MacViews: Remove constrained window dependencies for certificate viewer.

chrome/browser/ui/certificate_viewer_mac.mm

Index: chrome/browser/ui/certificate_viewer_mac.mm
diff --git a/chrome/browser/ui/certificate_viewer_mac.mm b/chrome/browser/ui/certificate_viewer_mac.mm
new file mode 100644
index 0000000000000000000000000000000000000000..88a362fee94ece4c31469083ab9c7e68b3a1eb45
--- /dev/null
+++ b/chrome/browser/ui/certificate_viewer_mac.mm
@@ -0,0 +1,102 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#import "chrome/browser/ui/certificate_viewer_mac.h"
+
+#include "base/mac/foundation_util.h"
+#include "base/mac/scoped_cftyperef.h"
+#import "base/mac/scoped_nsobject.h"
+#include "content/public/browser/web_contents.h"
+#include "net/cert/x509_certificate.h"
+#include "net/cert/x509_util_mac.h"
+
+@implementation SSLCertificateViewerMac {
+  // The corresponding list of certificates.
+  base::scoped_nsobject<NSArray> certificates_;
+  base::scoped_nsobject<SFCertificatePanel> panel_;
+}
+
+- (id)initWithCertificate:(net::X509Certificate*)certificate {
+  if ((self = [super init])) {
+    base::ScopedCFTypeRef<CFArrayRef> cert_chain(

[Robert Sesek, 2016/08/24 18:42:41]

naming: certChain

[Patti Lor, 2016/08/25 08:25:12]

Done.

+        certificate->CreateOSCertChainForCert());
+    NSArray* certificates = base::mac::CFToNSCast(cert_chain.get());
+    certificates_.reset([certificates retain]);
+  }
+  return self;
+}
+
+- (void)sheetDidEnd:(NSWindow*)parent
+         returnCode:(NSInteger)returnCode
+            context:(void*)context {
+  NOTREACHED();  // Subclasses must implement this.
+}
+
+- (void)displayForWebContents:(content::WebContents*)webContents {
+  // Explicitly disable revocation checking, regardless of user preferences
+  // or system settings. The behaviour of SFCertificatePanel is to call
+  // SecTrustEvaluate on the certificate(s) supplied, effectively
+  // duplicating the behaviour of net::X509Certificate::Verify(). However,
+  // this call stalls the UI if revocation checking is enabled in the
+  // Keychain preferences or if the cert may be an EV cert. By disabling
+  // revocation checking, the stall is limited to the time taken for path
+  // building and verification, which should be minimized due to the path
+  // being provided in |certificates|. This does not affect normal
+  // revocation checking from happening, which is controlled by
+  // net::X509Certificate::Verify() and user preferences, but will prevent
+  // the certificate viewer UI from displaying which certificate is revoked.
+  // This is acceptable, as certificate revocation will still be shown in
+  // the page info bubble if a certificate in the chain is actually revoked.
+  base::ScopedCFTypeRef<CFMutableArrayRef> policies(
+      CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks));
+  if (!policies.get()) {
+    NOTREACHED();
+    return;
+  }
+  // Add a basic X.509 policy, in order to match the behaviour of
+  // SFCertificatePanel when no policies are specified.
+  SecPolicyRef basic_policy = NULL;

[Robert Sesek, 2016/08/24 18:42:41]

naming: basicPolicy

[Patti Lor, 2016/08/25 08:25:12]

Done.

+  OSStatus status = net::x509_util::CreateBasicX509Policy(&basic_policy);
+  if (status != noErr) {
+    NOTREACHED();
+    return;
+  }
+  CFArrayAppendValue(policies, basic_policy);
+  CFRelease(basic_policy);
+
+  status = net::x509_util::CreateRevocationPolicies(false, false, policies);
+  if (status != noErr) {
+    NOTREACHED();
+    return;
+  }
+
+  panel_.reset([[SFCertificatePanel alloc] init]);
+  [panel_ setPolicies:(id)policies.get()];

[Robert Sesek, 2016/08/24 18:42:41]

CFToNSCast again?

[Patti Lor, 2016/08/25 08:25:12]

Done.

+}
+
+- (void)showCertificateSheet:(NSWindow*)window {
+  [panel_ beginSheetForWindow:window
+                modalDelegate:self
+               didEndSelector:@selector(sheetDidEnd:returnCode:context:)
+                  contextInfo:NULL
+                 certificates:certificates_
+                    showGroup:YES];
+}
+
+- (void)closeCertificateSheet {
+  // Closing the sheet using -[NSApp endSheet:] doesn't work so use the private
+  // method.
+  [panel_ _dismissWithCode:NSFileHandlingPanelCancelButton];
+  certificates_.reset();
+}
+
+- (void)releaseSheetWindow {
+  panel_.reset();
+}
+
+- (NSWindow*)certificatePanel {
+  return panel_;
+}
+
+@end