShowError( | |
| 803 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_IMPORT_ERROR_TITLE), | |
|
mattm
2015/11/06 23:13:00
same comment as above
svaldez
2015/11/10 15:07:50
Done.
| |
| 804 l10n_util::GetStringUTF8(string_id)); | |
| 764 } | 805 } |
| 765 | |
| 766 net::CryptoModuleList modules; | |
| 767 modules.push_back(module_); | |
| 768 chrome::UnlockSlotsIfNecessary( | |
| 769 modules, | |
| 770 chrome::kCryptoModulePasswordCertImport, | |
| 771 net::HostPortPair(), // unused. | |
| 772 GetParentWindow(), | |
| 773 base::Bind(&CertificateManagerHandler::ImportPersonalSlotUnlocked, | |
| 774 base::Unretained(this))); | |
| 775 } | 806 } |
| 776 | 807 |
| 777 void CertificateManagerHandler::ImportPersonalSlotUnlocked() { | 808 void CertificateManagerHandler::ImportPersonalSlotUnlocked() { |
| 778 // Determine if the private key should be unextractable after the import. | 809 // Determine if the private key should be unextractable after the import. |
| 779 // We do this by checking the value of |use_hardware_backed_| which is set | 810 // We do this by checking the value of |use_hardware_backed_| which is set |
| 780 // to true if importing into a hardware module. Currently, this only happens | 811 // to true if importing into a hardware module. Currently, this only happens |
| 781 // for Chrome OS when the "Import and Bind" option is chosen. | 812 // for Chrome OS when the "Import and Bind" option is chosen. |
| 782 bool is_extractable = !use_hardware_backed_; | 813 bool is_extractable = !use_hardware_backed_; |
| 783 int result = certificate_manager_model_->ImportFromPKCS12( | 814 int result = certificate_manager_model_->ImportFromPKCS12( |
| 784 module_.get(), file_data_, password_, is_extractable); | 815 module_.get(), file_data_, password_, is_extractable); |
| (...skipping 368 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1153 title_value, | 1184 title_value, |
| 1154 error_value, | 1185 error_value, |
| 1155 cert_error_list); | 1186 cert_error_list); |
| 1156 } | 1187 } |
| 1157 | 1188 |
| 1158 gfx::NativeWindow CertificateManagerHandler::GetParentWindow() const { | 1189 gfx::NativeWindow CertificateManagerHandler::GetParentWindow() const { |
| 1159 return web_ui()->GetWebContents()->GetTopLevelNativeWindow(); | 1190 return web_ui()->GetWebContents()->GetTopLevelNativeWindow(); |
| 1160 } | 1191 } |
| 1161 | 1192 |
| 1162 } // namespace options | 1193 } // namespace options |
| OLD | NEW |
