macOS: Add certificate trust API #9099
Conversation
joshaber
added
some commits
Mar 30, 2017
| + | ||
| +void ShowCertificateTrust(atom::NativeWindow* parent_window, | ||
| + const scoped_refptr<net::X509Certificate>& cert, | ||
| + std::string message, |
| @@ -68,11 +69,72 @@ v8::Local<v8::Value> Converter<scoped_refptr<net::X509Certificate>>::ToV8( | ||
| val->GetIntermediateCertificates().front(), | ||
| issuer_intermediates); | ||
| dict.Set("issuerCert", issuer_cert); | ||
| + | ||
| + std::vector<std::string> intermediates_encoded; | ||
| + for (size_t i = 0; i < intermediates.size(); i++) { |
| @@ -19,6 +19,7 @@ | ||
| #include "content/public/browser/gpu_data_manager_observer.h" | ||
| #include "native_mate/handle.h" | ||
| #include "net/base/completion_callback.h" | ||
| +#include "net/cert/x509_certificate.h" |
| + for (size_t i = 0; i < intermediates.size(); i++) { | ||
| + auto native_cert = intermediates[i]; | ||
| + std::string encoded; | ||
| + net::X509Certificate::GetPEMEncoded(native_cert, &encoded); |
kevinsawicki
Apr 3, 2017
Contributor
This method does return a bool, wonder if we should only push encoded to the vector when it returns true?
joshaber
Apr 3, 2017
Contributor
I'm a little torn on that. On the one hand, I like being careful. On the other hand, we don't have any way of signaling that "yooooo we couldn't encode this one." And if we encode some nonsense, that has the funny upside of failing when we FromV8 the certificate. On the other hand, it's hard to know exactly what shape of nonsense we'll get if this fails.
What do you think?
kevinsawicki
Apr 3, 2017
Contributor
What do you think?
Hmm, yeah, looks like we don't use the return value on the root certificate so makes sense not to use it here either, can revisit separately.
kevinsawicki
Apr 3, 2017
Contributor
Would it make sense for intermediates to be an array of objects though that is the full cert information instead of just the encoded part?
I think it could just reuse what dict.Set("issuerCert", issuer_cert); does.
joshaber
added
some commits
Apr 3, 2017
joshaber
changed the title from
[WIP] macOS: Add certificate trust API to macOS: Add certificate trust API
Apr 3, 2017
|
I believe this is ready for review Test method:
remote.app.on('certificate-error', (event, webContents, url, error, cert, cb) => {
remote.dialog.showCertificateTrustDialog(remote.getCurrentWindow(), {certificate: cert, message: "yo this is super dodgey"}, () => {})
})
fetch('https://api.github.com/zen')
|
joshaber
referenced
this pull request
in desktop/desktop
Apr 3, 2017
Open
Enterprise self-signed/untrusted certificate support #671
| + cert_db->NotifyObserversCertDBChanged(cert_.get()); | ||
| + } | ||
| + | ||
| + callback_.Run(returnCode); |
kevinsawicki
Apr 3, 2017
Contributor
Since the callback expects a bool, what do you think about comparing the value passed to the return code constants for clarity like:
callback_.Run(returnCode == NSFileHandlingPanelOKButton ? true : false);Or maybe add an else block that calls it with false and call it with true in the if block?
| + nil; | ||
| + auto msg = base::SysUTF8ToNSString(message); | ||
| + | ||
| + SFCertificateTrustPanel *panel = [[SFCertificateTrustPanel alloc] init]; |
| @@ -119,13 +121,27 @@ void ShowSaveDialog(const file_dialog::DialogSettings& settings, | ||
| } | ||
| } | ||
| +#if defined(OS_MACOSX) | ||
| +void ShowCertificateTrust(atom::NativeWindow* parent_window, |
kevinsawicki
Apr 3, 2017
Contributor
I think you can delete this method and just use the following below:
dict.SetMethod("showCertificateTrustDialog",
&certificate_trust::ShowCertificateTrust);| @@ -175,6 +175,17 @@ it is usually used to report errors in early stage of startup. If called | ||
| before the app `ready`event on Linux, the message will be emitted to stderr, | ||
| and no GUI dialog will appear. | ||
| +### `dialog.showCertificateTrustDialog(browserWindow, certificate, message, callback)` _macOS_ |
kevinsawicki
Apr 3, 2017
Contributor
If/when this gets support on other platforms there might be some additional options needed so it might be better to start this off as:
dialog.showCertificateTrustDialog(browserWindow, options, callback)You can leave the C++ signature as-is, and just pluck the options in JS like showMessageBox does.
| @@ -279,6 +279,8 @@ | ||
| 'atom/browser/ui/accelerator_util_views.cc', | ||
| 'atom/browser/ui/atom_menu_model.cc', | ||
| 'atom/browser/ui/atom_menu_model.h', | ||
| + 'atom/browser/ui/certificate_trust_mac.mm', | ||
| + 'atom/browser/ui/certificate_trust.h', |
kevinsawicki
Apr 3, 2017
Contributor
Super minor: I think the order here should be swapped, looks like . sorts before _ in other places in this list like file_dialog.h.
| + return self; | ||
| +} | ||
| + | ||
| +- (void)panelDidEnd:(NSWindow *)sheet |
| + certChain:(CFArrayRef)certChain | ||
| + secPolicy:(SecPolicyRef)secPolicy; | ||
| + | ||
| +- (void)panelDidEnd:(NSWindow *)sheet |
kevinsawicki
self-assigned this
Apr 3, 2017
joshaber
added
some commits
Apr 4, 2017
|
|
| @@ -73,6 +73,54 @@ v8::Local<v8::Value> Converter<scoped_refptr<net::X509Certificate>>::ToV8( | ||
| return dict.GetHandle(); | ||
| } | ||
| +bool CertFromData(const std::string& data, |
|
|
| + } | ||
| + | ||
| + let {certificate, message} = options | ||
| + if (certificate == null || typeof options !== 'object') { |
|
|
kevinsawicki
added
some commits
Apr 4, 2017
kevinsawicki
merged commit 3e9014c into master Apr 4, 2017
7 of 9 checks passed
|
Thanks @joshaber, great work on this |

joshaber commentedApr 3, 2017
Continuing from #9068
Add the
dialog.showCertificateTrustDialogAPI to show the OS-provided UI to let the user decide to accept and trust a self-signed or untrusted certificate:This is only the macOS-side of things. I think we can get @shiftkey to do the Windows side.
I'm opening this early because I have no idea what I'm doing and I'd welcome any feedback or advice anyone would like to provide.