Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(299)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/cert_database_nss.cc

Issue 214863002: Extension API enterprise.platformKeys. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Addressed comments. Splitted custom_binding, added comments... Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« extensions/renderer/dispatcher.cc ('K') | « net/cert/cert_database.h ('k') | net/cert/nss_cert_database.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/cert_database.h" 5 #include "net/cert/cert_database.h"
6 6
7 #include <cert.h> 7 #include <cert.h>
8 #include <pk11pub.h> 8 #include <pk11pub.h>
9 #include <secmod.h> 9 #include <secmod.h>
10 10
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after
47 }; 47 };
48 48
49 CertDatabase::CertDatabase() 49 CertDatabase::CertDatabase()
50 : observer_list_(new ObserverListThreadSafe<Observer>), 50 : observer_list_(new ObserverListThreadSafe<Observer>),
51 notifier_(new Notifier(this)) { 51 notifier_(new Notifier(this)) {
52 crypto::EnsureNSSInit(); 52 crypto::EnsureNSSInit();
53 } 53 }
54 54
55 CertDatabase::~CertDatabase() {} 55 CertDatabase::~CertDatabase() {}
56 56
57 int CertDatabase::CheckUserCert(X509Certificate* cert_obj) { 57 Error CertDatabase::CheckUserCert(X509Certificate* cert_obj) {
58 if (!cert_obj) 58 if (!cert_obj)
59 return ERR_CERT_INVALID; 59 return ERR_CERT_INVALID;
60 if (cert_obj->HasExpired()) 60 if (cert_obj->HasExpired())
61 return ERR_CERT_DATE_INVALID; 61 return ERR_CERT_DATE_INVALID;
62 62
63 // Check if the private key corresponding to the certificate exist 63 // Check if the private key corresponding to the certificate exist
64 // We shouldn't accept any random client certificate sent by a CA. 64 // We shouldn't accept any random client certificate sent by a CA.
65 65
66 // Note: The NSS source documentation wrongly suggests that this 66 // Note: The NSS source documentation wrongly suggests that this
67 // also imports the certificate if the private key exists. This 67 // also imports the certificate if the private key exists. This
68 // doesn't seem to be the case. 68 // doesn't seem to be the case.
69 69
70 CERTCertificate* cert = cert_obj->os_cert_handle(); 70 CERTCertificate* cert = cert_obj->os_cert_handle();
71 PK11SlotInfo* slot = PK11_KeyForCertExists(cert, NULL, NULL); 71 PK11SlotInfo* slot = PK11_KeyForCertExists(cert, NULL, NULL);
72 if (!slot) 72 if (!slot)
73 return ERR_NO_PRIVATE_KEY_FOR_CERT; 73 return ERR_NO_PRIVATE_KEY_FOR_CERT;
74 74
75 PK11_FreeSlot(slot); 75 PK11_FreeSlot(slot);
76 76
77 return OK; 77 return OK;
78 } 78 }
79 79
80 int CertDatabase::AddUserCert(X509Certificate* cert_obj) { 80 Error CertDatabase::AddUserCert(X509Certificate* cert_obj) {
81 CERTCertificate* cert = cert_obj->os_cert_handle(); 81 CERTCertificate* cert = cert_obj->os_cert_handle();
82 CK_OBJECT_HANDLE key; 82 CK_OBJECT_HANDLE key;
83 crypto::ScopedPK11Slot slot(PK11_KeyForCertExists(cert, &key, NULL)); 83 crypto::ScopedPK11Slot slot(PK11_KeyForCertExists(cert, &key, NULL));
84 if (!slot.get()) 84 if (!slot.get())
85 return ERR_NO_PRIVATE_KEY_FOR_CERT; 85 return ERR_NO_PRIVATE_KEY_FOR_CERT;
86 86
87 std::string nickname = x509_util::GetUniqueNicknameForSlot( 87 std::string nickname = x509_util::GetUniqueNicknameForSlot(
88 cert_obj->GetDefaultNickname(USER_CERT), 88 cert_obj->GetDefaultNickname(USER_CERT),
89 &cert->derSubject, 89 &cert->derSubject,
90 slot.get()); 90 slot.get());
(...skipping 11 matching lines...) Expand all
102 102
103 NotifyObserversOfCertAdded(cert_obj); 103 NotifyObserversOfCertAdded(cert_obj);
104 return OK; 104 return OK;
105 } 105 }
106 106
107 void CertDatabase::ObserveNSSCertDatabase(NSSCertDatabase* source) { 107 void CertDatabase::ObserveNSSCertDatabase(NSSCertDatabase* source) {
108 source->AddObserver(this->notifier_.get()); 108 source->AddObserver(this->notifier_.get());
109 } 109 }
110 110
111 } // namespace net 111 } // namespace net
OLDNEW
« extensions/renderer/dispatcher.cc ('K') | « net/cert/cert_database.h ('k') | net/cert/nss_cert_database.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698