OLD | NEW |
| (Empty) |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "chrome/browser/ssl/ssl_client_auth_handler.h" | |
6 | |
7 #import <SecurityInterface/SFChooseIdentityPanel.h> | |
8 | |
9 #include "app/l10n_util_mac.h" | |
10 #include "base/scoped_cftyperef.h" | |
11 #include "base/scoped_nsobject.h" | |
12 #include "base/string_util.h" | |
13 #include "base/sys_string_conversions.h" | |
14 #include "chrome/browser/chrome_thread.h" | |
15 #include "grit/generated_resources.h" | |
16 #include "net/base/x509_certificate.h" | |
17 | |
18 void SSLClientAuthHandler::DoSelectCertificate() { | |
19 net::X509Certificate* cert = NULL; | |
20 // Create an array of CFIdentityRefs for the certificates: | |
21 size_t num_certs = cert_request_info_->client_certs.size(); | |
22 NSMutableArray* identities = [NSMutableArray arrayWithCapacity:num_certs]; | |
23 for (size_t i = 0; i < num_certs; ++i) { | |
24 SecCertificateRef cert; | |
25 cert = cert_request_info_->client_certs[i]->os_cert_handle(); | |
26 SecIdentityRef identity; | |
27 if (SecIdentityCreateWithCertificate(NULL, cert, &identity) == noErr) { | |
28 [identities addObject:(id)identity]; | |
29 CFRelease(identity); | |
30 } | |
31 } | |
32 | |
33 // Get the message to display: | |
34 NSString* title = l10n_util::GetNSString(IDS_CLIENT_CERT_DIALOG_TITLE); | |
35 NSString* message = l10n_util::GetNSStringF( | |
36 IDS_CLIENT_CERT_DIALOG_TEXT, | |
37 ASCIIToUTF16(cert_request_info_->host_and_port)); | |
38 | |
39 // Create and set up a system choose-identity panel. | |
40 scoped_nsobject<SFChooseIdentityPanel> panel ( | |
41 [[SFChooseIdentityPanel alloc] init]); | |
42 NSString* domain = base::SysUTF8ToNSString( | |
43 "https://" + cert_request_info_->host_and_port); | |
44 [panel setDomain:domain]; | |
45 [panel setInformativeText:message]; | |
46 [panel setAlternateButtonTitle:l10n_util::GetNSString(IDS_CANCEL)]; | |
47 SecPolicyRef sslPolicy; | |
48 if (net::X509Certificate::CreateSSLClientPolicy(&sslPolicy) == noErr) { | |
49 [panel setPolicies:(id)sslPolicy]; | |
50 CFRelease(sslPolicy); | |
51 } | |
52 | |
53 // Run the panel, modally. | |
54 // TODO(snej): Change this into a sheet so it doesn't block the runloop! | |
55 if ([panel runModalForIdentities:identities message:title] == NSOKButton) { | |
56 NSUInteger index = [identities indexOfObject:(id)[panel identity]]; | |
57 DCHECK(index != NSNotFound); | |
58 cert = cert_request_info_->client_certs[index]; | |
59 } | |
60 | |
61 // Finally, tell the back end which identity (or none) the user selected. | |
62 CertificateSelected(cert); | |
63 } | |
OLD | NEW |