OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
6 | 6 |
7 #include <openssl/asn1.h> | 7 #include <openssl/asn1.h> |
8 #include <openssl/crypto.h> | 8 #include <openssl/crypto.h> |
9 #include <openssl/obj_mac.h> | 9 #include <openssl/obj_mac.h> |
10 #include <openssl/pem.h> | 10 #include <openssl/pem.h> |
(...skipping 191 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
202 if (der_cache->data) | 202 if (der_cache->data) |
203 OPENSSL_free(der_cache->data); | 203 OPENSSL_free(der_cache->data); |
204 OPENSSL_free(der_cache); | 204 OPENSSL_free(der_cache); |
205 } | 205 } |
206 | 206 |
207 class X509InitSingleton { | 207 class X509InitSingleton { |
208 public: | 208 public: |
209 int der_cache_ex_index() const { return der_cache_ex_index_; } | 209 int der_cache_ex_index() const { return der_cache_ex_index_; } |
210 X509_STORE* store() const { return store_.get(); } | 210 X509_STORE* store() const { return store_.get(); } |
211 | 211 |
212 private: | 212 void ResetStore() { |
213 friend struct DefaultSingletonTraits<X509InitSingleton>; | 213 store_.reset(X509_STORE_new()); |
214 X509InitSingleton() | 214 DCHECK(store_.get()); |
215 : der_cache_ex_index_((base::EnsureOpenSSLInit(), | |
216 X509_get_ex_new_index(0, 0, 0, 0, | |
217 DERCache_free))), | |
218 store_(X509_STORE_new()) { | |
219 DCHECK_NE(der_cache_ex_index_, -1); | |
220 X509_STORE_set_default_paths(store_.get()); | 215 X509_STORE_set_default_paths(store_.get()); |
221 // TODO(joth): Enable CRL (see X509_STORE_set_flags(X509_V_FLAG_CRL_CHECK)). | 216 // TODO(joth): Enable CRL (see X509_STORE_set_flags(X509_V_FLAG_CRL_CHECK)). |
222 } | 217 } |
223 | 218 |
| 219 private: |
| 220 friend struct DefaultSingletonTraits<X509InitSingleton>; |
| 221 X509InitSingleton() { |
| 222 base::EnsureOpenSSLInit(); |
| 223 der_cache_ex_index_ = X509_get_ex_new_index(0, 0, 0, 0, DERCache_free); |
| 224 DCHECK_NE(der_cache_ex_index_, -1); |
| 225 ResetStore(); |
| 226 } |
| 227 |
224 int der_cache_ex_index_; | 228 int der_cache_ex_index_; |
225 base::ScopedOpenSSL<X509_STORE, X509_STORE_free> store_; | 229 base::ScopedOpenSSL<X509_STORE, X509_STORE_free> store_; |
226 | 230 |
227 DISALLOW_COPY_AND_ASSIGN(X509InitSingleton); | 231 DISALLOW_COPY_AND_ASSIGN(X509InitSingleton); |
228 }; | 232 }; |
229 | 233 |
230 // Takes ownership of |data| (which must have been allocated by OpenSSL). | 234 // Takes ownership of |data| (which must have been allocated by OpenSSL). |
231 DERCache* SetDERCache(X509Certificate::OSCertHandle cert, | 235 DERCache* SetDERCache(X509Certificate::OSCertHandle cert, |
232 int x509_der_cache_index, | 236 int x509_der_cache_index, |
233 unsigned char* data, | 237 unsigned char* data, |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
298 | 302 |
299 void X509Certificate::Initialize() { | 303 void X509Certificate::Initialize() { |
300 base::EnsureOpenSSLInit(); | 304 base::EnsureOpenSSLInit(); |
301 fingerprint_ = CalculateFingerprint(cert_handle_); | 305 fingerprint_ = CalculateFingerprint(cert_handle_); |
302 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_); | 306 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_); |
303 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_); | 307 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_); |
304 nxou::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_); | 308 nxou::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_); |
305 nxou::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_); | 309 nxou::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_); |
306 } | 310 } |
307 | 311 |
| 312 // static |
| 313 void X509Certificate::ResetStore() { |
| 314 Singleton<X509InitSingleton>::get()->ResetStore(); |
| 315 } |
| 316 |
308 SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) { | 317 SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) { |
309 SHA1Fingerprint sha1; | 318 SHA1Fingerprint sha1; |
310 unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data)); | 319 unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data)); |
311 int ret = X509_digest(cert, EVP_sha1(), sha1.data, &sha1_size); | 320 int ret = X509_digest(cert, EVP_sha1(), sha1.data, &sha1_size); |
312 CHECK(ret); | 321 CHECK(ret); |
313 CHECK_EQ(sha1_size, sizeof(sha1.data)); | 322 CHECK_EQ(sha1_size, sizeof(sha1.data)); |
314 return sha1; | 323 return sha1; |
315 } | 324 } |
316 | 325 |
317 // static | 326 // static |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
446 // cache the DER (if not already cached via X509_set_ex_data). | 455 // cache the DER (if not already cached via X509_set_ex_data). |
447 DERCache der_cache_a, der_cache_b; | 456 DERCache der_cache_a, der_cache_b; |
448 | 457 |
449 return GetDERAndCacheIfNeeded(a, &der_cache_a) && | 458 return GetDERAndCacheIfNeeded(a, &der_cache_a) && |
450 GetDERAndCacheIfNeeded(b, &der_cache_b) && | 459 GetDERAndCacheIfNeeded(b, &der_cache_b) && |
451 der_cache_a.data_length == der_cache_b.data_length && | 460 der_cache_a.data_length == der_cache_b.data_length && |
452 memcmp(der_cache_a.data, der_cache_b.data, der_cache_a.data_length) == 0; | 461 memcmp(der_cache_a.data, der_cache_b.data, der_cache_a.data_length) == 0; |
453 } | 462 } |
454 | 463 |
455 } // namespace net | 464 } // namespace net |
OLD | NEW |