Chromium Code Reviews Chromium Code Reviews
Issue 2963:
Bring X.509 cert handling (at least preliminarily) to the Mac. (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/| Index: net/base/x509_certificate.h |
| =================================================================== |
| --- net/base/x509_certificate.h (revision 2361) |
| +++ net/base/x509_certificate.h (working copy) |
| @@ -15,6 +15,8 @@ |
| #if defined(OS_WIN) |
| #include <windows.h> |
| #include <wincrypt.h> |
| +#elif defined(OS_MACOSX) |
| +#include <Security/Security.h> |
| #endif |
| class Pickle; |
| @@ -44,6 +46,8 @@ |
| #if defined(OS_WIN) |
| typedef PCCERT_CONTEXT OSCertHandle; |
| +#elif defined(OS_MACOSX) |
| + typedef SecCertificateRef OSCertHandle; |
| #else |
| // TODO(ericroman): not implemented |
| typedef void* OSCertHandle; |
| @@ -102,12 +106,14 @@ |
| }; |
| // Create an X509Certificate from a handle to the certificate object |
| - // in the underlying crypto library. |
| + // in the underlying crypto library. This is a transfer of ownership; |
| + // X509Certificate will properly dispose of |cert_handle| for you. |
| static X509Certificate* CreateFromHandle(OSCertHandle cert_handle); |
| // Create an X509Certificate from the representation stored in the given |
| // pickle. The data for this object is found relative to the given |
| // pickle_iter, which should be passed to the pickle's various Read* methods. |
| + // Returns NULL on failure. |
| static X509Certificate* CreateFromPickle(const Pickle& pickle, |
| void** pickle_iter); |
| @@ -127,6 +133,7 @@ |
| // The issuer of the certificate. |
| const Principal& issuer() const { return issuer_; } |
| +#if defined(OS_WIN) |
|
Amanda Walker
2008/09/18 16:14:43
Since you wrote code to extract individual fields
wtc
2008/09/18 20:37:55
I believe the valid_start() and valid_expiry() met
Avi (use Gerrit)
2008/09/18 20:48:17
No, they are not. valid_start() isn't used anywher
|
| // Time period during which the certificate is valid. More precisely, this |
| // certificate is invalid before the |valid_start| date and invalid after |
| // the |valid_expiry| date. |
| @@ -134,6 +141,7 @@ |
| // lacks either date), the date will be null (i.e., is_null() will be true). |
| const Time& valid_start() const { return valid_start_; } |
| const Time& valid_expiry() const { return valid_expiry_; } |
| +#endif |
| // The fingerprint of this certificate. |
| const Fingerprint& fingerprint() const { return fingerprint_; } |
| @@ -144,9 +152,11 @@ |
| // Otherwise, it gets the common name in the subject field. |
| void GetDNSNames(std::vector<std::string>* dns_names) const; |
| +#if defined(OS_WIN) |
|
Amanda Walker
2008/09/18 16:14:43
Same comment as above: we should either implement
|
| // Convenience method that returns whether this certificate has expired as of |
| // now. |
| bool HasExpired() const; |
| +#endif |
| // Returns true if the certificate is an extended-validation (EV) |
| // certificate. |
| @@ -168,10 +178,12 @@ |
| // Common object initialization code. Called by the constructors only. |
| void Initialize(); |
| +#if defined(OS_WIN) |
| // Helper function to parse a principal from a WinInet description of that |
| // principal. |
| static void ParsePrincipal(const std::string& description, |
| Principal* principal); |
| +#endif |
|
Amanda Walker
2008/09/18 16:14:43
Add a declaration for the Mac version, mostly to k
|
| // The subject of the certificate. |
| Principal subject_; |
| @@ -179,11 +191,13 @@ |
| // The issuer of the certificate. |
| Principal issuer_; |
| +#if defined(OS_WIN) |
| // This certificate is not valid before |valid_start_| |
| Time valid_start_; |
| // This certificate is not valid after |valid_expiry_| |
| Time valid_expiry_; |
| +#endif |
| // The fingerprint of this certificate. |
| Fingerprint fingerprint_; |
| @@ -191,7 +205,7 @@ |
| // A handle to the certificate object in the underlying crypto library. |
| OSCertHandle cert_handle_; |
| - DISALLOW_EVIL_CONSTRUCTORS(X509Certificate); |
| + DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
| }; |
| } // namespace net |
