1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
// Copyright (c) 2009 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/ssl/ssl_client_auth_handler.h"
#if defined (OS_WIN)
#include <cryptuiapi.h>
#pragma comment(lib, "cryptui.lib")
#endif
#include "app/l10n_util.h"
#include "base/message_loop.h"
#include "base/string_util.h"
#include "chrome/browser/browser_list.h"
#include "chrome/browser/browser.h"
#include "chrome/browser/browser_window.h"
#include "grit/generated_resources.h"
#include "net/url_request/url_request.h"
SSLClientAuthHandler::SSLClientAuthHandler(
URLRequest* request,
net::SSLCertRequestInfo* cert_request_info,
MessageLoop* io_loop,
MessageLoop* ui_loop)
: request_(request),
cert_request_info_(cert_request_info),
io_loop_(io_loop),
ui_loop_(ui_loop) {
// Keep us alive until a cert is selected.
AddRef();
}
SSLClientAuthHandler::~SSLClientAuthHandler() {
}
void SSLClientAuthHandler::OnRequestCancelled() {
request_ = NULL;
}
void SSLClientAuthHandler::SelectCertificate() {
// Let's move the request to the UI thread.
ui_loop_->PostTask(FROM_HERE, NewRunnableMethod(this,
&SSLClientAuthHandler::DoSelectCertificate));
}
void SSLClientAuthHandler::DoSelectCertificate() {
net::X509Certificate* cert = NULL;
#if defined(OS_WIN)
// TODO(jcampan): replace this with our own cert selection dialog.
// CryptUIDlgSelectCertificateFromStore is blocking (but still processes
// Windows messages), which is scary.
HCERTSTORE client_certs = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, NULL,
0, NULL);
BOOL ok;
for (size_t i = 0; i < cert_request_info_->client_certs.size(); ++i) {
PCCERT_CONTEXT cc = cert_request_info_->client_certs[i]->os_cert_handle();
ok = CertAddCertificateContextToStore(client_certs, cc,
CERT_STORE_ADD_ALWAYS, NULL);
DCHECK(ok);
}
HWND browser_hwnd = NULL;
Browser* browser = BrowserList::GetLastActive();
if (browser)
browser_hwnd = browser->window()->GetNativeHandle();
std::wstring title = l10n_util::GetString(IDS_CLIENT_CERT_DIALOG_TITLE);
std::wstring text = l10n_util::GetStringF(
IDS_CLIENT_CERT_DIALOG_TEXT,
ASCIIToWide(cert_request_info_->host_and_port));
PCCERT_CONTEXT cert_context = CryptUIDlgSelectCertificateFromStore(
client_certs, browser_hwnd, title.c_str(), text.c_str(), 0, 0, NULL);
if (cert_context) {
cert = net::X509Certificate::CreateFromHandle(
cert_context,
net::X509Certificate::SOURCE_LONE_CERT_IMPORT);
}
ok = CertCloseStore(client_certs, CERT_CLOSE_STORE_CHECK_FLAG);
DCHECK(ok);
#else
NOTIMPLEMENTED();
#endif
// Notify the IO thread that we have selected a cert.
io_loop_->PostTask(FROM_HERE, NewRunnableMethod(this,
&SSLClientAuthHandler::CertificateSelected, cert));
}
void SSLClientAuthHandler::CertificateSelected(net::X509Certificate* cert) {
// request_ could have been NULLed if the request was cancelled while the user
// was choosing a cert.
if (request_)
request_->ContinueWithCertificate(cert);
// We are done.
Release();
}
|
