Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1058)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate_openssl.cc

Issue 4646001: Implement LoadTemporaryRoot for Windows (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/net/base
Patch Set: New Win method & unittests Created 10 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/x509_certificate.h ('K') | « net/base/x509_certificate_mac.cc ('k') | net/base/x509_certificate_unittest.cc » ('j') | net/data/ssl/certificates/expired_cert.pem » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #include <openssl/asn1.h> 7 #include <openssl/asn1.h>
8 #include <openssl/crypto.h> 8 #include <openssl/crypto.h>
9 #include <openssl/obj_mac.h> 9 #include <openssl/obj_mac.h>
10 #include <openssl/pem.h> 10 #include <openssl/pem.h>
(...skipping 191 matching lines...) Expand 10 before | Expand all | Expand 10 after
202 if (der_cache->data) 202 if (der_cache->data)
203 OPENSSL_free(der_cache->data); 203 OPENSSL_free(der_cache->data);
204 OPENSSL_free(der_cache); 204 OPENSSL_free(der_cache);
205 } 205 }
206 206
207 class X509InitSingleton { 207 class X509InitSingleton {
208 public: 208 public:
209 int der_cache_ex_index() const { return der_cache_ex_index_; } 209 int der_cache_ex_index() const { return der_cache_ex_index_; }
210 X509_STORE* store() const { return store_.get(); } 210 X509_STORE* store() const { return store_.get(); }
211 211
212 private: 212 void ResetStore() {
213 friend struct DefaultSingletonTraits<X509InitSingleton>; 213 store_.reset(X509_STORE_new());
214 X509InitSingleton() 214 DCHECK(store_.get());
215 : der_cache_ex_index_((base::EnsureOpenSSLInit(),
216 X509_get_ex_new_index(0, 0, 0, 0,
217 DERCache_free))),
218 store_(X509_STORE_new()) {
219 DCHECK_NE(der_cache_ex_index_, -1);
220 X509_STORE_set_default_paths(store_.get()); 215 X509_STORE_set_default_paths(store_.get());
221 // TODO(joth): Enable CRL (see X509_STORE_set_flags(X509_V_FLAG_CRL_CHECK)). 216 // TODO(joth): Enable CRL (see X509_STORE_set_flags(X509_V_FLAG_CRL_CHECK)).
222 } 217 }
223 218
219 private:
220 friend struct DefaultSingletonTraits<X509InitSingleton>;
221 X509InitSingleton() {
222 base::EnsureOpenSSLInit();
223 der_cache_ex_index_ = X509_get_ex_new_index(0, 0, 0, 0, DERCache_free);
224 DCHECK_NE(der_cache_ex_index_, -1);
225 ResetStore();
226 }
227
224 int der_cache_ex_index_; 228 int der_cache_ex_index_;
225 base::ScopedOpenSSL<X509_STORE, X509_STORE_free> store_; 229 base::ScopedOpenSSL<X509_STORE, X509_STORE_free> store_;
226 230
227 DISALLOW_COPY_AND_ASSIGN(X509InitSingleton); 231 DISALLOW_COPY_AND_ASSIGN(X509InitSingleton);
228 }; 232 };
229 233
230 // Takes ownership of |data| (which must have been allocated by OpenSSL). 234 // Takes ownership of |data| (which must have been allocated by OpenSSL).
231 DERCache* SetDERCache(X509Certificate::OSCertHandle cert, 235 DERCache* SetDERCache(X509Certificate::OSCertHandle cert,
232 int x509_der_cache_index, 236 int x509_der_cache_index,
233 unsigned char* data, 237 unsigned char* data,
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
298 302
299 void X509Certificate::Initialize() { 303 void X509Certificate::Initialize() {
300 base::EnsureOpenSSLInit(); 304 base::EnsureOpenSSLInit();
301 fingerprint_ = CalculateFingerprint(cert_handle_); 305 fingerprint_ = CalculateFingerprint(cert_handle_);
302 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_); 306 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_);
303 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_); 307 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_);
304 nxou::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_); 308 nxou::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_);
305 nxou::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_); 309 nxou::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_);
306 } 310 }
307 311
312 // static
313 void X509Certificate::ResetStore() {
314 Singleton<X509InitSingleton>::get()->ResetStore();
315 }
316
308 SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) { 317 SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) {
309 SHA1Fingerprint sha1; 318 SHA1Fingerprint sha1;
310 unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data)); 319 unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data));
311 int ret = X509_digest(cert, EVP_sha1(), sha1.data, &sha1_size); 320 int ret = X509_digest(cert, EVP_sha1(), sha1.data, &sha1_size);
312 CHECK(ret); 321 CHECK(ret);
313 CHECK_EQ(sha1_size, sizeof(sha1.data)); 322 CHECK_EQ(sha1_size, sizeof(sha1.data));
314 return sha1; 323 return sha1;
315 } 324 }
316 325
317 // static 326 // static
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after
446 // cache the DER (if not already cached via X509_set_ex_data). 455 // cache the DER (if not already cached via X509_set_ex_data).
447 DERCache der_cache_a, der_cache_b; 456 DERCache der_cache_a, der_cache_b;
448 457
449 return GetDERAndCacheIfNeeded(a, &der_cache_a) && 458 return GetDERAndCacheIfNeeded(a, &der_cache_a) &&
450 GetDERAndCacheIfNeeded(b, &der_cache_b) && 459 GetDERAndCacheIfNeeded(b, &der_cache_b) &&
451 der_cache_a.data_length == der_cache_b.data_length && 460 der_cache_a.data_length == der_cache_b.data_length &&
452 memcmp(der_cache_a.data, der_cache_b.data, der_cache_a.data_length) == 0; 461 memcmp(der_cache_a.data, der_cache_b.data, der_cache_a.data_length) == 0;
453 } 462 }
454 463
455 } // namespace net 464 } // namespace net
OLDNEW
« net/base/x509_certificate.h ('K') | « net/base/x509_certificate_mac.cc ('k') | net/base/x509_certificate_unittest.cc » ('j') | net/data/ssl/certificates/expired_cert.pem » ('J')

Powered by Google App Engine
This is Rietveld 408576698