net/cert/cert_database_win.cc - Issue 2363653002: Cleanup unreachable cert adding code

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/cert/cert_database_win.cc

Issue 2363653002: Cleanup unreachable cert adding code (Closed)

Patch Set: Rebased Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/cert/cert_database.h"	5 #include "net/cert/cert_database.h"

6	6

7 #include <windows.h>

8

9 #include "base/observer_list_threadsafe.h"	7 #include "base/observer_list_threadsafe.h"

10 #include "crypto/wincrypt_shim.h"

11 #include "net/base/net_errors.h"

12 #include "net/cert/x509_certificate.h"

13	8

14 namespace net {	9 namespace net {

15	10

16 CertDatabase::CertDatabase()	11 CertDatabase::CertDatabase()

17 : observer_list_(new base::ObserverListThreadSafe<Observer>) {	12 : observer_list_(new base::ObserverListThreadSafe<Observer>) {

18 }	13 }

19	14

20 CertDatabase::~CertDatabase() {}	15 CertDatabase::~CertDatabase() {}

21	16

22 int CertDatabase::CheckUserCert(X509Certificate* cert) {

23 if (!cert)

24 return ERR_CERT_INVALID;

25 if (cert->HasExpired())

26 return ERR_CERT_DATE_INVALID;

27

28 // TODO(rsleevi): Should CRYPT_FIND_SILENT_KEYSET_FLAG be specified? A UI

29 // may be shown here / this call may block.

30 if (!CryptFindCertificateKeyProvInfo(cert->os_cert_handle(), 0, NULL))

31 return ERR_NO_PRIVATE_KEY_FOR_CERT;

32

33 return OK;

34 }

35

36 int CertDatabase::AddUserCert(X509Certificate* cert) {

37 // TODO(rsleevi): Would it be more appropriate to have the CertDatabase take

38 // construction parameters (Keychain filepath on Mac OS X, PKCS #11 slot on

39 // NSS, and Store Type / Path) here? For now, certs will be stashed into the

40 // user's personal store, which will not automatically mark them as trusted,

41 // but will allow them to be used for client auth.

42 HCERTSTORE cert_db = CertOpenSystemStore(NULL, L"MY");

43 if (!cert_db)

44 return ERR_ADD_USER_CERT_FAILED;

45

46 BOOL added = CertAddCertificateContextToStore(cert_db,

47 cert->os_cert_handle(),

48 CERT_STORE_ADD_USE_EXISTING,

49 NULL);

50

51 CertCloseStore(cert_db, 0);

52

53 if (!added)

54 return ERR_ADD_USER_CERT_FAILED;

55

56 NotifyObserversOfCertAdded(cert);

57 return OK;

58 }

59

60 } // namespace net	17 } // namespace net

OLD	NEW

« no previous file with comments | « net/cert/cert_database_openssl.cc ('k') | net/cert/nss_cert_database.h » ('j') | no next file with comments »