chrome/browser/certificate_manager_model.cc

   1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/certificate_manager_model.h"
   6
   7 #include "base/bind.h"
   8 #include "base/i18n/time_formatting.h"
   9 #include "base/logging.h"
  10 #include "base/utf_string_conversions.h"
  11 #include "chrome/browser/ui/crypto_module_password_dialog.h"
  12 #include "chrome/common/net/x509_certificate_model.h"
  13 #include "net/base/crypto_module.h"
  14 #include "net/base/net_errors.h"
  15 #include "net/base/x509_certificate.h"
  16
  17 #if defined(OS_CHROMEOS)
  18 #include <cert.h>
  19
  20 #include "crypto/nss_util.h"
  21 #include "grit/generated_resources.h"
  22 #include "ui/base/l10n/l10n_util.h"
  23 #endif
  24
  25 CertificateManagerModel::CertificateManagerModel(Observer* observer)
  26     : observer_(observer) {
  27 }
  28
  29 CertificateManagerModel::~CertificateManagerModel() {
  30 }
  31
  32 void CertificateManagerModel::Refresh() {
  33   VLOG(1) << "refresh started";
  34   net::CryptoModuleList modules;
  35   cert_db_.ListModules(&modules, false);
  36   VLOG(1) << "refresh waiting for unlocking...";
  37   browser::UnlockSlotsIfNecessary(
  38       modules,
  39       browser::kCryptoModulePasswordListCerts,
  40       "",  // unused.
  41       base::Bind(&CertificateManagerModel::RefreshSlotsUnlocked,
  42                  base::Unretained(this)));
  43 }
  44
  45 void CertificateManagerModel::RefreshSlotsUnlocked() {
  46   VLOG(1) << "refresh listing certs...";
  47   cert_db_.ListCerts(&cert_list_);
  48   observer_->CertificatesRefreshed();
  49   VLOG(1) << "refresh finished";
  50 }
  51
  52 void CertificateManagerModel::FilterAndBuildOrgGroupingMap(
  53     net::CertType filter_type,
  54     CertificateManagerModel::OrgGroupingMap* map) const {
  55   for (net::CertificateList::const_iterator i = cert_list_.begin();
  56        i != cert_list_.end(); ++i) {
  57     net::X509Certificate* cert = i->get();
  58     net::CertType type =
  59         x509_certificate_model::GetType(cert->os_cert_handle());
  60     if (type != filter_type)
  61       continue;
  62
  63     std::string org;
  64     if (!cert->subject().organization_names.empty())
  65       org = cert->subject().organization_names[0];
  66     if (org.empty())
  67       org = cert->subject().GetDisplayName();
  68
  69     (*map)[org].push_back(cert);
  70   }
  71 }
  72
  73 string16 CertificateManagerModel::GetColumnText(
  74     const net::X509Certificate& cert,
  75     Column column) const {
  76   string16 rv;
  77   switch (column) {
  78     case COL_SUBJECT_NAME:
  79       rv = UTF8ToUTF16(
  80           x509_certificate_model::GetCertNameOrNickname(cert.os_cert_handle()));
  81
  82 #if defined(OS_CHROMEOS)
  83       // TODO(xiyuan): Put this into a column when we have js tree-table.
  84       if (crypto::IsTPMTokenReady() &&
  85           cert.os_cert_handle()->slot ==
  86             cert_db().GetPrivateModule()->os_module_handle()) {
  87         rv = l10n_util::GetStringFUTF16(
  88             IDS_CERT_MANAGER_HARDWARE_BACKED_KEY_FORMAT,
  89             rv,
  90             l10n_util::GetStringUTF16(IDS_CERT_MANAGER_HARDWARE_BACKED));
  91       }
  92 #endif
  93       break;
  94     case COL_CERTIFICATE_STORE:
  95       rv = UTF8ToUTF16(
  96           x509_certificate_model::GetTokenName(cert.os_cert_handle()));
  97       break;
  98     case COL_SERIAL_NUMBER:
  99       rv = ASCIIToUTF16(
 100           x509_certificate_model::GetSerialNumberHexified(
 101               cert.os_cert_handle(), ""));
 102       break;
 103     case COL_EXPIRES_ON:
 104       if (!cert.valid_expiry().is_null())
 105         rv = base::TimeFormatShortDateNumeric(cert.valid_expiry());
 106       break;
 107     default:
 108       NOTREACHED();
 109   }
 110   return rv;
 111 }
 112
 113 int CertificateManagerModel::ImportFromPKCS12(net::CryptoModule* module,
 114                                               const std::string& data,
 115                                               const string16& password,
 116                                               bool is_extractable) {
 117   int result = cert_db_.ImportFromPKCS12(module, data, password,
 118                                          is_extractable, NULL);
 119   if (result == net::OK)
 120     Refresh();
 121   return result;
 122 }
 123
 124 bool CertificateManagerModel::ImportCACerts(
 125     const net::CertificateList& certificates,
 126     net::CertDatabase::TrustBits trust_bits,
 127     net::CertDatabase::ImportCertFailureList* not_imported) {
 128   bool result = cert_db_.ImportCACerts(certificates, trust_bits, not_imported);
 129   if (result && not_imported->size() != certificates.size())
 130     Refresh();
 131   return result;
 132 }
 133
 134 bool CertificateManagerModel::ImportServerCert(
 135     const net::CertificateList& certificates,
 136     net::CertDatabase::ImportCertFailureList* not_imported) {
 137   bool result = cert_db_.ImportServerCert(certificates, not_imported);
 138   if (result && not_imported->size() != certificates.size())
 139     Refresh();
 140   return result;
 141 }
 142
 143 bool CertificateManagerModel::SetCertTrust(
 144     const net::X509Certificate* cert,
 145     net::CertType type,
 146     net::CertDatabase::TrustBits trust_bits) {
 147   return cert_db_.SetCertTrust(cert, type, trust_bits);
 148 }
 149
 150 bool CertificateManagerModel::Delete(net::X509Certificate* cert) {
 151   bool result = cert_db_.DeleteCertAndKey(cert);
 152   if (result)
 153     Refresh();
 154   return result;
 155 }