| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/cert_database.h" | 5 #include "net/cert/cert_database.h" |
| 6 | 6 |
| 7 #include <cert.h> | 7 #include <cert.h> |
| 8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
| 9 #include <secmod.h> | 9 #include <secmod.h> |
| 10 | 10 |
| 11 #include <vector> |
| 12 |
| 11 #include "base/logging.h" | 13 #include "base/logging.h" |
| 12 #include "base/observer_list_threadsafe.h" | 14 #include "base/observer_list_threadsafe.h" |
| 13 #include "crypto/nss_util.h" | 15 #include "crypto/nss_util.h" |
| 14 #include "crypto/scoped_nss_types.h" | 16 #include "crypto/scoped_nss_types.h" |
| 15 #include "net/base/net_errors.h" | 17 #include "net/base/net_errors.h" |
| 16 #include "net/cert/x509_certificate.h" | 18 #include "net/cert/x509_certificate.h" |
| 17 #include "net/cert/x509_util_nss.h" | 19 #include "net/cert/x509_util_nss.h" |
| 20 #include "net/third_party/mozilla_security_manager/nsNSSCertificateDB.h" |
| 21 |
| 22 // PSM = Mozilla's Personal Security Manager. |
| 23 namespace psm = mozilla_security_manager; |
| 18 | 24 |
| 19 namespace net { | 25 namespace net { |
| 20 | 26 |
| 21 CertDatabase::CertDatabase() | 27 CertDatabase::CertDatabase() |
| 22 : observer_list_(new base::ObserverListThreadSafe<Observer>) { | 28 : observer_list_(new base::ObserverListThreadSafe<Observer>) { |
| 23 crypto::EnsureNSSInit(); | 29 crypto::EnsureNSSInit(); |
| 24 } | 30 } |
| 25 | 31 |
| 26 CertDatabase::~CertDatabase() {} | 32 CertDatabase::~CertDatabase() {} |
| 27 | 33 |
| (...skipping 14 matching lines...) Expand all Loading... |
| 42 PK11SlotInfo* slot = PK11_KeyForCertExists(cert, NULL, NULL); | 48 PK11SlotInfo* slot = PK11_KeyForCertExists(cert, NULL, NULL); |
| 43 if (!slot) | 49 if (!slot) |
| 44 return ERR_NO_PRIVATE_KEY_FOR_CERT; | 50 return ERR_NO_PRIVATE_KEY_FOR_CERT; |
| 45 | 51 |
| 46 PK11_FreeSlot(slot); | 52 PK11_FreeSlot(slot); |
| 47 | 53 |
| 48 return OK; | 54 return OK; |
| 49 } | 55 } |
| 50 | 56 |
| 51 int CertDatabase::AddUserCert(X509Certificate* cert_obj) { | 57 int CertDatabase::AddUserCert(X509Certificate* cert_obj) { |
| 52 CERTCertificate* cert = cert_obj->os_cert_handle(); | 58 CertificateList cert_list; |
| 53 CK_OBJECT_HANDLE key; | 59 cert_list.push_back(cert_obj); |
| 54 crypto::ScopedPK11Slot slot(PK11_KeyForCertExists(cert, &key, NULL)); | 60 return psm::ImportUserCert(cert_list); |
| 55 if (!slot.get()) | |
| 56 return ERR_NO_PRIVATE_KEY_FOR_CERT; | |
| 57 | |
| 58 std::string nickname = x509_util::GetUniqueNicknameForSlot( | |
| 59 cert_obj->GetDefaultNickname(USER_CERT), | |
| 60 &cert->derSubject, | |
| 61 slot.get()); | |
| 62 | |
| 63 SECStatus rv; | |
| 64 { | |
| 65 crypto::AutoNSSWriteLock lock; | |
| 66 rv = PK11_ImportCert(slot.get(), cert, key, nickname.c_str(), PR_FALSE); | |
| 67 } | |
| 68 | |
| 69 if (rv != SECSuccess) { | |
| 70 LOG(ERROR) << "Couldn't import user certificate. " << PORT_GetError(); | |
| 71 return ERR_ADD_USER_CERT_FAILED; | |
| 72 } | |
| 73 | |
| 74 NotifyObserversOfCertAdded(cert_obj); | |
| 75 return OK; | |
| 76 } | 61 } |
| 77 | 62 |
| 78 } // namespace net | 63 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1423333006:
Adding User Certificate (.crt) Import to Certificate Manager (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master