Fix webui cert viewer showing wrong cert chain on NSS and no chain on OpenSSL.

chrome/browser/ui/certificate_dialogs.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ui/certificate_dialogs.h"
 
-
+#include <algorithm>
 #include <vector>
 
 #include "base/base64.h"
 #include "base/bind.h"
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
 #include "chrome/browser/ui/chrome_select_file_policy.h"
 #include "chrome/common/net/x509_certificate_model.h"
 #include "content/public/browser/browser_thread.h"
@@ skipping 40 matching lines @@
   return "-----BEGIN CERTIFICATE-----\r\n" +
       WrapAt64(base64) +
       "-----END CERTIFICATE-----\r\n";
 }
 
 ////////////////////////////////////////////////////////////////////////////////
 // General utility functions.
 
 class Exporter : public ui::SelectFileDialog::Listener {
  public:
-  Exporter(WebContents* web_contents, gfx::NativeWindow parent,
-           net::X509Certificate::OSCertHandle cert);
+  Exporter(WebContents* web_contents,
+           gfx::NativeWindow parent,
+           net::X509Certificate::OSCertHandles::iterator certs_begin,
+           net::X509Certificate::OSCertHandles::iterator certs_end);
   virtual ~Exporter();
 
   // SelectFileDialog::Listener implemenation.
   virtual void FileSelected(const base::FilePath& path,
                             int index, void* params) OVERRIDE;
   virtual void FileSelectionCanceled(void* params) OVERRIDE;
  private:
   scoped_refptr<ui::SelectFileDialog> select_file_dialog_;
 
   // The certificate hierarchy (leaf cert first).
   net::X509Certificate::OSCertHandles cert_chain_list_;
 };
 
 Exporter::Exporter(WebContents* web_contents,
                    gfx::NativeWindow parent,
-                   net::X509Certificate::OSCertHandle cert)
+                   net::X509Certificate::OSCertHandles::iterator certs_begin,
+                   net::X509Certificate::OSCertHandles::iterator certs_end)
     : select_file_dialog_(ui::SelectFileDialog::Create(
-        this, new ChromeSelectFilePolicy(web_contents))) {
-  x509_certificate_model::GetCertChainFromCert(cert, &cert_chain_list_);
+          this,
+          new ChromeSelectFilePolicy(web_contents))) {
+  DCHECK(certs_begin != certs_end);
+  for (net::X509Certificate::OSCertHandles::iterator i = certs_begin;
+       i != certs_end;
+       ++i) {
+    cert_chain_list_.push_back(net::X509Certificate::DupOSCertHandle(*i));
+  }
 
   // TODO(mattm): should this default to some directory?
   // Maybe SavePackage::GetSaveDirPreference? (Except that it's private.)
-  std::string cert_title = x509_certificate_model::GetTitle(cert);
+  std::string cert_title = x509_certificate_model::GetTitle(*certs_begin);
   base::FilePath suggested_path =
       net::GenerateFileName(GURL::EmptyGURL(),  // url
                             std::string(),      // content_disposition
                             std::string(),      // referrer_charset
                             cert_title,         // suggested_name
                             std::string(),      // mime_type
                             "certificate");     // default_name
 
   ShowCertSelectFileDialog(select_file_dialog_.get(),
                            ui::SelectFileDialog::SELECT_SAVEAS_FILE,
                            suggested_path,
                            parent,
                            NULL);
 }
 
 Exporter::~Exporter() {
   // There may be pending file dialogs, we need to tell them that we've gone
   // away so they don't try and call back to us.
   if (select_file_dialog_.get())
     select_file_dialog_->ListenerDestroyed();
 
-  x509_certificate_model::DestroyCertChain(&cert_chain_list_);
+  std::for_each(cert_chain_list_.begin(),
+                cert_chain_list_.end(),
+                &net::X509Certificate::FreeOSCertHandle);
 }
 
 void Exporter::FileSelected(const base::FilePath& path, int index,
                             void* params) {
   std::string data;
   switch (index) {
     case 2:
       for (size_t i = 0; i < cert_chain_list_.size(); ++i)
         data += GetBase64String(cert_chain_list_[i]);
       break;
@@ skipping 53 matching lines @@
   select_file_dialog->SelectFile(
       type, base::string16(),
       suggested_path, &file_type_info,
       1,  // 1-based index for |file_type_info.extensions| to specify default.
       FILE_PATH_LITERAL("crt"),
       parent, params);
 }
 
 void ShowCertExportDialog(WebContents* web_contents,
                           gfx::NativeWindow parent,
-                          net::X509Certificate::OSCertHandle cert) {
-  new Exporter(web_contents, parent, cert);
+                          const scoped_refptr<net::X509Certificate>& cert) {
+  net::X509Certificate::OSCertHandles cert_chain;
+  cert_chain.push_back(cert->os_cert_handle());
+  const net::X509Certificate::OSCertHandles& certs =
+      cert->GetIntermediateCertificates();
+  cert_chain.insert(cert_chain.end(), certs.begin(), certs.end());
+  new Exporter(web_contents, parent, cert_chain.begin(), cert_chain.end());
 }
+
+void ShowCertExportDialog(
+    content::WebContents* web_contents,
+    gfx::NativeWindow parent,
+    net::X509Certificate::OSCertHandles::iterator certs_begin,
+    net::X509Certificate::OSCertHandles::iterator certs_end) {
+  new Exporter(web_contents, parent, certs_begin, certs_end);
+}