From 64369cd07fa2b90dbe4aa978bd7baf32721b1cae Mon Sep 17 00:00:00 2001
From: joshaber <joshaber@gmail.com>
Date: Thu, 30 Mar 2017 17:25:44 -0400
Subject: [PATCH] Show a certificate trust panel

---
 atom/browser/api/atom_api_certificate_trust.h | 33 +++++++++++++
 .../api/atom_api_certificate_trust_mac.mm     | 48 +++++++++++++++++++
 2 files changed, 81 insertions(+)
 create mode 100644 atom/browser/api/atom_api_certificate_trust.h
 create mode 100644 atom/browser/api/atom_api_certificate_trust_mac.mm

diff --git a/atom/browser/api/atom_api_certificate_trust.h b/atom/browser/api/atom_api_certificate_trust.h
new file mode 100644
index 000000000000..c3e6994b3baf
--- /dev/null
+++ b/atom/browser/api/atom_api_certificate_trust.h
@@ -0,0 +1,33 @@
+// Copyright (c) 2017 GitHub, Inc.
+// Use of this source code is governed by the MIT license that can be
+// found in the LICENSE file.
+
+#ifndef ATOM_BROWSER_API_ATOM_API_CERTIFICATE_TRUST_H_
+#define ATOM_BROWSER_API_ATOM_API_CERTIFICATE_TRUST_H_
+
+#include <string>
+
+#include "base/callback_forward.h"
+
+namespace net {
+class X509Certificate;
+}  // namespace net
+
+namespace atom {
+
+class NativeWindow;
+
+namespace api {
+
+typedef base::Callback<void(bool result)> ShowTrustCallback;
+
+void ShowCertificateTrustUI(atom::NativeWindow* parent_window,
+                            const net::X509Certificate& cert,
+                            std::string message,
+                            const ShowTrustCallback& callback);
+
+}  // namespace api
+
+}  // namespace atom
+
+#endif  // ATOM_BROWSER_API_ATOM_API_CERTIFICATE_TRUST_H_
diff --git a/atom/browser/api/atom_api_certificate_trust_mac.mm b/atom/browser/api/atom_api_certificate_trust_mac.mm
new file mode 100644
index 000000000000..c0109d9f45a7
--- /dev/null
+++ b/atom/browser/api/atom_api_certificate_trust_mac.mm
@@ -0,0 +1,48 @@
+// Copyright (c) 2017 GitHub, Inc.
+// Use of this source code is governed by the MIT license that can be
+// found in the LICENSE file.
+
+#include "atom/browser/api/atom_api_certificate_trust.h"
+
+#import <Cocoa/Cocoa.h>
+#import <CoreServices/CoreServices.h>
+#import <SecurityInterface/SFCertificateTrustPanel.h>
+
+#include "atom/browser/native_window.h"
+#include "base/files/file_util.h"
+#include "base/mac/foundation_util.h"
+#include "base/mac/mac_util.h"
+#include "base/mac/scoped_cftyperef.h"
+#include "base/strings/sys_string_conversions.h"
+#include "net/cert/x509_certificate.h"
+
+namespace atom {
+
+namespace api {
+
+void ShowCertificateTrustUI(atom::NativeWindow* parent_window,
+                            const net::X509Certificate& cert,
+                            std::string message,
+                            const ShowTrustCallback& callback) {
+  auto sec_policy = SecPolicyCreateBasicX509();
+  SecTrustRef trust = nullptr;
+  SecTrustCreateWithCertificates(cert.CreateOSCertChainForCert(), sec_policy, &trust);
+  // CFRelease(sec_policy);
+
+  NSWindow* window = parent_window ?
+      parent_window->GetNativeWindow() :
+      NULL;
+
+  auto msg = base::SysUTF8ToNSString(message);
+
+  SFCertificateTrustPanel *panel = [[SFCertificateTrustPanel alloc] init];
+  [panel beginSheetForWindow:window modalDelegate:nil didEndSelector:NULL contextInfo:NULL trust:trust message:msg];
+
+  callback.Run(true);
+  // CFRelease(trust);
+  // [panel release];
+}
+
+}  // namespace api
+
+}  // namespace atom