| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
| 6 | 6 |
| 7 #include <CommonCrypto/CommonDigest.h> | 7 #include <CommonCrypto/CommonDigest.h> |
| 8 #include <time.h> | 8 #include <time.h> |
| 9 | 9 |
| 10 #include "base/scoped_cftyperef.h" | 10 #include "base/scoped_cftyperef.h" |
| (...skipping 436 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 447 // and our SSL SecPolicyRef. SecTrustCreateWithCertificates() takes an | 447 // and our SSL SecPolicyRef. SecTrustCreateWithCertificates() takes an |
| 448 // array of certificates, the first of which is the certificate we're | 448 // array of certificates, the first of which is the certificate we're |
| 449 // verifying, and the subsequent (optional) certificates are used for | 449 // verifying, and the subsequent (optional) certificates are used for |
| 450 // chain building. | 450 // chain building. |
| 451 CFMutableArrayRef cert_array = CFArrayCreateMutable(kCFAllocatorDefault, 0, | 451 CFMutableArrayRef cert_array = CFArrayCreateMutable(kCFAllocatorDefault, 0, |
| 452 &kCFTypeArrayCallBacks); | 452 &kCFTypeArrayCallBacks); |
| 453 if (!cert_array) | 453 if (!cert_array) |
| 454 return ERR_OUT_OF_MEMORY; | 454 return ERR_OUT_OF_MEMORY; |
| 455 scoped_cftyperef<CFArrayRef> scoped_cert_array(cert_array); | 455 scoped_cftyperef<CFArrayRef> scoped_cert_array(cert_array); |
| 456 CFArrayAppendValue(cert_array, cert_handle_); | 456 CFArrayAppendValue(cert_array, cert_handle_); |
| 457 if (intermediate_ca_certs_) { | 457 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) |
| 458 CFIndex intermediate_count = CFArrayGetCount(intermediate_ca_certs_); | 458 CFArrayAppendValue(cert_array, intermediate_ca_certs_[i]); |
| 459 for (CFIndex i = 0; i < intermediate_count; ++i) { | |
| 460 SecCertificateRef intermediate_cert = static_cast<SecCertificateRef>( | |
| 461 const_cast<void*>(CFArrayGetValueAtIndex(intermediate_ca_certs_, i))); | |
| 462 CFArrayAppendValue(cert_array, intermediate_cert); | |
| 463 } | |
| 464 } | |
| 465 | 459 |
| 466 SecTrustRef trust_ref = NULL; | 460 SecTrustRef trust_ref = NULL; |
| 467 status = SecTrustCreateWithCertificates(cert_array, ssl_policy, &trust_ref); | 461 status = SecTrustCreateWithCertificates(cert_array, ssl_policy, &trust_ref); |
| 468 if (status) | 462 if (status) |
| 469 return NetErrorFromOSStatus(status); | 463 return NetErrorFromOSStatus(status); |
| 470 scoped_cftyperef<SecTrustRef> scoped_trust_ref(trust_ref); | 464 scoped_cftyperef<SecTrustRef> scoped_trust_ref(trust_ref); |
| 471 | 465 |
| 472 // Set the trusted anchor certificates for the SecTrustRef by merging the | 466 // Set the trusted anchor certificates for the SecTrustRef by merging the |
| 473 // system trust anchors and the test root certificate. | 467 // system trust anchors and the test root certificate. |
| 474 CFArrayRef anchor_array = | 468 CFArrayRef anchor_array = |
| (...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 648 } | 642 } |
| 649 | 643 |
| 650 bool X509Certificate::VerifyEV() const { | 644 bool X509Certificate::VerifyEV() const { |
| 651 // We don't call this private method, but we do need to implement it because | 645 // We don't call this private method, but we do need to implement it because |
| 652 // it's defined in x509_certificate.h. We perform EV checking in the | 646 // it's defined in x509_certificate.h. We perform EV checking in the |
| 653 // Verify() above. | 647 // Verify() above. |
| 654 NOTREACHED(); | 648 NOTREACHED(); |
| 655 return false; | 649 return false; |
| 656 } | 650 } |
| 657 | 651 |
| 658 void X509Certificate::AddIntermediateCertificate(SecCertificateRef cert) { | |
| 659 if (cert) { | |
| 660 if (!intermediate_ca_certs_) { | |
| 661 intermediate_ca_certs_ = CFArrayCreateMutable(kCFAllocatorDefault, 0, | |
| 662 &kCFTypeArrayCallBacks); | |
| 663 } | |
| 664 if (intermediate_ca_certs_) { | |
| 665 CFArrayAppendValue(intermediate_ca_certs_, cert); | |
| 666 } | |
| 667 } | |
| 668 } | |
| 669 | |
| 670 // static | 652 // static |
| 671 X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes( | 653 X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes( |
| 672 const char* data, int length) { | 654 const char* data, int length) { |
| 673 CSSM_DATA cert_data; | 655 CSSM_DATA cert_data; |
| 674 cert_data.Data = const_cast<uint8*>(reinterpret_cast<const uint8*>(data)); | 656 cert_data.Data = const_cast<uint8*>(reinterpret_cast<const uint8*>(data)); |
| 675 cert_data.Length = length; | 657 cert_data.Length = length; |
| 676 | 658 |
| 677 OSCertHandle cert_handle = NULL; | 659 OSCertHandle cert_handle = NULL; |
| 678 OSStatus status = SecCertificateCreateFromData(&cert_data, | 660 OSStatus status = SecCertificateCreateFromData(&cert_data, |
| 679 CSSM_CERT_X_509v3, | 661 CSSM_CERT_X_509v3, |
| (...skipping 23 matching lines...) Expand all Loading... |
| 703 | 685 |
| 704 DCHECK(NULL != cert_data.Data); | 686 DCHECK(NULL != cert_data.Data); |
| 705 DCHECK(0 != cert_data.Length); | 687 DCHECK(0 != cert_data.Length); |
| 706 | 688 |
| 707 CC_SHA1(cert_data.Data, cert_data.Length, sha1.data); | 689 CC_SHA1(cert_data.Data, cert_data.Length, sha1.data); |
| 708 | 690 |
| 709 return sha1; | 691 return sha1; |
| 710 } | 692 } |
| 711 | 693 |
| 712 } // namespace net | 694 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 452042:
Define X509Certificate::intermediate_ca_certs_ as a std::vector of... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/