| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/ev_root_ca_metadata.h" | 5 #include "net/base/ev_root_ca_metadata.h" |
| 6 | 6 |
| 7 #if defined(USE_NSS) | 7 #if defined(USE_NSS) |
| 8 #include <cert.h> | 8 #include <cert.h> |
| 9 #include <pkcs11n.h> | 9 #include <pkcs11n.h> |
| 10 #include <secerr.h> | 10 #include <secerr.h> |
| (...skipping 302 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 313 | 313 |
| 314 static base::LazyInstance<EVRootCAMetadata>::Leaky | 314 static base::LazyInstance<EVRootCAMetadata>::Leaky |
| 315 g_ev_root_ca_metadata = LAZY_INSTANCE_INITIALIZER; | 315 g_ev_root_ca_metadata = LAZY_INSTANCE_INITIALIZER; |
| 316 | 316 |
| 317 // static | 317 // static |
| 318 EVRootCAMetadata* EVRootCAMetadata::GetInstance() { | 318 EVRootCAMetadata* EVRootCAMetadata::GetInstance() { |
| 319 return g_ev_root_ca_metadata.Pointer(); | 319 return g_ev_root_ca_metadata.Pointer(); |
| 320 } | 320 } |
| 321 | 321 |
| 322 #if defined(USE_NSS) | 322 #if defined(USE_NSS) |
| 323 bool EVRootCAMetadata::IsEVPolicyOID(PolicyOID policy_oid) const { |
| 324 return policy_oids_.find(policy_oid) != policy_oids_.end(); |
| 325 } |
| 323 | 326 |
| 324 bool EVRootCAMetadata::GetPolicyOIDsForCA( | 327 bool EVRootCAMetadata::HasEVPolicyOID( |
| 325 const SHA1Fingerprint& fingerprint, | 328 const SHA1Fingerprint& fingerprint, |
| 326 std::vector<PolicyOID>* policy_oids) const { | 329 PolicyOID policy_oid) const { |
| 327 PolicyOIDMap::const_iterator iter = ev_policy_.find(fingerprint); | 330 PolicyOIDMap::const_iterator iter = ev_policy_.find(fingerprint); |
| 328 if (iter == ev_policy_.end()) | 331 if (iter == ev_policy_.end()) |
| 329 return false; | 332 return false; |
| 330 for (std::vector<PolicyOID>::const_iterator | 333 for (std::vector<PolicyOID>::const_iterator |
| 331 j = iter->second.begin(); j != iter->second.end(); ++j) { | 334 j = iter->second.begin(); j != iter->second.end(); ++j) { |
| 332 policy_oids->push_back(*j); | 335 if (*j == policy_oid) |
| 336 return true; |
| 333 } | 337 } |
| 334 return true; | 338 return false; |
| 335 } | |
| 336 | |
| 337 const EVRootCAMetadata::PolicyOID* EVRootCAMetadata::GetPolicyOIDs() const { | |
| 338 return &policy_oids_[0]; | |
| 339 } | |
| 340 | |
| 341 int EVRootCAMetadata::NumPolicyOIDs() const { | |
| 342 return policy_oids_.size(); | |
| 343 } | 339 } |
| 344 | 340 |
| 345 bool EVRootCAMetadata::AddEVCA(const SHA1Fingerprint& fingerprint, | 341 bool EVRootCAMetadata::AddEVCA(const SHA1Fingerprint& fingerprint, |
| 346 const char* policy) { | 342 const char* policy) { |
| 347 if (ev_policy_.find(fingerprint) != ev_policy_.end()) | 343 if (ev_policy_.find(fingerprint) != ev_policy_.end()) |
| 348 return false; | 344 return false; |
| 349 | 345 |
| 350 PolicyOID oid; | 346 PolicyOID oid; |
| 351 if (!RegisterOID(policy, &oid)) | 347 if (!RegisterOID(policy, &oid)) |
| 352 return false; | 348 return false; |
| 353 | 349 |
| 354 ev_policy_[fingerprint].push_back(oid); | 350 ev_policy_[fingerprint].push_back(oid); |
| 355 policy_oids_.push_back(oid); | 351 policy_oids_.insert(oid); |
| 356 | 352 |
| 357 return true; | 353 return true; |
| 358 } | 354 } |
| 359 | 355 |
| 360 bool EVRootCAMetadata::RemoveEVCA(const SHA1Fingerprint& fingerprint) { | 356 bool EVRootCAMetadata::RemoveEVCA(const SHA1Fingerprint& fingerprint) { |
| 361 PolicyOIDMap::iterator it = ev_policy_.find(fingerprint); | 357 PolicyOIDMap::iterator it = ev_policy_.find(fingerprint); |
| 362 if (it == ev_policy_.end()) | 358 if (it == ev_policy_.end()) |
| 363 return false; | 359 return false; |
| 364 PolicyOID oid = it->second[0]; | 360 PolicyOID oid = it->second[0]; |
| 365 ev_policy_.erase(it); | 361 ev_policy_.erase(it); |
| 366 | 362 policy_oids_.erase(oid); |
| 367 std::vector<PolicyOID>::iterator it2 = std::find( | |
| 368 policy_oids_.begin(), policy_oids_.end(), oid); | |
| 369 if (it2 == policy_oids_.end()) | |
| 370 return false; | |
| 371 policy_oids_.erase(it2); | |
| 372 return true; | 363 return true; |
| 373 } | 364 } |
| 374 | 365 |
| 375 // static | 366 // static |
| 376 bool EVRootCAMetadata::RegisterOID(const char* policy, | 367 bool EVRootCAMetadata::RegisterOID(const char* policy, |
| 377 PolicyOID* out) { | 368 PolicyOID* out) { |
| 378 PRUint8 buf[64]; | 369 PRUint8 buf[64]; |
| 379 SECItem oid_item; | 370 SECItem oid_item; |
| 380 oid_item.data = buf; | 371 oid_item.data = buf; |
| 381 oid_item.len = sizeof(buf); | 372 oid_item.len = sizeof(buf); |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 484 break; | 475 break; |
| 485 const char* policy_oid = metadata.policy_oids[j]; | 476 const char* policy_oid = metadata.policy_oids[j]; |
| 486 | 477 |
| 487 PolicyOID policy; | 478 PolicyOID policy; |
| 488 if (!RegisterOID(policy_oid, &policy)) { | 479 if (!RegisterOID(policy_oid, &policy)) { |
| 489 LOG(ERROR) << "Failed to register OID: " << policy_oid; | 480 LOG(ERROR) << "Failed to register OID: " << policy_oid; |
| 490 continue; | 481 continue; |
| 491 } | 482 } |
| 492 | 483 |
| 493 ev_policy_[metadata.fingerprint].push_back(policy); | 484 ev_policy_[metadata.fingerprint].push_back(policy); |
| 494 policy_oids_.push_back(policy); | 485 policy_oids_.insert(policy); |
| 495 } | 486 } |
| 496 } | 487 } |
| 497 #endif | 488 #endif |
| 498 } | 489 } |
| 499 | 490 |
| 500 EVRootCAMetadata::~EVRootCAMetadata() { } | 491 EVRootCAMetadata::~EVRootCAMetadata() { } |
| 501 | 492 |
| 502 } // namespace net | 493 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10857020:
Do not perform online revocation checking when the user has explicitly disabled it, except for when… (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src