mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions 1

feat: Implement password delegate for NSS (#41205)

Browse source 
* feat: Implement password delegate for NSS (#41188)

Introduce an app event client-certificate-request-password. It allows
the user to display a UI to prompt for the password.

An alternative would have been to implement a class similar to
CryptoModulePasswordDialogView, to provide the UI. This might have been
simpler for the user, comparing to letting them implement the UI. But it
seems like electron does not have an i18n framework, so it's not
possible to provide a locale aware UI.

* fix lint:markdown error

* address review comments

* use a trampoline handler in JS. The api exposed is now app.setClientCertRequestPasswordHandler
* use properties on the Event object instead of positional parameters
* remove ChromeNSSCryptoModuleDelegate::OnPassword in favor of args->GetNext(&password_)

* address review comments second round

- backslash escape parametrized TypeScript
- rename hostName param to hostname
- use base::ScopedAllowBaseSyncPrimitivesForTesting
- and then, rename ChromeNSSCryptoModuleDelegate to ElectronNSSCryptoModuleDelegate

* Update docs/api/app.md

Co-authored-by: Sam Maddock <samuel.maddock@gmail.com>

* Update docs/api/app.md

Co-authored-by: Erick Zhao <erick@hotmail.ca>

---------

Co-authored-by: Arno Renevier <arnaud@switchboard.app>
Co-authored-by: Sam Maddock <samuel.maddock@gmail.com>
Co-authored-by: Erick Zhao <erick@hotmail.ca>
This commit is contained in:
arno renevier 2024-07-17 06:48:03 -07:00 committed by GitHub
parent c210ae9b33
commit 81bdba67ec
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 173 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
shell/browser/electron_browser_client.cc
View file

@ -128,6 +128,7 @@
#if BUILDFLAG(USE_NSS_CERTS)
#include "net/ssl/client_cert_store_nss.h"
#include "shell/browser/electron_crypto_module_delegate_nss.h"
#elif BUILDFLAG(IS_WIN)
#include "net/ssl/client_cert_store_win.h"
#elif BUILDFLAG(IS_MAC)
@ -783,7 +784,11 @@ ElectronBrowserClient::CreateClientCertStore(
content::BrowserContext* browser_context) {
#if BUILDFLAG(USE_NSS_CERTS)
return std::make_unique<net::ClientCertStoreNSS>(
net::ClientCertStoreNSS::PasswordDelegateFactory());
base::BindRepeating([](const net::HostPortPair& server) {
crypto::CryptoModuleBlockingPasswordDelegate* delegate =
new ElectronNSSCryptoModuleDelegate(server);
return delegate;
}));
#elif BUILDFLAG(IS_WIN)
return std::make_unique<net::ClientCertStoreWin>();
#elif BUILDFLAG(IS_MAC)