Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(207)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate_mac.cc

Issue 2815048: Minor clean-up tasks that were TODO(snej) (Closed)
Patch Set: Rebase on trunk prior to landing Created 10 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/base/x509_certificate.cc ('k') | net/base/x509_certificate_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #include <CommonCrypto/CommonDigest.h> 7 #include <CommonCrypto/CommonDigest.h>
8 #include <Security/Security.h> 8 #include <Security/Security.h>
9 #include <time.h> 9 #include <time.h>
10 10
(...skipping 673 matching lines...) Expand 10 before | Expand all | Expand 10 after
684 return NULL; 684 return NULL;
685 return reinterpret_cast<OSCertHandle>(const_cast<void*>(CFRetain(handle))); 685 return reinterpret_cast<OSCertHandle>(const_cast<void*>(CFRetain(handle)));
686 } 686 }
687 687
688 // static 688 // static
689 void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) { 689 void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) {
690 CFRelease(cert_handle); 690 CFRelease(cert_handle);
691 } 691 }
692 692
693 // static 693 // static
694 X509Certificate::Fingerprint X509Certificate::CalculateFingerprint( 694 SHA1Fingerprint X509Certificate::CalculateFingerprint(
695 OSCertHandle cert) { 695 OSCertHandle cert) {
696 Fingerprint sha1; 696 SHA1Fingerprint sha1;
697 memset(sha1.data, 0, sizeof(sha1.data)); 697 memset(sha1.data, 0, sizeof(sha1.data));
698 698
699 CSSM_DATA cert_data; 699 CSSM_DATA cert_data;
700 OSStatus status = SecCertificateGetData(cert, &cert_data); 700 OSStatus status = SecCertificateGetData(cert, &cert_data);
701 if (status) 701 if (status)
702 return sha1; 702 return sha1;
703 703
704 DCHECK(NULL != cert_data.Data); 704 DCHECK(NULL != cert_data.Data);
705 DCHECK(0 != cert_data.Length); 705 DCHECK(0 != cert_data.Length);
706 706
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after
784 }; 784 };
785 return CreatePolicy(&CSSMOID_APPLE_TP_SSL, 785 return CreatePolicy(&CSSMOID_APPLE_TP_SSL,
786 &tp_ssl_options, 786 &tp_ssl_options,
787 sizeof(tp_ssl_options), 787 sizeof(tp_ssl_options),
788 out_policy); 788 out_policy);
789 } 789 }
790 790
791 // static 791 // static
792 bool X509Certificate::GetSSLClientCertificates ( 792 bool X509Certificate::GetSSLClientCertificates (
793 const std::string& server_domain, 793 const std::string& server_domain,
794 const std::vector<Principal>& valid_issuers, 794 const std::vector<CertPrincipal>& valid_issuers,
795 std::vector<scoped_refptr<X509Certificate> >* certs) { 795 std::vector<scoped_refptr<X509Certificate> >* certs) {
796 scoped_cftyperef<SecIdentityRef> preferred_identity; 796 scoped_cftyperef<SecIdentityRef> preferred_identity;
797 if (!server_domain.empty()) { 797 if (!server_domain.empty()) {
798 // See if there's an identity preference for this domain: 798 // See if there's an identity preference for this domain:
799 scoped_cftyperef<CFStringRef> domain_str( 799 scoped_cftyperef<CFStringRef> domain_str(
800 base::SysUTF8ToCFStringRef("https://" + server_domain)); 800 base::SysUTF8ToCFStringRef("https://" + server_domain));
801 SecIdentityRef identity = NULL; 801 SecIdentityRef identity = NULL;
802 if (SecIdentityCopyPreference(domain_str, 802 if (SecIdentityCopyPreference(domain_str,
803 0, 803 0,
804 NULL, // validIssuers argument is ignored :( 804 NULL, // validIssuers argument is ignored :(
(...skipping 14 matching lines...) Expand all
819 819
820 SecCertificateRef cert_handle; 820 SecCertificateRef cert_handle;
821 err = SecIdentityCopyCertificate(identity, &cert_handle); 821 err = SecIdentityCopyCertificate(identity, &cert_handle);
822 if (err != noErr) 822 if (err != noErr)
823 continue; 823 continue;
824 scoped_cftyperef<SecCertificateRef> scoped_cert_handle(cert_handle); 824 scoped_cftyperef<SecCertificateRef> scoped_cert_handle(cert_handle);
825 825
826 scoped_refptr<X509Certificate> cert( 826 scoped_refptr<X509Certificate> cert(
827 CreateFromHandle(cert_handle, SOURCE_LONE_CERT_IMPORT, 827 CreateFromHandle(cert_handle, SOURCE_LONE_CERT_IMPORT,
828 OSCertHandles())); 828 OSCertHandles()));
829 // cert_handle is adoped by cert, so I don't need to release it myself.
830 if (cert->HasExpired() || !cert->SupportsSSLClientAuth()) 829 if (cert->HasExpired() || !cert->SupportsSSLClientAuth())
831 continue; 830 continue;
832 831
833 // Skip duplicates (a cert may be in multiple keychains). 832 // Skip duplicates (a cert may be in multiple keychains).
834 X509Certificate::Fingerprint fingerprint = cert->fingerprint(); 833 const SHA1Fingerprint& fingerprint = cert->fingerprint();
835 unsigned i; 834 unsigned i;
836 for (i = 0; i < certs->size(); ++i) { 835 for (i = 0; i < certs->size(); ++i) {
837 if ((*certs)[i]->fingerprint().Equals(fingerprint)) 836 if ((*certs)[i]->fingerprint().Equals(fingerprint))
838 break; 837 break;
839 } 838 }
840 if (i < certs->size()) 839 if (i < certs->size())
841 continue; 840 continue;
842 841
843 bool is_preferred = preferred_identity && 842 bool is_preferred = preferred_identity &&
844 CFEqual(preferred_identity, identity); 843 CFEqual(preferred_identity, identity);
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
894 } 893 }
895 CFRelease(cert_chain); 894 CFRelease(cert_chain);
896 } 895 }
897 exit: 896 exit:
898 if (result) 897 if (result)
899 LOG(ERROR) << "CreateIdentityCertificateChain error " << result; 898 LOG(ERROR) << "CreateIdentityCertificateChain error " << result;
900 return chain.release(); 899 return chain.release();
901 } 900 }
902 901
903 } // namespace net 902 } // namespace net
OLDNEW
« no previous file with comments | « net/base/x509_certificate.cc ('k') | net/base/x509_certificate_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698