Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(594)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate_openssl.cc

Issue 4646001: Implement LoadTemporaryRoot for Windows (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/net/base
Patch Set: Widen suppresions Created 10 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/x509_certificate_mac.cc ('k') | net/base/x509_certificate_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #include <openssl/asn1.h> 7 #include <openssl/asn1.h>
8 #include <openssl/crypto.h> 8 #include <openssl/crypto.h>
9 #include <openssl/obj_mac.h> 9 #include <openssl/obj_mac.h>
10 #include <openssl/pem.h> 10 #include <openssl/pem.h>
(...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after
209 static X509InitSingleton* GetInstance() { 209 static X509InitSingleton* GetInstance() {
210 // We allow the X509 store to leak, because it is used from a non-joinable 210 // We allow the X509 store to leak, because it is used from a non-joinable
211 // worker that is not stopped on shutdown, hence may still be using 211 // worker that is not stopped on shutdown, hence may still be using
212 // OpenSSL library after the AtExit runner has completed. 212 // OpenSSL library after the AtExit runner has completed.
213 return Singleton<X509InitSingleton, 213 return Singleton<X509InitSingleton,
214 LeakySingletonTraits<X509InitSingleton> >::get(); 214 LeakySingletonTraits<X509InitSingleton> >::get();
215 } 215 }
216 int der_cache_ex_index() const { return der_cache_ex_index_; } 216 int der_cache_ex_index() const { return der_cache_ex_index_; }
217 X509_STORE* store() const { return store_.get(); } 217 X509_STORE* store() const { return store_.get(); }
218 218
219 private: 219 void ResetCertStore() {
220 friend struct DefaultSingletonTraits<X509InitSingleton>; 220 store_.reset(X509_STORE_new());
221 X509InitSingleton() 221 DCHECK(store_.get());
222 : der_cache_ex_index_((base::EnsureOpenSSLInit(),
223 X509_get_ex_new_index(0, 0, 0, 0,
224 DERCache_free))),
225 store_(X509_STORE_new()) {
226 DCHECK_NE(der_cache_ex_index_, -1);
227 X509_STORE_set_default_paths(store_.get()); 222 X509_STORE_set_default_paths(store_.get());
228 // TODO(joth): Enable CRL (see X509_STORE_set_flags(X509_V_FLAG_CRL_CHECK)). 223 // TODO(joth): Enable CRL (see X509_STORE_set_flags(X509_V_FLAG_CRL_CHECK)).
229 } 224 }
230 225
226 private:
227 friend struct DefaultSingletonTraits<X509InitSingleton>;
228 X509InitSingleton() {
229 base::EnsureOpenSSLInit();
230 der_cache_ex_index_ = X509_get_ex_new_index(0, 0, 0, 0, DERCache_free);
231 DCHECK_NE(der_cache_ex_index_, -1);
232 ResetCertStore();
233 }
234
231 int der_cache_ex_index_; 235 int der_cache_ex_index_;
232 base::ScopedOpenSSL<X509_STORE, X509_STORE_free> store_; 236 base::ScopedOpenSSL<X509_STORE, X509_STORE_free> store_;
233 237
234 DISALLOW_COPY_AND_ASSIGN(X509InitSingleton); 238 DISALLOW_COPY_AND_ASSIGN(X509InitSingleton);
235 }; 239 };
236 240
237 // Takes ownership of |data| (which must have been allocated by OpenSSL). 241 // Takes ownership of |data| (which must have been allocated by OpenSSL).
238 DERCache* SetDERCache(X509Certificate::OSCertHandle cert, 242 DERCache* SetDERCache(X509Certificate::OSCertHandle cert,
239 int x509_der_cache_index, 243 int x509_der_cache_index,
240 unsigned char* data, 244 unsigned char* data,
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
305 309
306 void X509Certificate::Initialize() { 310 void X509Certificate::Initialize() {
307 base::EnsureOpenSSLInit(); 311 base::EnsureOpenSSLInit();
308 fingerprint_ = CalculateFingerprint(cert_handle_); 312 fingerprint_ = CalculateFingerprint(cert_handle_);
309 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_); 313 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_);
310 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_); 314 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_);
311 nxou::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_); 315 nxou::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_);
312 nxou::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_); 316 nxou::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_);
313 } 317 }
314 318
319 // static
320 void X509Certificate::ResetCertStore() {
321 X509InitSingleton::Get()->ResetCertStore();
322 }
323
315 SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) { 324 SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) {
316 SHA1Fingerprint sha1; 325 SHA1Fingerprint sha1;
317 unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data)); 326 unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data));
318 int ret = X509_digest(cert, EVP_sha1(), sha1.data, &sha1_size); 327 int ret = X509_digest(cert, EVP_sha1(), sha1.data, &sha1_size);
319 CHECK(ret); 328 CHECK(ret);
320 CHECK_EQ(sha1_size, sizeof(sha1.data)); 329 CHECK_EQ(sha1_size, sizeof(sha1.data));
321 return sha1; 330 return sha1;
322 } 331 }
323 332
324 // static 333 // static
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after
455 // cache the DER (if not already cached via X509_set_ex_data). 464 // cache the DER (if not already cached via X509_set_ex_data).
456 DERCache der_cache_a, der_cache_b; 465 DERCache der_cache_a, der_cache_b;
457 466
458 return GetDERAndCacheIfNeeded(a, &der_cache_a) && 467 return GetDERAndCacheIfNeeded(a, &der_cache_a) &&
459 GetDERAndCacheIfNeeded(b, &der_cache_b) && 468 GetDERAndCacheIfNeeded(b, &der_cache_b) &&
460 der_cache_a.data_length == der_cache_b.data_length && 469 der_cache_a.data_length == der_cache_b.data_length &&
461 memcmp(der_cache_a.data, der_cache_b.data, der_cache_a.data_length) == 0; 470 memcmp(der_cache_a.data, der_cache_b.data, der_cache_a.data_length) == 0;
462 } 471 }
463 472
464 } // namespace net 473 } // namespace net
OLDNEW
« no previous file with comments | « net/base/x509_certificate_mac.cc ('k') | net/base/x509_certificate_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698