Index: chrome/browser/ui/views/ssl_client_certificate_selector.cc |
diff --git a/chrome/browser/ui/views/ssl_client_certificate_selector.cc b/chrome/browser/ui/views/ssl_client_certificate_selector.cc |
index 0176e6528f177ad45408e4c6c9bbc9f6c31db040..d238de09687ab1fe4386fb0d37dc86574442c0e7 100644 |
--- a/chrome/browser/ui/views/ssl_client_certificate_selector.cc |
+++ b/chrome/browser/ui/views/ssl_client_certificate_selector.cc |
@@ -21,20 +21,17 @@ |
#include "ui/views/controls/label.h" |
#include "ui/views/widget/widget.h" |
-#if defined(USE_NSS_CERTS) && !defined(OS_CHROMEOS) |
-#include "chrome/browser/ui/crypto_module_password_dialog_nss.h" |
-#endif |
- |
SSLClientCertificateSelector::SSLClientCertificateSelector( |
content::WebContents* web_contents, |
const scoped_refptr<net::SSLCertRequestInfo>& cert_request_info, |
- net::CertificateList client_certs, |
+ net::ClientCertIdentityList client_certs, |
std::unique_ptr<content::ClientCertificateDelegate> delegate) |
: CertificateSelector(std::move(client_certs), web_contents), |
SSLClientAuthObserver(web_contents->GetBrowserContext(), |
cert_request_info, |
std::move(delegate)), |
- WebContentsObserver(web_contents) { |
+ WebContentsObserver(web_contents), |
+ weak_ptr_factory_(this) { |
chrome::RecordDialogCreation( |
chrome::DialogIdentifier::SSL_CLIENT_CERTIFICATE_SELECTOR); |
} |
@@ -63,27 +60,24 @@ void SSLClientCertificateSelector::DeleteDelegate() { |
// to abort instead of proceeding with a null certificate. (This will be |
// ignored if there was a previous call to CertificateSelected or |
// CancelCertificateSelection.) |
- CertificateSelected(nullptr); |
+ CertificateSelected(nullptr, nullptr); |
chrome::CertificateSelector::DeleteDelegate(); |
} |
bool SSLClientCertificateSelector::Accept() { |
- scoped_refptr<net::X509Certificate> cert = GetSelectedCert(); |
- if (cert.get()) { |
- // Remove the observer before we try unlocking, otherwise we might act on a |
- // notification while waiting for the unlock dialog, causing us to delete |
- // ourself before the Unlocked callback gets called. |
+ std::unique_ptr<net::ClientCertIdentity> identity = TakeSelectedCert(); |
+ if (identity) { |
+ // Remove the observer before we try acquiring private key, otherwise we |
+ // might act on a notification while waiting for the callback, causing us |
+ // to delete ourself before the callback gets called. |
StopObserving(); |
-#if defined(USE_NSS_CERTS) && !defined(OS_CHROMEOS) |
- chrome::UnlockCertSlotIfNecessary( |
- cert.get(), chrome::kCryptoModulePasswordClientAuth, |
- cert_request_info()->host_and_port, GetWidget()->GetNativeView(), |
- base::Bind(&SSLClientCertificateSelector::Unlocked, |
- base::Unretained(this), base::RetainedRef(cert))); |
-#else |
- Unlocked(cert.get()); |
-#endif |
- return false; // Unlocked() will close the dialog. |
+ net::X509Certificate* cert = identity->certificate(); |
+ net::ClientCertIdentity::SelfOwningAcquirePrivateKey( |
+ std::move(identity), |
+ base::Bind(&SSLClientCertificateSelector::GotPrivateKey, |
+ weak_ptr_factory_.GetWeakPtr(), base::Unretained(cert))); |
+ // GotPrivateKey() will close the dialog. It may be run synchronously. |
+ return false; |
} |
return false; |
@@ -94,8 +88,10 @@ void SSLClientCertificateSelector::WebContentsDestroyed() { |
CancelCertificateSelection(); |
} |
-void SSLClientCertificateSelector::Unlocked(net::X509Certificate* cert) { |
- CertificateSelected(cert); |
+void SSLClientCertificateSelector::GotPrivateKey( |
+ net::X509Certificate* cert, |
+ scoped_refptr<net::SSLPrivateKey> private_key) { |
+ CertificateSelected(cert, private_key.get()); |
GetWidget()->Close(); |
} |
@@ -104,7 +100,7 @@ namespace chrome { |
void ShowSSLClientCertificateSelector( |
content::WebContents* contents, |
net::SSLCertRequestInfo* cert_request_info, |
- net::CertificateList client_certs, |
+ net::ClientCertIdentityList client_certs, |
std::unique_ptr<content::ClientCertificateDelegate> delegate) { |
DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |