OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/cert_database.h" | 5 #include "net/base/cert_database.h" |
6 | 6 |
7 #include <cert.h> | 7 #include <cert.h> |
8 #include <certdb.h> | 8 #include <certdb.h> |
9 #include <keyhi.h> | 9 #include <keyhi.h> |
10 #include <pk11pub.h> | 10 #include <pk11pub.h> |
11 #include <secmod.h> | 11 #include <secmod.h> |
12 | 12 |
13 #include "base/logging.h" | 13 #include "base/logging.h" |
14 #include "base/nss_util.h" | 14 #include "base/nss_util.h" |
| 15 #include "base/nss_util_internal.h" |
15 #include "base/scoped_ptr.h" | 16 #include "base/scoped_ptr.h" |
| 17 #include "net/base/crypto_module.h" |
16 #include "net/base/net_errors.h" | 18 #include "net/base/net_errors.h" |
17 #include "net/base/x509_certificate.h" | 19 #include "net/base/x509_certificate.h" |
18 #include "net/third_party/mozilla_security_manager/nsNSSCertificateDB.h" | 20 #include "net/third_party/mozilla_security_manager/nsNSSCertificateDB.h" |
19 #include "net/third_party/mozilla_security_manager/nsNSSCertTrust.h" | 21 #include "net/third_party/mozilla_security_manager/nsNSSCertTrust.h" |
20 #include "net/third_party/mozilla_security_manager/nsPKCS12Blob.h" | 22 #include "net/third_party/mozilla_security_manager/nsPKCS12Blob.h" |
21 | 23 |
22 // PSM = Mozilla's Personal Security Manager. | 24 // PSM = Mozilla's Personal Security Manager. |
23 namespace psm = mozilla_security_manager; | 25 namespace psm = mozilla_security_manager; |
24 | 26 |
25 namespace net { | 27 namespace net { |
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
99 !CERT_LIST_END(node, cert_list); | 101 !CERT_LIST_END(node, cert_list); |
100 node = CERT_LIST_NEXT(node)) { | 102 node = CERT_LIST_NEXT(node)) { |
101 certs->push_back(X509Certificate::CreateFromHandle( | 103 certs->push_back(X509Certificate::CreateFromHandle( |
102 node->cert, | 104 node->cert, |
103 X509Certificate::SOURCE_LONE_CERT_IMPORT, | 105 X509Certificate::SOURCE_LONE_CERT_IMPORT, |
104 X509Certificate::OSCertHandles())); | 106 X509Certificate::OSCertHandles())); |
105 } | 107 } |
106 CERT_DestroyCertList(cert_list); | 108 CERT_DestroyCertList(cert_list); |
107 } | 109 } |
108 | 110 |
| 111 CryptoModule* CertDatabase::GetDefaultModule() const { |
| 112 CryptoModule* module = |
| 113 CryptoModule::CreateFromHandle(base::GetDefaultNSSKeySlot()); |
| 114 // The module is already referenced when returned from GetDefaultNSSKeymodule, |
| 115 // so we need to deref it once. |
| 116 PK11_FreeSlot(module->os_module_handle()); |
| 117 |
| 118 return module; |
| 119 } |
| 120 |
109 int CertDatabase::ImportFromPKCS12( | 121 int CertDatabase::ImportFromPKCS12( |
110 const std::string& data, const string16& password) { | 122 net::CryptoModule* module, |
111 return psm::nsPKCS12Blob_Import(data.data(), data.size(), password); | 123 const std::string& data, |
| 124 const string16& password) { |
| 125 return psm::nsPKCS12Blob_Import(module->os_module_handle(), |
| 126 data.data(), data.size(), |
| 127 password); |
112 } | 128 } |
113 | 129 |
114 int CertDatabase::ExportToPKCS12( | 130 int CertDatabase::ExportToPKCS12( |
115 const CertificateList& certs, | 131 const CertificateList& certs, |
116 const string16& password, | 132 const string16& password, |
117 std::string* output) const { | 133 std::string* output) const { |
118 return psm::nsPKCS12Blob_Export(output, certs, password); | 134 return psm::nsPKCS12Blob_Export(output, certs, password); |
119 } | 135 } |
120 | 136 |
121 X509Certificate* CertDatabase::FindRootInList( | 137 X509Certificate* CertDatabase::FindRootInList( |
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
203 } | 219 } |
204 return true; | 220 return true; |
205 } | 221 } |
206 | 222 |
207 bool CertDatabase::IsReadOnly(const X509Certificate* cert) const { | 223 bool CertDatabase::IsReadOnly(const X509Certificate* cert) const { |
208 PK11SlotInfo* slot = cert->os_cert_handle()->slot; | 224 PK11SlotInfo* slot = cert->os_cert_handle()->slot; |
209 return slot && PK11_IsReadOnly(slot); | 225 return slot && PK11_IsReadOnly(slot); |
210 } | 226 } |
211 | 227 |
212 } // namespace net | 228 } // namespace net |
OLD | NEW |