Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(534)

Issue 2819018: Add support for parsing certificate formats other than raw, DER-encoded cert... (Closed)

Created:
10 years, 6 months ago by rsleevi-old
Modified:
9 years, 7 months ago
CC:
chromium-reviews, pam+watch_chromium.org, John Grabowski, cbentzel+watch_chromium.org, darin-cc_chromium.org, Paweł Hajdan Jr.
Visibility:
Public.

Description

Add support for parsing certificate formats other than raw, DER-encoded certificates - specifically formats that represent collections of certificates. The certificate format can now be specified as an explicit format, or as a bit-mask of formats that are acceptable/expected, with the first parsable format winning. This is one half of a commit to address BUG #37142, with the second half involving connecting this through the X509UserCertHandler and the actual UI. R=wtc BUG=37142 TEST=X509CertificateParseTest* and PEMTokenizerTest.* Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=53298

Patch Set 1 #

Total comments: 8

Patch Set 2 : OS X/NSS fixes #

Total comments: 59

Patch Set 3 : Rebase to trunk #

Patch Set 4 : Address comments from wtc #

Total comments: 12

Patch Set 5 : rebased to trunk and addressed wtc comments #

Total comments: 5

Patch Set 6 : Attempt to fix OS X 10.5 buildbot failures by removing anon-namespace #

Patch Set 7 : Fixup some variables/comments per wtc #

Unified diffs Side-by-side diffs Delta from patch set Stats (+985 lines, -20 lines) Patch
A net/base/pem_tokenizer.h View 1 2 3 4 1 chunk +79 lines, -0 lines 0 comments Download
A net/base/pem_tokenizer.cc View 1 2 3 1 chunk +95 lines, -0 lines 0 comments Download
A net/base/pem_tokenizer_unittest.cc View 1 2 3 1 chunk +169 lines, -0 lines 0 comments Download
M net/base/x509_certificate.h View 1 2 3 4 5 6 5 chunks +38 lines, -1 line 0 comments Download
M net/base/x509_certificate.cc View 1 2 3 4 5 6 3 chunks +90 lines, -0 lines 0 comments Download
M net/base/x509_certificate_mac.cc View 1 2 3 4 5 6 3 chunks +78 lines, -2 lines 0 comments Download
M net/base/x509_certificate_nss.cc View 1 2 3 4 5 6 3 chunks +63 lines, -8 lines 0 comments Download
M net/base/x509_certificate_unittest.cc View 1 2 3 4 5 6 6 chunks +152 lines, -10 lines 0 comments Download
M net/base/x509_certificate_win.cc View 1 2 3 4 5 6 2 chunks +69 lines, -0 lines 0 comments Download
A net/data/ssl/certificates/google.binary.p7b View 1 3 Binary file 0 comments Download
A net/data/ssl/certificates/google.chain.pem View 1 1 chunk +38 lines, -0 lines 0 comments Download
A net/data/ssl/certificates/google.pem_cert.p7b View 1 1 chunk +37 lines, -0 lines 0 comments Download
A net/data/ssl/certificates/google.pem_pkcs7.p7b View 1 1 chunk +37 lines, -0 lines 0 comments Download
A net/data/ssl/certificates/google.single.der View 0 chunks +-1 lines, --1 lines 0 comments Download
A net/data/ssl/certificates/google.single.pem View 1 1 chunk +19 lines, -0 lines 0 comments Download
A net/data/ssl/certificates/thawte.single.pem View 1 1 chunk +19 lines, -0 lines 0 comments Download
M net/net.gyp View 1 2 3 4 2 chunks +3 lines, -0 lines 0 comments Download

Messages

Total messages: 19 (0 generated)
rsleevi-old
This is one half of the major code, split off from http://codereview.chromium.org/2668005/show Mac side still ...
10 years, 6 months ago (2010-06-23 00:24:12 UTC) #1
davidben
Tried to get this to compile on Mac. Fixes listed below. http://codereview.chromium.org/2819018/diff/1/7 File net/base/x509_certificate_mac.cc (right): ...
10 years, 6 months ago (2010-06-23 19:32:50 UTC) #2
rsleevi-old
Thanks for the comments David. The OS X side should be working now. Note that ...
10 years, 6 months ago (2010-06-27 03:09:10 UTC) #3
wtc
LGTM. Wow, there is a lot of domain knowledge behind the code in this CL. ...
10 years, 5 months ago (2010-07-16 01:26:29 UTC) #4
wtc
Another note: in CL descriptions, please list BUG= before TEST=, and have only one TEST=. ...
10 years, 5 months ago (2010-07-16 01:31:38 UTC) #5
Ryan Sleevi
I'll hold off on committing until you've had a chance to review. As nothing is ...
10 years, 5 months ago (2010-07-16 02:30:37 UTC) #6
rsleevi-old
Updated to address all your comments. Waiting to land until after I land the cleanup ...
10 years, 5 months ago (2010-07-16 07:19:50 UTC) #7
wtc
http://codereview.chromium.org/2819018/diff/22001/23009 File net/base/x509_certificate_win.cc (right): http://codereview.chromium.org/2819018/diff/22001/23009#newcode443 net/base/x509_certificate_win.cc:443: if (CertAddCertificateContextToStore( On 2010/07/16 02:30:37, rsleevi wrote: > > ...
10 years, 5 months ago (2010-07-16 22:13:02 UTC) #8
rsleevi-old
On 2010/07/16 22:13:02, wtc wrote: > http://codereview.chromium.org/2819018/diff/22001/23009 > File net/base/x509_certificate_win.cc (right): > > http://codereview.chromium.org/2819018/diff/22001/23009#newcode443 > ...
10 years, 5 months ago (2010-07-16 22:17:53 UTC) #9
wtc
LGTM. Please address the following issues before checking this in. Do not wait for me ...
10 years, 5 months ago (2010-07-16 22:56:35 UTC) #10
rsleevi-old
http://codereview.chromium.org/2819018/diff/41001/42002 File net/base/pem_tokenizer.h (right): http://codereview.chromium.org/2819018/diff/41001/42002#newcode56 net/base/pem_tokenizer.h:56: base::StringPiece str_; On 2010/07/16 22:56:36, wtc wrote: > Can ...
10 years, 5 months ago (2010-07-17 01:49:14 UTC) #11
wtc
http://codereview.chromium.org/2819018/diff/30002/48008 File net/base/x509_certificate_unittest.cc (right): http://codereview.chromium.org/2819018/diff/30002/48008#newcode640 net/base/x509_certificate_unittest.cc:640: class X509CertificateParseTest Perhaps we can fix the warnings by ...
10 years, 5 months ago (2010-07-17 13:53:32 UTC) #12
wtc
Thanks for improving the comments! Some more suggested changes. http://codereview.chromium.org/2819018/diff/30002/48005 File net/base/x509_certificate.h (right): http://codereview.chromium.org/2819018/diff/30002/48005#newcode78 net/base/x509_certificate.h:78: ...
10 years, 5 months ago (2010-07-17 14:12:09 UTC) #13
Lei Zhang
Please watch the trybots more carefully in the future.
10 years, 5 months ago (2010-07-22 06:13:18 UTC) #14
Ryan Sleevi
On 2010/07/22 06:13:18, Lei Zhang wrote: > Please watch the trybots more carefully in the ...
10 years, 5 months ago (2010-07-22 06:16:35 UTC) #15
Ryan Sleevi
On 2010/07/22 06:16:35, rsleevi wrote: > On 2010/07/22 06:13:18, Lei Zhang wrote: > > Please ...
10 years, 5 months ago (2010-07-22 06:20:15 UTC) #16
Ryan Sleevi
Sorry, that second link was supposed to be http://build.chromium.org/buildbot/waterfall/builders/Modules%20Mac10.5%20(dbg)/builds/8052 , which is the build in ...
10 years, 5 months ago (2010-07-22 06:21:29 UTC) #17
wtc
rsleevi: to work around the trybot's limitation with binary files, you can check in the ...
10 years, 5 months ago (2010-07-22 23:37:53 UTC) #18
Lei Zhang
10 years, 5 months ago (2010-07-22 23:47:54 UTC) #19
On 2010/07/22 23:37:53, wtc wrote:
> rsleevi: to work around the trybot's limitation with binary files,
> you can check in the new binary files first, and then test the rest
> of the CL on trybots.  I've done that before.

And either wait for LKGR to catch up or run gcl try -r NNNNN.

Powered by Google App Engine
This is Rietveld 408576698