net/base/cert_database_mac.cc - Issue 1591006: Adds support for the <keygen> element to Windows, matching...

Side by Side Diff: net/base/cert_database_mac.cc

Issue 1591006: Adds support for the <keygen> element to Windows, matching... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/

Patch Set: Fix keygen_handler_nss.cc compilation errors. Fix more nits. Created 10 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/base/cert_database.h"	5 #include "net/base/cert_database.h"

6	6

7 #include <Security/Security.h>	7 #include <Security/Security.h>

8	8

9 #include "base/logging.h"	9 #include "base/logging.h"

10 #include "net/base/net_errors.h"	10 #include "net/base/net_errors.h"

	11 #include "net/base/x509_certificate.h"

11	12

12 namespace net {	13 namespace net {

13	14

14 CertDatabase::CertDatabase() {	15 CertDatabase::CertDatabase() {

15 }	16 }

16	17

17 void CertDatabase::Init() {

18 }

19

20 int CertDatabase::CheckUserCert(X509Certificate* cert) {	18 int CertDatabase::CheckUserCert(X509Certificate* cert) {

21 if (!cert)	19 if (!cert)

22 return ERR_CERT_INVALID;	20 return ERR_CERT_INVALID;

23 if (cert->HasExpired())	21 if (cert->HasExpired())

24 return ERR_CERT_DATE_INVALID;	22 return ERR_CERT_DATE_INVALID;

25 if (!cert->SupportsSSLClientAuth())	23 if (!cert->SupportsSSLClientAuth())

26 return ERR_CERT_INVALID;	24 return ERR_CERT_INVALID;

27	25

28 // Verify the Keychain already has the corresponding private key:	26 // Verify the Keychain already has the corresponding private key:

29 SecIdentityRef identity = NULL;	27 SecIdentityRef identity = NULL;

30 OSStatus err = SecIdentityCreateWithCertificate(NULL, cert->os_cert_handle(),	28 OSStatus err = SecIdentityCreateWithCertificate(NULL, cert->os_cert_handle(),

31 &identity);	29 &identity);

32 if (err == errSecItemNotFound) {	30 if (err == errSecItemNotFound) {

33 LOG(ERROR) << "CertDatabase couldn't find private key for user cert";	31 LOG(ERROR) << "CertDatabase couldn't find private key for user cert";

34 return ERR_NO_PRIVATE_KEY_FOR_CERT;	32 return ERR_NO_PRIVATE_KEY_FOR_CERT;

35 }	33 }

36 if (err != noErr \|\| !identity) {	34 if (err != noErr \|\| !identity) {

37 // TODO(snej): Map the error code more intelligently.	35 // TODO(snej): Map the error code more intelligently.

38 return ERR_CERT_INVALID;	36 return ERR_CERT_INVALID;

39 }	37 }

40	38

41 CFRelease(identity);	39 CFRelease(identity);

42 return OK;	40 return OK;

43 }	41 }

44	42

45 int CertDatabase::AddUserCert(X509Certificate* cert) {	43 int CertDatabase::AddUserCert(X509Certificate* cert) {

46 OSStatus err = SecCertificateAddToKeychain(cert->os_cert_handle(), NULL);	44 OSStatus err = SecCertificateAddToKeychain(cert->os_cert_handle(), NULL);

47 switch(err) {	45 switch (err) {

48 case noErr:	46 case noErr:

49 case errSecDuplicateItem:	47 case errSecDuplicateItem:

50 return OK;	48 return OK;

51 default:	49 default:

52 LOG(ERROR) << "CertDatabase failed to add cert to keychain: " << err;	50 LOG(ERROR) << "CertDatabase failed to add cert to keychain: " << err;

53 // TODO(snej): Map the error code more intelligently.	51 // TODO(snej): Map the error code more intelligently.

54 return ERR_ERR_ADD_USER_CERT_FAILED;	52 return ERR_ADD_USER_CERT_FAILED;

55 }	53 }

56 }	54 }

57	55

58 } // namespace net	56 } // namespace net

OLD	NEW

« no previous file with comments | « net/base/cert_database.h ('k') | net/base/cert_database_nss.cc » ('j') | no next file with comments »