| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/ev_root_ca_metadata.h" | 5 #include "net/base/ev_root_ca_metadata.h" |
| 6 | 6 |
| 7 #if defined(USE_NSS) | 7 #if defined(USE_NSS) |
| 8 #include <cert.h> | 8 #include <cert.h> |
| 9 #include <pkcs11n.h> | 9 #include <pkcs11n.h> |
| 10 #include <secerr.h> | 10 #include <secerr.h> |
| (...skipping 302 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 313 | 313 |
| 314 static base::LazyInstance<EVRootCAMetadata>::Leaky | 314 static base::LazyInstance<EVRootCAMetadata>::Leaky |
| 315 g_ev_root_ca_metadata = LAZY_INSTANCE_INITIALIZER; | 315 g_ev_root_ca_metadata = LAZY_INSTANCE_INITIALIZER; |
| 316 | 316 |
| 317 // static | 317 // static |
| 318 EVRootCAMetadata* EVRootCAMetadata::GetInstance() { | 318 EVRootCAMetadata* EVRootCAMetadata::GetInstance() { |
| 319 return g_ev_root_ca_metadata.Pointer(); | 319 return g_ev_root_ca_metadata.Pointer(); |
| 320 } | 320 } |
| 321 | 321 |
| 322 #if defined(USE_NSS) | 322 #if defined(USE_NSS) |
| 323 bool EVRootCAMetadata::IsEVPolicyOID(PolicyOID policy_oid) const { |
| 324 return policy_oid != SEC_OID_UNKNOWN && |
| 325 policy_oids_.find(policy_oid) != policy_oids_.end(); |
| 326 } |
| 323 | 327 |
| 324 bool EVRootCAMetadata::GetPolicyOIDsForCA( | 328 bool EVRootCAMetadata::HasEVPolicyOID( |
| 325 const SHA1Fingerprint& fingerprint, | 329 const SHA1Fingerprint& fingerprint, |
| 326 std::vector<PolicyOID>* policy_oids) const { | 330 PolicyOID policy_oid) const { |
| 327 PolicyOIDMap::const_iterator iter = ev_policy_.find(fingerprint); | 331 PolicyOIDMap::const_iterator iter = ev_policy_.find(fingerprint); |
| 328 if (iter == ev_policy_.end()) | 332 if (iter == ev_policy_.end()) |
| 329 return false; | 333 return false; |
| 330 for (std::vector<PolicyOID>::const_iterator | 334 for (std::vector<PolicyOID>::const_iterator |
| 331 j = iter->second.begin(); j != iter->second.end(); ++j) { | 335 j = iter->second.begin(); j != iter->second.end(); ++j) { |
| 332 policy_oids->push_back(*j); | 336 if (*j == policy_oid) |
| 337 return true; |
| 333 } | 338 } |
| 334 return true; | 339 return false; |
| 335 } | |
| 336 | |
| 337 const EVRootCAMetadata::PolicyOID* EVRootCAMetadata::GetPolicyOIDs() const { | |
| 338 return &policy_oids_[0]; | |
| 339 } | |
| 340 | |
| 341 int EVRootCAMetadata::NumPolicyOIDs() const { | |
| 342 return policy_oids_.size(); | |
| 343 } | 340 } |
| 344 | 341 |
| 345 bool EVRootCAMetadata::AddEVCA(const SHA1Fingerprint& fingerprint, | 342 bool EVRootCAMetadata::AddEVCA(const SHA1Fingerprint& fingerprint, |
| 346 const char* policy) { | 343 const char* policy) { |
| 347 if (ev_policy_.find(fingerprint) != ev_policy_.end()) | 344 if (ev_policy_.find(fingerprint) != ev_policy_.end()) |
| 348 return false; | 345 return false; |
| 349 | 346 |
| 350 PolicyOID oid; | 347 PolicyOID oid; |
| 351 if (!RegisterOID(policy, &oid)) | 348 if (!RegisterOID(policy, &oid)) |
| 352 return false; | 349 return false; |
| 353 | 350 |
| 354 ev_policy_[fingerprint].push_back(oid); | 351 ev_policy_[fingerprint].push_back(oid); |
| 355 policy_oids_.push_back(oid); | 352 policy_oids_.insert(oid); |
| 356 | 353 |
| 357 return true; | 354 return true; |
| 358 } | 355 } |
| 359 | 356 |
| 360 bool EVRootCAMetadata::RemoveEVCA(const SHA1Fingerprint& fingerprint) { | 357 bool EVRootCAMetadata::RemoveEVCA(const SHA1Fingerprint& fingerprint) { |
| 361 PolicyOIDMap::iterator it = ev_policy_.find(fingerprint); | 358 PolicyOIDMap::iterator it = ev_policy_.find(fingerprint); |
| 362 if (it == ev_policy_.end()) | 359 if (it == ev_policy_.end()) |
| 363 return false; | 360 return false; |
| 364 PolicyOID oid = it->second[0]; | 361 PolicyOID oid = it->second[0]; |
| 365 ev_policy_.erase(it); | 362 ev_policy_.erase(it); |
| 366 | 363 policy_oids_.erase(oid); |
| 367 std::vector<PolicyOID>::iterator it2 = std::find( | |
| 368 policy_oids_.begin(), policy_oids_.end(), oid); | |
| 369 if (it2 == policy_oids_.end()) | |
| 370 return false; | |
| 371 policy_oids_.erase(it2); | |
| 372 return true; | 364 return true; |
| 373 } | 365 } |
| 374 | 366 |
| 375 // static | 367 // static |
| 376 bool EVRootCAMetadata::RegisterOID(const char* policy, | 368 bool EVRootCAMetadata::RegisterOID(const char* policy, |
| 377 PolicyOID* out) { | 369 PolicyOID* out) { |
| 378 PRUint8 buf[64]; | 370 PRUint8 buf[64]; |
| 379 SECItem oid_item; | 371 SECItem oid_item; |
| 380 oid_item.data = buf; | 372 oid_item.data = buf; |
| 381 oid_item.len = sizeof(buf); | 373 oid_item.len = sizeof(buf); |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 484 break; | 476 break; |
| 485 const char* policy_oid = metadata.policy_oids[j]; | 477 const char* policy_oid = metadata.policy_oids[j]; |
| 486 | 478 |
| 487 PolicyOID policy; | 479 PolicyOID policy; |
| 488 if (!RegisterOID(policy_oid, &policy)) { | 480 if (!RegisterOID(policy_oid, &policy)) { |
| 489 LOG(ERROR) << "Failed to register OID: " << policy_oid; | 481 LOG(ERROR) << "Failed to register OID: " << policy_oid; |
| 490 continue; | 482 continue; |
| 491 } | 483 } |
| 492 | 484 |
| 493 ev_policy_[metadata.fingerprint].push_back(policy); | 485 ev_policy_[metadata.fingerprint].push_back(policy); |
| 494 policy_oids_.push_back(policy); | 486 policy_oids_.insert(policy); |
| 495 } | 487 } |
| 496 } | 488 } |
| 497 #endif | 489 #endif |
| 498 } | 490 } |
| 499 | 491 |
| 500 EVRootCAMetadata::~EVRootCAMetadata() { } | 492 EVRootCAMetadata::~EVRootCAMetadata() { } |
| 501 | 493 |
| 502 } // namespace net | 494 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10857020:
Do not perform online revocation checking when the user has explicitly disabled it, except for when… (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src