Index: ios/web/net/crw_ssl_status_updater.mm |
diff --git a/ios/web/net/crw_ssl_status_updater.mm b/ios/web/net/crw_ssl_status_updater.mm |
index da487021799da360f862422c0b7fb44ebcff23a6..0d1149b930c1be28d9185b487d9241e9b8708edf 100644 |
--- a/ios/web/net/crw_ssl_status_updater.mm |
+++ b/ios/web/net/crw_ssl_status_updater.mm |
@@ -7,7 +7,6 @@ |
#import "base/ios/weak_nsobject.h" |
#import "base/mac/scoped_nsobject.h" |
#import "base/strings/sys_string_conversions.h" |
-#include "ios/web/public/cert_store.h" |
#import "ios/web/public/navigation_item.h" |
#import "ios/web/public/navigation_manager.h" |
#include "ios/web/public/ssl_status.h" |
@@ -33,9 +32,6 @@ using web::SecurityStyle; |
// Unowned pointer to web::NavigationManager. |
@property(nonatomic, readonly) web::NavigationManager* navigationManager; |
-// Identifier used for storing and retrieving certificates. |
-@property(nonatomic, readonly) int certGroupID; |
- |
// Updates |security_style| and |cert_status| for the NavigationItem with ID |
// |navigationItemID|, if URL and certificate chain still match |host| and |
// |certChain|. |
@@ -58,20 +54,16 @@ using web::SecurityStyle; |
@implementation CRWSSLStatusUpdater |
@synthesize navigationManager = _navigationManager; |
-@synthesize certGroupID = _certGroupID; |
#pragma mark - Public |
- (instancetype)initWithDataSource:(id<CRWSSLStatusUpdaterDataSource>)dataSource |
- navigationManager:(web::NavigationManager*)navigationManager |
- certGroupID:(int)certGroupID { |
+ navigationManager:(web::NavigationManager*)navigationManager { |
DCHECK(dataSource); |
DCHECK(navigationManager); |
- DCHECK(certGroupID); |
if (self = [super init]) { |
_dataSource.reset(dataSource); |
_navigationManager = navigationManager; |
- _certGroupID = certGroupID; |
} |
return self; |
} |
@@ -101,14 +93,13 @@ using web::SecurityStyle; |
if (item->GetURL().SchemeIsCryptographic()) { |
cert = web::CreateCertFromTrust(trust); |
if (cert) { |
- int oldCertID = item->GetSSL().cert_id; |
+ scoped_refptr<net::X509Certificate> oldCert = item->GetSSL().certificate; |
std::string oldHost = item->GetSSL().cert_status_host; |
- item->GetSSL().cert_id = web::CertStore::GetInstance()->StoreCert( |
- cert.get(), self.certGroupID); |
+ item->GetSSL().certificate = cert; |
item->GetSSL().cert_status_host = base::SysNSStringToUTF8(host); |
// Only recompute the SSLStatus information if the certificate or host has |
// since changed. Host can be changed in case of redirect. |
- if (oldCertID != item->GetSSL().cert_id || |
+ if (!oldCert || !oldCert->Equals(cert.get()) || |
oldHost != item->GetSSL().cert_status_host) { |
// Real SSL status is unknown, reset cert status and security style. |
// They will be asynchronously updated in |
@@ -122,7 +113,7 @@ using web::SecurityStyle; |
} |
if (!cert) { |
- item->GetSSL().cert_id = 0; |
+ item->GetSSL().certificate = nullptr; |
if (!item->GetURL().SchemeIsCryptographic()) { |
// HTTP or other non-secure connection. |
item->GetSSL().security_style = web::SECURITY_STYLE_UNAUTHENTICATED; |
@@ -154,11 +145,10 @@ using web::SecurityStyle; |
// NavigationItem's UniqueID is preserved even after redirects, so |
// checking that cert and URL match is necessary. |
scoped_refptr<net::X509Certificate> cert(web::CreateCertFromTrust(trust)); |
- int certID = |
- web::CertStore::GetInstance()->StoreCert(cert.get(), self.certGroupID); |
std::string GURLHost = base::SysNSStringToUTF8(host); |
web::SSLStatus& SSLStatus = item->GetSSL(); |
- if (item->GetURL().SchemeIsCryptographic() && SSLStatus.cert_id == certID && |
+ if (item->GetURL().SchemeIsCryptographic() && !!SSLStatus.certificate && |
+ SSLStatus.certificate->Equals(cert.get()) && |
item->GetURL().host() == GURLHost) { |
web::SSLStatus previousSSLStatus = item->GetSSL(); |
SSLStatus.cert_status = certStatus; |