diff options
| -rw-r--r-- | chrome/browser/ui/certificate_dialogs.cc | 44 | ||||
| -rw-r--r-- | chrome/browser/ui/certificate_dialogs.h | 11 | ||||
| -rw-r--r-- | chrome/browser/ui/webui/certificate_viewer_webui.cc | 26 | ||||
| -rw-r--r-- | chrome/browser/ui/webui/certificate_viewer_webui.h | 3 | ||||
| -rw-r--r-- | chrome/browser/ui/webui/options/certificate_manager_handler.cc | 3 | ||||
| -rw-r--r-- | chrome/common/net/x509_certificate_model.h | 4 | ||||
| -rw-r--r-- | chrome/common/net/x509_certificate_model_nss.cc | 20 | ||||
| -rw-r--r-- | chrome/common/net/x509_certificate_model_openssl.cc | 13 |
8 files changed, 63 insertions, 61 deletions
diff --git a/chrome/browser/ui/certificate_dialogs.cc b/chrome/browser/ui/certificate_dialogs.cc index 79edfd3..4988e79 100644 --- a/chrome/browser/ui/certificate_dialogs.cc +++ b/chrome/browser/ui/certificate_dialogs.cc @@ -4,7 +4,7 @@ #include "chrome/browser/ui/certificate_dialogs.h" - +#include <algorithm> #include <vector> #include "base/base64.h" @@ -65,8 +65,10 @@ std::string GetBase64String(net::X509Certificate::OSCertHandle cert) { class Exporter : public ui::SelectFileDialog::Listener { public: - Exporter(WebContents* web_contents, gfx::NativeWindow parent, - net::X509Certificate::OSCertHandle cert); + Exporter(WebContents* web_contents, + gfx::NativeWindow parent, + net::X509Certificate::OSCertHandles::iterator certs_begin, + net::X509Certificate::OSCertHandles::iterator certs_end); virtual ~Exporter(); // SelectFileDialog::Listener implemenation. @@ -82,14 +84,21 @@ class Exporter : public ui::SelectFileDialog::Listener { Exporter::Exporter(WebContents* web_contents, gfx::NativeWindow parent, - net::X509Certificate::OSCertHandle cert) + net::X509Certificate::OSCertHandles::iterator certs_begin, + net::X509Certificate::OSCertHandles::iterator certs_end) : select_file_dialog_(ui::SelectFileDialog::Create( - this, new ChromeSelectFilePolicy(web_contents))) { - x509_certificate_model::GetCertChainFromCert(cert, &cert_chain_list_); + this, + new ChromeSelectFilePolicy(web_contents))) { + DCHECK(certs_begin != certs_end); + for (net::X509Certificate::OSCertHandles::iterator i = certs_begin; + i != certs_end; + ++i) { + cert_chain_list_.push_back(net::X509Certificate::DupOSCertHandle(*i)); + } // TODO(mattm): should this default to some directory? // Maybe SavePackage::GetSaveDirPreference? (Except that it's private.) - std::string cert_title = x509_certificate_model::GetTitle(cert); + std::string cert_title = x509_certificate_model::GetTitle(*certs_begin); base::FilePath suggested_path = net::GenerateFileName(GURL::EmptyGURL(), // url std::string(), // content_disposition @@ -111,7 +120,9 @@ Exporter::~Exporter() { if (select_file_dialog_.get()) select_file_dialog_->ListenerDestroyed(); - x509_certificate_model::DestroyCertChain(&cert_chain_list_); + std::for_each(cert_chain_list_.begin(), + cert_chain_list_.end(), + &net::X509Certificate::FreeOSCertHandle); } void Exporter::FileSelected(const base::FilePath& path, int index, @@ -185,6 +196,19 @@ void ShowCertSelectFileDialog(ui::SelectFileDialog* select_file_dialog, void ShowCertExportDialog(WebContents* web_contents, gfx::NativeWindow parent, - net::X509Certificate::OSCertHandle cert) { - new Exporter(web_contents, parent, cert); + const scoped_refptr<net::X509Certificate>& cert) { + net::X509Certificate::OSCertHandles cert_chain; + cert_chain.push_back(cert->os_cert_handle()); + const net::X509Certificate::OSCertHandles& certs = + cert->GetIntermediateCertificates(); + cert_chain.insert(cert_chain.end(), certs.begin(), certs.end()); + new Exporter(web_contents, parent, cert_chain.begin(), cert_chain.end()); +} + +void ShowCertExportDialog( + content::WebContents* web_contents, + gfx::NativeWindow parent, + net::X509Certificate::OSCertHandles::iterator certs_begin, + net::X509Certificate::OSCertHandles::iterator certs_end) { + new Exporter(web_contents, parent, certs_begin, certs_end); } diff --git a/chrome/browser/ui/certificate_dialogs.h b/chrome/browser/ui/certificate_dialogs.h index 9787ffc..a4f1856 100644 --- a/chrome/browser/ui/certificate_dialogs.h +++ b/chrome/browser/ui/certificate_dialogs.h @@ -18,8 +18,17 @@ void ShowCertSelectFileDialog(ui::SelectFileDialog* select_file_dialog, gfx::NativeWindow parent, void* params); +// Show a dialog to save |cert| alone or the cert + its chain. void ShowCertExportDialog(content::WebContents* web_contents, gfx::NativeWindow parent, - net::X509Certificate::OSCertHandle cert); + const scoped_refptr<net::X509Certificate>& cert); + +// Show a dialog to save the first certificate or the whole chain encompassed by +// the iterators. +void ShowCertExportDialog( + content::WebContents* web_contents, + gfx::NativeWindow parent, + net::X509Certificate::OSCertHandles::iterator certs_begin, + net::X509Certificate::OSCertHandles::iterator certs_end); #endif // CHROME_BROWSER_UI_CERTIFICATE_DIALOGS_H_ diff --git a/chrome/browser/ui/webui/certificate_viewer_webui.cc b/chrome/browser/ui/webui/certificate_viewer_webui.cc index 4969b3e..b5370d3 100644 --- a/chrome/browser/ui/webui/certificate_viewer_webui.cc +++ b/chrome/browser/ui/webui/certificate_viewer_webui.cc @@ -42,11 +42,10 @@ CertificateViewerModalDialog::CertificateViewerModalDialog( net::X509Certificate* cert) : cert_(cert), webui_(NULL), window_(NULL) { // Construct the dialog title from the certificate. - net::X509Certificate::OSCertHandles cert_chain; - x509_certificate_model::GetCertChainFromCert(cert_->os_cert_handle(), - &cert_chain); - title_ = l10n_util::GetStringFUTF16(IDS_CERT_INFO_DIALOG_TITLE, - base::UTF8ToUTF16(x509_certificate_model::GetTitle(cert_chain.front()))); + title_ = l10n_util::GetStringFUTF16( + IDS_CERT_INFO_DIALOG_TITLE, + base::UTF8ToUTF16( + x509_certificate_model::GetTitle(cert_->os_cert_handle()))); } CertificateViewerModalDialog::~CertificateViewerModalDialog() { @@ -103,7 +102,10 @@ std::string CertificateViewerModalDialog::GetDialogArgs() const { // Get the certificate chain. net::X509Certificate::OSCertHandles cert_chain; - x509_certificate_model::GetCertChainFromCert(cert_hnd, &cert_chain); + cert_chain.push_back(cert_->os_cert_handle()); + const net::X509Certificate::OSCertHandles& certs = + cert_->GetIntermediateCertificates(); + cert_chain.insert(cert_chain.end(), certs.begin(), certs.end()); // Certificate usage. std::vector<std::string> usages; @@ -251,9 +253,12 @@ ui::ModalType CertificateViewerDialog::GetDialogModalType() const { CertificateViewerDialogHandler::CertificateViewerDialogHandler( CertificateViewerModalDialog* dialog, - net::X509Certificate* cert) : cert_(cert), dialog_(dialog) { - x509_certificate_model::GetCertChainFromCert(cert_->os_cert_handle(), - &cert_chain_); + net::X509Certificate* cert) + : cert_(cert), dialog_(dialog) { + cert_chain_.push_back(cert_->os_cert_handle()); + const net::X509Certificate::OSCertHandles& certs = + cert_->GetIntermediateCertificates(); + cert_chain_.insert(cert_chain_.end(), certs.begin(), certs.end()); } CertificateViewerDialogHandler::~CertificateViewerDialogHandler() { @@ -278,7 +283,8 @@ void CertificateViewerDialogHandler::ExportCertificate( platform_util::GetTopLevel(dialog_->GetNativeWebContentsModalDialog()); ShowCertExportDialog(web_ui()->GetWebContents(), window, - cert_chain_[cert_index]); + cert_chain_.begin() + cert_index, + cert_chain_.end()); } void CertificateViewerDialogHandler::RequestCertificateFields( diff --git a/chrome/browser/ui/webui/certificate_viewer_webui.h b/chrome/browser/ui/webui/certificate_viewer_webui.h index 29e5ea6..4873bae 100644 --- a/chrome/browser/ui/webui/certificate_viewer_webui.h +++ b/chrome/browser/ui/webui/certificate_viewer_webui.h @@ -133,7 +133,8 @@ class CertificateViewerDialogHandler : public content::WebUIMessageHandler { // The dialog. CertificateViewerModalDialog* dialog_; - // The certificate chain. + // The certificate chain. Does not take references, so only valid as long as + // |cert_| is. net::X509Certificate::OSCertHandles cert_chain_; DISALLOW_COPY_AND_ASSIGN(CertificateViewerDialogHandler); diff --git a/chrome/browser/ui/webui/options/certificate_manager_handler.cc b/chrome/browser/ui/webui/options/certificate_manager_handler.cc index f5d3573..1335edc 100644 --- a/chrome/browser/ui/webui/options/certificate_manager_handler.cc +++ b/chrome/browser/ui/webui/options/certificate_manager_handler.cc @@ -983,8 +983,7 @@ void CertificateManagerHandler::Export(const base::ListValue* args) { net::X509Certificate* cert = cert_id_map_->CallbackArgsToCert(args); if (!cert) return; - ShowCertExportDialog(web_ui()->GetWebContents(), GetParentWindow(), - cert->os_cert_handle()); + ShowCertExportDialog(web_ui()->GetWebContents(), GetParentWindow(), cert); } void CertificateManagerHandler::Delete(const base::ListValue* args) { diff --git a/chrome/common/net/x509_certificate_model.h b/chrome/common/net/x509_certificate_model.h index e990828..1a5d350 100644 --- a/chrome/common/net/x509_certificate_model.h +++ b/chrome/common/net/x509_certificate_model.h @@ -86,10 +86,6 @@ std::string HashCertSHA1(net::X509Certificate::OSCertHandle cert_handle); // decoded U-label form. Otherwise, the string will be returned as is. std::string ProcessIDN(const std::string& input); -void GetCertChainFromCert(net::X509Certificate::OSCertHandle cert_handle, - net::X509Certificate::OSCertHandles* cert_handles); -void DestroyCertChain(net::X509Certificate::OSCertHandles* cert_handles); - std::string GetCMSString(const net::X509Certificate::OSCertHandles& cert_chain, size_t start, size_t end); diff --git a/chrome/common/net/x509_certificate_model_nss.cc b/chrome/common/net/x509_certificate_model_nss.cc index 4648415..7f9b343 100644 --- a/chrome/common/net/x509_certificate_model_nss.cc +++ b/chrome/common/net/x509_certificate_model_nss.cc @@ -223,26 +223,6 @@ string HashCertSHA1(X509Certificate::OSCertHandle cert_handle) { return HashCert(cert_handle, HASH_AlgSHA1, SHA1_LENGTH); } -void GetCertChainFromCert(X509Certificate::OSCertHandle cert_handle, - X509Certificate::OSCertHandles* cert_handles) { - CERTCertList* cert_list = - CERT_GetCertChainFromCert(cert_handle, PR_Now(), certUsageSSLServer); - CERTCertListNode* node; - for (node = CERT_LIST_HEAD(cert_list); - !CERT_LIST_END(node, cert_list); - node = CERT_LIST_NEXT(node)) { - cert_handles->push_back(CERT_DupCertificate(node->cert)); - } - CERT_DestroyCertList(cert_list); -} - -void DestroyCertChain(X509Certificate::OSCertHandles* cert_handles) { - for (X509Certificate::OSCertHandles::iterator i(cert_handles->begin()); - i != cert_handles->end(); ++i) - CERT_DestroyCertificate(*i); - cert_handles->clear(); -} - string GetCMSString(const X509Certificate::OSCertHandles& cert_chain, size_t start, size_t end) { crypto::ScopedPLArenaPool arena(PORT_NewArena(1024)); diff --git a/chrome/common/net/x509_certificate_model_openssl.cc b/chrome/common/net/x509_certificate_model_openssl.cc index c553afe..4da1c45 100644 --- a/chrome/common/net/x509_certificate_model_openssl.cc +++ b/chrome/common/net/x509_certificate_model_openssl.cc @@ -1136,19 +1136,6 @@ std::string HashCertSHA1(net::X509Certificate::OSCertHandle cert_handle) { return ProcessRawBytes(sha1_data, sha1_size); } -void GetCertChainFromCert(net::X509Certificate::OSCertHandle cert_handle, - net::X509Certificate::OSCertHandles* cert_handles) { - // TODO(bulach): how to get the chain out of a certificate? - cert_handles->push_back(net::X509Certificate::DupOSCertHandle(cert_handle)); -} - -void DestroyCertChain(net::X509Certificate::OSCertHandles* cert_handles) { - for (net::X509Certificate::OSCertHandles::iterator i = cert_handles->begin(); - i != cert_handles->end(); ++i) - X509_free(*i); - cert_handles->clear(); -} - std::string GetCMSString(const net::X509Certificate::OSCertHandles& cert_chain, size_t start, size_t end) { STACK_OF(X509)* certs = sk_X509_new_null(); |