Show a certificate trust panel

diff --git a/atom/browser/api/atom_api_certificate_trust.h b/atom/browser/api/atom_api_certificate_trust.h
new file mode 100644 (file)
index 0000000..c3e6994
--- /dev/null
+++ b/atom/browser/api/atom_api_certificate_trust.h
@@ -0,0 +1,33 @@
+// Copyright (c) 2017 GitHub, Inc.
+// Use of this source code is governed by the MIT license that can be
+// found in the LICENSE file.
+
+#ifndef ATOM_BROWSER_API_ATOM_API_CERTIFICATE_TRUST_H_
+#define ATOM_BROWSER_API_ATOM_API_CERTIFICATE_TRUST_H_
+
+#include <string>
+
+#include "base/callback_forward.h"
+
+namespace net {
+class X509Certificate;
+}  // namespace net
+
+namespace atom {
+
+class NativeWindow;
+
+namespace api {
+
+typedef base::Callback<void(bool result)> ShowTrustCallback;
+
+void ShowCertificateTrustUI(atom::NativeWindow* parent_window,
+                            const net::X509Certificate& cert,
+                            std::string message,
+                            const ShowTrustCallback& callback);
+
+}  // namespace api
+
+}  // namespace atom
+
+#endif  // ATOM_BROWSER_API_ATOM_API_CERTIFICATE_TRUST_H_

diff --git a/atom/browser/api/atom_api_certificate_trust_mac.mm b/atom/browser/api/atom_api_certificate_trust_mac.mm
new file mode 100644 (file)
index 0000000..c0109d9
--- /dev/null
+++ b/atom/browser/api/atom_api_certificate_trust_mac.mm
@@ -0,0 +1,48 @@
+// Copyright (c) 2017 GitHub, Inc.
+// Use of this source code is governed by the MIT license that can be
+// found in the LICENSE file.
+
+#include "atom/browser/api/atom_api_certificate_trust.h"
+
+#import <Cocoa/Cocoa.h>
+#import <CoreServices/CoreServices.h>
+#import <SecurityInterface/SFCertificateTrustPanel.h>
+
+#include "atom/browser/native_window.h"
+#include "base/files/file_util.h"
+#include "base/mac/foundation_util.h"
+#include "base/mac/mac_util.h"
+#include "base/mac/scoped_cftyperef.h"
+#include "base/strings/sys_string_conversions.h"
+#include "net/cert/x509_certificate.h"
+
+namespace atom {
+
+namespace api {
+
+void ShowCertificateTrustUI(atom::NativeWindow* parent_window,
+                            const net::X509Certificate& cert,
+                            std::string message,
+                            const ShowTrustCallback& callback) {
+  auto sec_policy = SecPolicyCreateBasicX509();
+  SecTrustRef trust = nullptr;
+  SecTrustCreateWithCertificates(cert.CreateOSCertChainForCert(), sec_policy, &trust);
+  // CFRelease(sec_policy);
+
+  NSWindow* window = parent_window ?
+      parent_window->GetNativeWindow() :
+      NULL;
+
+  auto msg = base::SysUTF8ToNSString(message);
+
+  SFCertificateTrustPanel *panel = [[SFCertificateTrustPanel alloc] init];
+  [panel beginSheetForWindow:window modalDelegate:nil didEndSelector:NULL contextInfo:NULL trust:trust message:msg];
+
+  callback.Run(true);
+  // CFRelease(trust);
+  // [panel release];
+}
+
+}  // namespace api
+
+}  // namespace atom