tighten up indenting
This commit is contained in:
parent
50af70a0e8
commit
5151107c28
1 changed files with 78 additions and 84 deletions
|
@ -12,131 +12,125 @@
|
|||
|
||||
namespace certificate_trust {
|
||||
|
||||
BOOL AddCertificateAndRefresh(
|
||||
const HCERTSTORE certStore,
|
||||
const PCCERT_CONTEXT certContext,
|
||||
const scoped_refptr<net::X509Certificate>& cert) {
|
||||
auto result = CertAddCertificateContextToStore(
|
||||
certStore,
|
||||
certContext,
|
||||
CERT_STORE_ADD_REPLACE_EXISTING,
|
||||
NULL);
|
||||
BOOL AddCertificate(const HCERTSTORE certStore,
|
||||
const PCCERT_CONTEXT certContext,
|
||||
const scoped_refptr<net::X509Certificate>& cert) {
|
||||
auto result = CertAddCertificateContextToStore(
|
||||
certStore,
|
||||
certContext,
|
||||
CERT_STORE_ADD_REPLACE_EXISTING,
|
||||
NULL);
|
||||
|
||||
if (result) {
|
||||
auto cert_db = net::CertDatabase::GetInstance();
|
||||
// Force Chromium to reload the certificate since it might be trusted
|
||||
// now.
|
||||
cert_db->NotifyObserversCertDBChanged(cert.get());
|
||||
}
|
||||
if (result) {
|
||||
// force Chromium to reload it's database for this certificate
|
||||
auto cert_db = net::CertDatabase::GetInstance();
|
||||
cert_db->NotifyObserversCertDBChanged(cert.get());
|
||||
}
|
||||
|
||||
return result;
|
||||
return result;
|
||||
}
|
||||
|
||||
|
||||
// Add the provided certificate to the Trusted Root
|
||||
// Certificate Authorities store for the current user.
|
||||
// Add the provided certificate to the Trusted Root Certificate Authorities
|
||||
// store for the current user.
|
||||
//
|
||||
// This requires prompting the user to confirm they
|
||||
// trust the certificate.
|
||||
// This requires prompting the user to confirm they trust the certificate.
|
||||
BOOL AddToTrustedRootStore(const PCCERT_CONTEXT certContext,
|
||||
const scoped_refptr<net::X509Certificate>& cert) {
|
||||
auto rootCertStore = CertOpenStore(
|
||||
CERT_STORE_PROV_SYSTEM,
|
||||
0,
|
||||
NULL,
|
||||
CERT_SYSTEM_STORE_CURRENT_USER,
|
||||
L"Root");
|
||||
auto rootCertStore = CertOpenStore(
|
||||
CERT_STORE_PROV_SYSTEM,
|
||||
0,
|
||||
NULL,
|
||||
CERT_SYSTEM_STORE_CURRENT_USER,
|
||||
L"Root");
|
||||
|
||||
if (rootCertStore == NULL) {
|
||||
// could not resolve the certificate store, giving up
|
||||
return false;
|
||||
}
|
||||
if (rootCertStore == NULL) {
|
||||
return false;
|
||||
}
|
||||
|
||||
auto result = AddCertificateAndRefresh(rootCertStore, certContext, cert);
|
||||
auto result = AddCertificate(rootCertStore, certContext, cert);
|
||||
|
||||
CertCloseStore(rootCertStore, CERT_CLOSE_STORE_FORCE_FLAG);
|
||||
CertCloseStore(rootCertStore, CERT_CLOSE_STORE_FORCE_FLAG);
|
||||
|
||||
return result;
|
||||
return result;
|
||||
}
|
||||
|
||||
// Add the provided certificate to the Personal
|
||||
// certificate store for the current user.
|
||||
BOOL AddToPersonalStore(const PCCERT_CONTEXT certContext,
|
||||
const scoped_refptr<net::X509Certificate>& cert) {
|
||||
auto userCertStore = CertOpenStore(
|
||||
CERT_STORE_PROV_SYSTEM,
|
||||
0,
|
||||
NULL,
|
||||
CERT_SYSTEM_STORE_CURRENT_USER,
|
||||
L"My");
|
||||
auto userCertStore = CertOpenStore(
|
||||
CERT_STORE_PROV_SYSTEM,
|
||||
0,
|
||||
NULL,
|
||||
CERT_SYSTEM_STORE_CURRENT_USER,
|
||||
L"My");
|
||||
|
||||
if (userCertStore == NULL) {
|
||||
// could not resolve the certificate store, giving up
|
||||
return false;
|
||||
}
|
||||
if (userCertStore == NULL) {
|
||||
return false;
|
||||
}
|
||||
|
||||
auto result = AddCertificateAndRefresh(userCertStore, certContext, cert);
|
||||
auto result = AddCertificate(userCertStore, certContext, cert);
|
||||
|
||||
CertCloseStore(userCertStore, CERT_CLOSE_STORE_FORCE_FLAG);
|
||||
CertCloseStore(userCertStore, CERT_CLOSE_STORE_FORCE_FLAG);
|
||||
|
||||
return result;
|
||||
return result;
|
||||
}
|
||||
|
||||
CERT_CHAIN_PARA GetCertificateChainParameters() {
|
||||
CERT_ENHKEY_USAGE enhkeyUsage;
|
||||
enhkeyUsage.cUsageIdentifier = 0;
|
||||
enhkeyUsage.rgpszUsageIdentifier = NULL;
|
||||
CERT_ENHKEY_USAGE enhkeyUsage;
|
||||
enhkeyUsage.cUsageIdentifier = 0;
|
||||
enhkeyUsage.rgpszUsageIdentifier = NULL;
|
||||
|
||||
CERT_USAGE_MATCH CertUsage;
|
||||
// ensure the rules are applied to the entire chain
|
||||
CertUsage.dwType = USAGE_MATCH_TYPE_AND;
|
||||
CertUsage.Usage = enhkeyUsage;
|
||||
CERT_USAGE_MATCH CertUsage;
|
||||
// ensure the rules are applied to the entire chain
|
||||
CertUsage.dwType = USAGE_MATCH_TYPE_AND;
|
||||
CertUsage.Usage = enhkeyUsage;
|
||||
|
||||
CERT_CHAIN_PARA params = { sizeof(CERT_CHAIN_PARA) };
|
||||
params.RequestedUsage = CertUsage;
|
||||
CERT_CHAIN_PARA params = { sizeof(CERT_CHAIN_PARA) };
|
||||
params.RequestedUsage = CertUsage;
|
||||
|
||||
return params;
|
||||
return params;
|
||||
}
|
||||
|
||||
void ShowCertificateTrust(atom::NativeWindow* parent_window,
|
||||
const scoped_refptr<net::X509Certificate>& cert,
|
||||
const std::string& message,
|
||||
const ShowTrustCallback& callback) {
|
||||
PCCERT_CHAIN_CONTEXT chainContext;
|
||||
PCCERT_CHAIN_CONTEXT chainContext;
|
||||
|
||||
auto pCertContext = cert->CreateOSCertChainForCert();
|
||||
auto pCertContext = cert->CreateOSCertChainForCert();
|
||||
|
||||
auto params = GetCertificateChainParameters();
|
||||
auto params = GetCertificateChainParameters();
|
||||
|
||||
if (CertGetCertificateChain(NULL,
|
||||
pCertContext,
|
||||
NULL,
|
||||
NULL,
|
||||
¶ms,
|
||||
NULL,
|
||||
NULL,
|
||||
&chainContext)) {
|
||||
switch (chainContext->TrustStatus.dwErrorStatus) {
|
||||
case CERT_TRUST_NO_ERROR:
|
||||
AddToPersonalStore(pCertContext, cert);
|
||||
break;
|
||||
if (CertGetCertificateChain(NULL,
|
||||
pCertContext,
|
||||
NULL,
|
||||
NULL,
|
||||
¶ms,
|
||||
NULL,
|
||||
NULL,
|
||||
&chainContext)) {
|
||||
switch (chainContext->TrustStatus.dwErrorStatus) {
|
||||
case CERT_TRUST_NO_ERROR:
|
||||
AddToPersonalStore(pCertContext, cert);
|
||||
break;
|
||||
|
||||
case CERT_TRUST_IS_UNTRUSTED_ROOT:
|
||||
case CERT_TRUST_IS_SELF_SIGNED:
|
||||
AddToTrustedRootStore(pCertContext, cert);
|
||||
break;
|
||||
case CERT_TRUST_IS_UNTRUSTED_ROOT:
|
||||
case CERT_TRUST_IS_SELF_SIGNED:
|
||||
AddToTrustedRootStore(pCertContext, cert);
|
||||
break;
|
||||
|
||||
default:
|
||||
// we can't handle other scenarios, giving up
|
||||
break;
|
||||
}
|
||||
|
||||
CertFreeCertificateChain(chainContext);
|
||||
default:
|
||||
// we can't handle other scenarios, giving up
|
||||
break;
|
||||
}
|
||||
|
||||
CertFreeCertificateContext(pCertContext);
|
||||
CertFreeCertificateChain(chainContext);
|
||||
}
|
||||
|
||||
callback.Run();
|
||||
CertFreeCertificateContext(pCertContext);
|
||||
|
||||
callback.Run();
|
||||
}
|
||||
|
||||
} // namespace certificate_trust
|
||||
|
|
Loading…
Reference in a new issue