| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/options/certificate_manager_handler.h" | 5 #include "chrome/browser/ui/webui/options/certificate_manager_handler.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 | 8 |
| 9 #include <algorithm> | 9 #include <algorithm> |
| 10 #include <map> | 10 #include <map> |
| (...skipping 693 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 704 ui::SelectFileDialog::FileTypeInfo file_type_info; | 704 ui::SelectFileDialog::FileTypeInfo file_type_info; |
| 705 if (!args->GetBoolean(0, &use_hardware_backed_)) { | 705 if (!args->GetBoolean(0, &use_hardware_backed_)) { |
| 706 // Unable to retrieve the hardware backed attribute from the args, | 706 // Unable to retrieve the hardware backed attribute from the args, |
| 707 // so bail. | 707 // so bail. |
| 708 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); | 708 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); |
| 709 ImportExportCleanup(); | 709 ImportExportCleanup(); |
| 710 return; | 710 return; |
| 711 } | 711 } |
| 712 file_type_info.extensions.resize(1); | 712 file_type_info.extensions.resize(1); |
| 713 file_type_info.extensions[0].push_back(FILE_PATH_LITERAL("p12")); | 713 file_type_info.extensions[0].push_back(FILE_PATH_LITERAL("p12")); |
| 714 file_type_info.extensions[0].push_back(FILE_PATH_LITERAL("crt")); |
| 714 file_type_info.extension_description_overrides.push_back( | 715 file_type_info.extension_description_overrides.push_back( |
| 715 l10n_util::GetStringUTF16(IDS_CERT_MANAGER_PKCS12_FILES)); | 716 l10n_util::GetStringUTF16(IDS_CERT_USAGE_SSL_CLIENT)); |
| 716 file_type_info.include_all_files = true; | 717 file_type_info.include_all_files = true; |
| 717 select_file_dialog_ = ui::SelectFileDialog::Create( | 718 select_file_dialog_ = ui::SelectFileDialog::Create( |
| 718 this, new ChromeSelectFilePolicy(web_ui()->GetWebContents())); | 719 this, new ChromeSelectFilePolicy(web_ui()->GetWebContents())); |
| 719 select_file_dialog_->SelectFile( | 720 select_file_dialog_->SelectFile( |
| 720 ui::SelectFileDialog::SELECT_OPEN_FILE, base::string16(), | 721 ui::SelectFileDialog::SELECT_OPEN_FILE, base::string16(), |
| 721 base::FilePath(), &file_type_info, 1, FILE_PATH_LITERAL("p12"), | 722 base::FilePath(), &file_type_info, 1, FILE_PATH_LITERAL("p12"), |
| 722 GetParentWindow(), | 723 GetParentWindow(), |
| 723 reinterpret_cast<void*>(IMPORT_PERSONAL_FILE_SELECTED)); | 724 reinterpret_cast<void*>(IMPORT_PERSONAL_FILE_SELECTED)); |
| 724 } | 725 } |
| 725 | 726 |
| 726 void CertificateManagerHandler::ImportPersonalFileSelected( | 727 void CertificateManagerHandler::ImportPersonalFileSelected( |
| 727 const base::FilePath& path) { | 728 const base::FilePath& path) { |
| 728 file_path_ = path; | 729 file_path_ = path; |
| 729 web_ui()->CallJavascriptFunction( | 730 if (file_path_.MatchesExtension(FILE_PATH_LITERAL(".p12"))) { |
| 730 "CertificateManager.importPersonalAskPassword"); | 731 web_ui()->CallJavascriptFunction( |
| 732 "CertificateManager.importPersonalAskPassword"); |
| 733 return; |
| 734 } |
| 735 |
| 736 // Non .p12 files are treated as unencrypted certificates. |
| 737 password_.clear(); |
| 738 file_access_provider_->StartRead( |
| 739 file_path_, |
| 740 base::Bind(&CertificateManagerHandler::ImportPersonalFileRead, |
| 741 base::Unretained(this)), |
| 742 &tracker_); |
| 731 } | 743 } |
| 732 | 744 |
| 733 void CertificateManagerHandler::ImportPersonalPasswordSelected( | 745 void CertificateManagerHandler::ImportPersonalPasswordSelected( |
| 734 const base::ListValue* args) { | 746 const base::ListValue* args) { |
| 735 if (!args->GetString(0, &password_)) { | 747 if (!args->GetString(0, &password_)) { |
| 736 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); | 748 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); |
| 737 ImportExportCleanup(); | 749 ImportExportCleanup(); |
| 738 return; | 750 return; |
| 739 } | 751 } |
| 740 file_access_provider_->StartRead( | 752 file_access_provider_->StartRead( |
| 741 file_path_, | 753 file_path_, |
| 742 base::Bind(&CertificateManagerHandler::ImportPersonalFileRead, | 754 base::Bind(&CertificateManagerHandler::ImportPersonalFileRead, |
| 743 base::Unretained(this)), | 755 base::Unretained(this)), |
| 744 &tracker_); | 756 &tracker_); |
| 745 } | 757 } |
| 746 | 758 |
| 747 void CertificateManagerHandler::ImportPersonalFileRead( | 759 void CertificateManagerHandler::ImportPersonalFileRead( |
| 748 const int* read_errno, const std::string* data) { | 760 const int* read_errno, const std::string* data) { |
| 749 if (*read_errno) { | 761 if (*read_errno) { |
| 750 ImportExportCleanup(); | 762 ImportExportCleanup(); |
| 751 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); | 763 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); |
| 752 ShowError( | 764 ShowError( |
| 753 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_IMPORT_ERROR_TITLE), | 765 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_IMPORT_ERROR_TITLE), |
| 754 l10n_util::GetStringFUTF8(IDS_CERT_MANAGER_READ_ERROR_FORMAT, | 766 l10n_util::GetStringFUTF8(IDS_CERT_MANAGER_READ_ERROR_FORMAT, |
| 755 UTF8ToUTF16( | 767 UTF8ToUTF16( |
| 756 base::safe_strerror(*read_errno)))); | 768 base::safe_strerror(*read_errno)))); |
| 757 return; | 769 return; |
| 758 } | 770 } |
| 759 | 771 |
| 760 file_data_ = *data; | 772 file_data_ = *data; |
| 761 | 773 |
| 762 if (use_hardware_backed_) { | 774 if (file_path_.MatchesExtension(FILE_PATH_LITERAL(".p12"))) { |
| 763 module_ = certificate_manager_model_->cert_db()->GetPrivateModule(); | 775 if (use_hardware_backed_) { |
| 764 } else { | 776 module_ = certificate_manager_model_->cert_db()->GetPrivateModule(); |
| 765 module_ = certificate_manager_model_->cert_db()->GetPublicModule(); | 777 } else { |
| 778 module_ = certificate_manager_model_->cert_db()->GetPublicModule(); |
| 779 } |
| 780 |
| 781 net::CryptoModuleList modules; |
| 782 modules.push_back(module_); |
| 783 chrome::UnlockSlotsIfNecessary( |
| 784 modules, |
| 785 chrome::kCryptoModulePasswordCertImport, |
| 786 net::HostPortPair(), // unused. |
| 787 GetParentWindow(), |
| 788 base::Bind(&CertificateManagerHandler::ImportPersonalSlotUnlocked, |
| 789 base::Unretained(this))); |
| 790 return; |
| 766 } | 791 } |
| 767 | 792 |
| 768 net::CryptoModuleList modules; | 793 // Non .p12 files are assumed to be single/chain certificates without private |
| 769 modules.push_back(module_); | 794 // key data. The default extension according to spec is '.crt', however other |
| 770 chrome::UnlockSlotsIfNecessary( | 795 // extensions are also used in some places to represent these certificates. |
| 771 modules, | 796 int result = certificate_manager_model_->ImportUserCert(file_data_); |
| 772 chrome::kCryptoModulePasswordCertImport, | 797 ImportExportCleanup(); |
| 773 net::HostPortPair(), // unused. | 798 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); |
| 774 GetParentWindow(), | 799 int string_id; |
| 775 base::Bind(&CertificateManagerHandler::ImportPersonalSlotUnlocked, | 800 switch (result) { |
| 776 base::Unretained(this))); | 801 case net::OK: |
| 802 return; |
| 803 case net::ERR_NO_PRIVATE_KEY_FOR_CERT: |
| 804 string_id = IDS_CERT_MANAGER_IMPORT_MISSING_KEY; |
| 805 break; |
| 806 case net::ERR_CERT_INVALID: |
| 807 string_id = IDS_CERT_MANAGER_READ_ERROR_FORMAT; |
| 808 break; |
| 809 default: |
| 810 string_id = IDS_CERT_MANAGER_UNKNOWN_ERROR; |
| 811 break; |
| 812 } |
| 813 ShowError( |
| 814 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_IMPORT_ERROR_TITLE), |
| 815 l10n_util::GetStringUTF8(string_id)); |
| 777 } | 816 } |
| 778 | 817 |
| 779 void CertificateManagerHandler::ImportPersonalSlotUnlocked() { | 818 void CertificateManagerHandler::ImportPersonalSlotUnlocked() { |
| 780 // Determine if the private key should be unextractable after the import. | 819 // Determine if the private key should be unextractable after the import. |
| 781 // We do this by checking the value of |use_hardware_backed_| which is set | 820 // We do this by checking the value of |use_hardware_backed_| which is set |
| 782 // to true if importing into a hardware module. Currently, this only happens | 821 // to true if importing into a hardware module. Currently, this only happens |
| 783 // for Chrome OS when the "Import and Bind" option is chosen. | 822 // for Chrome OS when the "Import and Bind" option is chosen. |
| 784 bool is_extractable = !use_hardware_backed_; | 823 bool is_extractable = !use_hardware_backed_; |
| 785 int result = certificate_manager_model_->ImportFromPKCS12( | 824 int result = certificate_manager_model_->ImportFromPKCS12( |
| 786 module_.get(), file_data_, password_, is_extractable); | 825 module_.get(), file_data_, password_, is_extractable); |
| 787 ImportExportCleanup(); | 826 ImportExportCleanup(); |
| 788 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); | 827 web_ui()->CallJavascriptFunction("CertificateRestoreOverlay.dismiss"); |
| 789 int string_id; | 828 int string_id; |
| 790 switch (result) { | 829 switch (result) { |
| 791 case net::OK: | 830 case net::OK: |
| 792 return; | 831 return; |
| 793 case net::ERR_PKCS12_IMPORT_BAD_PASSWORD: | 832 case net::ERR_PKCS12_IMPORT_BAD_PASSWORD: |
| 794 // TODO(mattm): if the error was a bad password, we should reshow the | 833 // TODO(mattm): if the error was a bad password, we should reshow the |
| 795 // password dialog after the user dismisses the error dialog. | 834 // password dialog after the user dismisses the error dialog. |
| 796 string_id = IDS_CERT_MANAGER_BAD_PASSWORD; | 835 string_id = IDS_CERT_MANAGER_BAD_PASSWORD; |
| 797 break; | 836 break; |
| 798 case net::ERR_PKCS12_IMPORT_INVALID_MAC: | 837 case net::ERR_PKCS12_IMPORT_INVALID_MAC: |
| 799 string_id = IDS_CERT_MANAGER_PKCS12_IMPORT_INVALID_MAC; | 838 string_id = IDS_CERT_MANAGER_IMPORT_INVALID_MAC; |
| 800 break; | 839 break; |
| 801 case net::ERR_PKCS12_IMPORT_INVALID_FILE: | 840 case net::ERR_PKCS12_IMPORT_INVALID_FILE: |
| 802 string_id = IDS_CERT_MANAGER_PKCS12_IMPORT_INVALID_FILE; | 841 string_id = IDS_CERT_MANAGER_IMPORT_INVALID_FILE; |
| 803 break; | 842 break; |
| 804 case net::ERR_PKCS12_IMPORT_UNSUPPORTED: | 843 case net::ERR_PKCS12_IMPORT_UNSUPPORTED: |
| 805 string_id = IDS_CERT_MANAGER_PKCS12_IMPORT_UNSUPPORTED; | 844 string_id = IDS_CERT_MANAGER_IMPORT_UNSUPPORTED; |
| 806 break; | 845 break; |
| 807 default: | 846 default: |
| 808 string_id = IDS_CERT_MANAGER_UNKNOWN_ERROR; | 847 string_id = IDS_CERT_MANAGER_UNKNOWN_ERROR; |
| 809 break; | 848 break; |
| 810 } | 849 } |
| 811 ShowError( | 850 ShowError( |
| 812 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_PKCS12_IMPORT_ERROR_TITLE), | 851 l10n_util::GetStringUTF8(IDS_CERT_MANAGER_IMPORT_ERROR_TITLE), |
| 813 l10n_util::GetStringUTF8(string_id)); | 852 l10n_util::GetStringUTF8(string_id)); |
| 814 } | 853 } |
| 815 | 854 |
| 816 void CertificateManagerHandler::CancelImportExportProcess( | 855 void CertificateManagerHandler::CancelImportExportProcess( |
| 817 const base::ListValue* args) { | 856 const base::ListValue* args) { |
| 818 ImportExportCleanup(); | 857 ImportExportCleanup(); |
| 819 } | 858 } |
| 820 | 859 |
| 821 void CertificateManagerHandler::ImportExportCleanup() { | 860 void CertificateManagerHandler::ImportExportCleanup() { |
| 822 file_path_.clear(); | 861 file_path_.clear(); |
| (...skipping 332 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1155 title_value, | 1194 title_value, |
| 1156 error_value, | 1195 error_value, |
| 1157 cert_error_list); | 1196 cert_error_list); |
| 1158 } | 1197 } |
| 1159 | 1198 |
| 1160 gfx::NativeWindow CertificateManagerHandler::GetParentWindow() const { | 1199 gfx::NativeWindow CertificateManagerHandler::GetParentWindow() const { |
| 1161 return web_ui()->GetWebContents()->GetTopLevelNativeWindow(); | 1200 return web_ui()->GetWebContents()->GetTopLevelNativeWindow(); |
| 1162 } | 1201 } |
| 1163 | 1202 |
| 1164 } // namespace options | 1203 } // namespace options |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1423333006:
Adding User Certificate (.crt) Import to Certificate Manager (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master