OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/options/cert_library.h" | 5 #include "chrome/browser/chromeos/options/cert_library.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 | 8 |
| 9 #include "base/command_line.h" |
9 #include "base/i18n/string_compare.h" | 10 #include "base/i18n/string_compare.h" |
10 #include "base/memory/weak_ptr.h" | 11 #include "base/memory/weak_ptr.h" |
11 #include "base/observer_list_threadsafe.h" | 12 #include "base/observer_list_threadsafe.h" |
| 13 #include "base/strings/string_number_conversions.h" |
12 #include "base/strings/string_util.h" | 14 #include "base/strings/string_util.h" |
13 #include "base/strings/utf_string_conversions.h" | 15 #include "base/strings/utf_string_conversions.h" |
14 #include "chrome/browser/browser_process.h" // g_browser_process | 16 #include "chrome/browser/browser_process.h" // g_browser_process |
| 17 #include "chrome/common/chrome_switches.h" |
| 18 #include "chrome/common/net/x509_certificate_model.h" |
15 #include "chrome/grit/generated_resources.h" | 19 #include "chrome/grit/generated_resources.h" |
16 #include "chromeos/dbus/cryptohome_client.h" | 20 #include "chromeos/dbus/cryptohome_client.h" |
17 #include "chromeos/dbus/dbus_thread_manager.h" | 21 #include "chromeos/dbus/dbus_thread_manager.h" |
18 #include "chromeos/login/login_state.h" | 22 #include "chromeos/login/login_state.h" |
19 #include "chromeos/network/certificate_helper.h" | |
20 #include "chromeos/network/onc/onc_utils.h" | 23 #include "chromeos/network/onc/onc_utils.h" |
| 24 #include "content/public/browser/browser_thread.h" |
21 #include "crypto/nss_util.h" | 25 #include "crypto/nss_util.h" |
22 #include "net/cert/cert_database.h" | 26 #include "net/cert/cert_database.h" |
23 #include "net/cert/nss_cert_database.h" | 27 #include "net/cert/nss_cert_database.h" |
24 #include "third_party/icu/source/i18n/unicode/coll.h" // icu::Collator | 28 #include "third_party/icu/source/i18n/unicode/coll.h" // icu::Collator |
25 #include "ui/base/l10n/l10n_util.h" | 29 #include "ui/base/l10n/l10n_util.h" |
26 #include "ui/base/l10n/l10n_util_collator.h" | 30 #include "ui/base/l10n/l10n_util_collator.h" |
27 | 31 |
28 namespace chromeos { | 32 namespace chromeos { |
29 | 33 |
30 namespace { | 34 namespace { |
31 | 35 |
32 // Root CA certificates that are built into Chrome use this token name. | 36 // Root CA certificates that are built into Chrome use this token name. |
33 const char kRootCertificateTokenName[] = "Builtin Object Token"; | 37 const char kRootCertificateTokenName[] = "Builtin Object Token"; |
34 | 38 |
35 base::string16 GetDisplayString(net::X509Certificate* cert, | 39 base::string16 GetDisplayString(net::X509Certificate* cert, |
36 bool hardware_backed) { | 40 bool hardware_backed) { |
37 std::string alt_text; | 41 std::string org; |
38 if (!cert->subject().organization_names.empty()) | 42 if (!cert->subject().organization_names.empty()) |
39 alt_text = cert->subject().organization_names[0]; | 43 org = cert->subject().organization_names[0]; |
40 if (alt_text.empty()) | 44 if (org.empty()) |
41 alt_text = cert->subject().GetDisplayName(); | 45 org = cert->subject().GetDisplayName(); |
42 base::string16 issued_by = base::UTF8ToUTF16( | 46 base::string16 issued_by = base::UTF8ToUTF16( |
43 certificate::GetIssuerCommonName(cert->os_cert_handle(), alt_text)); | 47 x509_certificate_model::GetIssuerCommonName(cert->os_cert_handle(), |
44 | 48 org)); // alternative text |
45 base::string16 issued_to = base::UTF8ToUTF16( | 49 base::string16 issued_to = base::UTF8ToUTF16( |
46 certificate::GetCertNameOrNickname(cert->os_cert_handle())); | 50 x509_certificate_model::GetCertNameOrNickname(cert->os_cert_handle())); |
47 base::string16 issued_to_ascii = base::UTF8ToUTF16( | |
48 certificate::GetCertAsciiNameOrNickname(cert->os_cert_handle())); | |
49 if (issued_to_ascii != issued_to) { | |
50 // Input contained encoded data, show original and decoded forms. | |
51 issued_to = l10n_util::GetStringFUTF16(IDS_CERT_INFO_IDN_VALUE_FORMAT, | |
52 issued_to_ascii, issued_to); | |
53 } | |
54 | 51 |
55 if (hardware_backed) { | 52 if (hardware_backed) { |
56 return l10n_util::GetStringFUTF16( | 53 return l10n_util::GetStringFUTF16( |
57 IDS_CERT_MANAGER_HARDWARE_BACKED_KEY_FORMAT_LONG, | 54 IDS_CERT_MANAGER_HARDWARE_BACKED_KEY_FORMAT_LONG, |
58 issued_by, | 55 issued_by, |
59 issued_to, | 56 issued_to, |
60 l10n_util::GetStringUTF16(IDS_CERT_MANAGER_HARDWARE_BACKED)); | 57 l10n_util::GetStringUTF16(IDS_CERT_MANAGER_HARDWARE_BACKED)); |
61 } else { | 58 } else { |
62 return l10n_util::GetStringFUTF16( | 59 return l10n_util::GetStringFUTF16( |
63 IDS_CERT_MANAGER_KEY_FORMAT_LONG, | 60 IDS_CERT_MANAGER_KEY_FORMAT_LONG, |
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
194 int slot_id = -1; | 191 int slot_id = -1; |
195 std::string id = CertLoader::GetPkcs11IdAndSlotForCert(*cert, &slot_id); | 192 std::string id = CertLoader::GetPkcs11IdAndSlotForCert(*cert, &slot_id); |
196 if (id == pkcs11_id) | 193 if (id == pkcs11_id) |
197 return index; | 194 return index; |
198 } | 195 } |
199 return -1; // Not found. | 196 return -1; // Not found. |
200 } | 197 } |
201 | 198 |
202 void CertLibrary::OnCertificatesLoaded(const net::CertificateList& cert_list, | 199 void CertLibrary::OnCertificatesLoaded(const net::CertificateList& cert_list, |
203 bool initial_load) { | 200 bool initial_load) { |
204 DCHECK_CALLED_ON_VALID_THREAD(thread_checker_); | 201 CHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); |
205 VLOG(1) << "CertLibrary::OnCertificatesLoaded: " << cert_list.size(); | 202 VLOG(1) << "CertLibrary::OnCertificatesLoaded: " << cert_list.size(); |
206 certs_.clear(); | 203 certs_.clear(); |
207 user_certs_.clear(); | 204 user_certs_.clear(); |
208 server_certs_.clear(); | 205 server_certs_.clear(); |
209 server_ca_certs_.clear(); | 206 server_ca_certs_.clear(); |
210 | 207 |
211 // Add certificates to the appropriate list. | 208 // Add certificates to the appropriate list. |
212 for (net::CertificateList::const_iterator iter = cert_list.begin(); | 209 for (net::CertificateList::const_iterator iter = cert_list.begin(); |
213 iter != cert_list.end(); ++iter) { | 210 iter != cert_list.end(); ++iter) { |
214 certs_.push_back(iter->get()); | 211 certs_.push_back(iter->get()); |
215 net::X509Certificate::OSCertHandle cert_handle = | 212 net::X509Certificate::OSCertHandle cert_handle = |
216 iter->get()->os_cert_handle(); | 213 iter->get()->os_cert_handle(); |
217 net::CertType type = certificate::GetCertType(cert_handle); | 214 net::CertType type = x509_certificate_model::GetType(cert_handle); |
218 switch (type) { | 215 switch (type) { |
219 case net::USER_CERT: | 216 case net::USER_CERT: |
220 user_certs_.push_back(iter->get()); | 217 user_certs_.push_back(iter->get()); |
221 break; | 218 break; |
222 case net::SERVER_CERT: | 219 case net::SERVER_CERT: |
223 server_certs_.push_back(iter->get()); | 220 server_certs_.push_back(iter->get()); |
224 break; | 221 break; |
225 case net::CA_CERT: { | 222 case net::CA_CERT: { |
226 // Exclude root CA certificates that are built into Chrome. | 223 // Exclude root CA certificates that are built into Chrome. |
227 std::string token_name = certificate::GetCertTokenName(cert_handle); | 224 std::string token_name = |
| 225 x509_certificate_model::GetTokenName(cert_handle); |
228 if (token_name != kRootCertificateTokenName) | 226 if (token_name != kRootCertificateTokenName) |
229 server_ca_certs_.push_back(iter->get()); | 227 server_ca_certs_.push_back(iter->get()); |
230 break; | 228 break; |
231 } | 229 } |
232 default: | 230 default: |
233 break; | 231 break; |
234 } | 232 } |
235 } | 233 } |
236 | 234 |
237 // Perform locale-sensitive sorting by certificate name. | 235 // Perform locale-sensitive sorting by certificate name. |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
270 return user_certs_; | 268 return user_certs_; |
271 if (type == CERT_TYPE_SERVER) | 269 if (type == CERT_TYPE_SERVER) |
272 return server_certs_; | 270 return server_certs_; |
273 if (type == CERT_TYPE_SERVER_CA) | 271 if (type == CERT_TYPE_SERVER_CA) |
274 return server_ca_certs_; | 272 return server_ca_certs_; |
275 DCHECK(type == CERT_TYPE_DEFAULT); | 273 DCHECK(type == CERT_TYPE_DEFAULT); |
276 return certs_; | 274 return certs_; |
277 } | 275 } |
278 | 276 |
279 } // namespace chromeos | 277 } // namespace chromeos |
OLD | NEW |