Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(41)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/cert_test_util.cc

Issue 4963002: Refactor EnsureOpenSSLInit and openssl_util into base (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: review comments Created 10 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « base/scoped_vector.h ('k') | net/base/openssl_util.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/cert_test_util.h" 5 #include "net/base/cert_test_util.h"
6 6
7 #include "build/build_config.h" 7 #include "build/build_config.h"
8 8
9 #if defined(USE_OPENSSL) 9 #if defined(USE_OPENSSL)
10 #include <openssl/err.h> 10 #include <openssl/err.h>
11 #include <openssl/ssl.h>
11 #include <openssl/x509v3.h> 12 #include <openssl/x509v3.h>
12 #include "net/base/openssl_util.h" 13 #include "base/openssl_util.h"
13 #elif defined(USE_NSS) 14 #elif defined(USE_NSS)
14 #include <cert.h> 15 #include <cert.h>
15 #include "base/nss_util.h" 16 #include "base/nss_util.h"
16 #elif defined(OS_MACOSX) 17 #elif defined(OS_MACOSX)
17 #include <Security/Security.h> 18 #include <Security/Security.h>
18 #include "base/mac/scoped_cftyperef.h" 19 #include "base/mac/scoped_cftyperef.h"
19 #endif 20 #endif
20 21
21 #include "base/file_util.h" 22 #include "base/file_util.h"
22 #include "base/logging.h" 23 #include "base/logging.h"
23 #include "base/path_service.h" 24 #include "base/path_service.h"
24 #include "net/base/x509_certificate.h" 25 #include "net/base/x509_certificate.h"
25 26
26 namespace net { 27 namespace net {
27 28
28 #if defined(USE_OPENSSL) 29 #if defined(USE_OPENSSL)
29 X509Certificate* AddTemporaryRootCertToStore(X509* x509_cert) { 30 X509Certificate* AddTemporaryRootCertToStore(X509* x509_cert) {
30 OpenSSLInitSingleton* openssl_init = GetOpenSSLInitSingleton(); 31 if (!X509_STORE_add_cert(X509Certificate::cert_store(), x509_cert)) {
31
32 if (!X509_STORE_add_cert(openssl_init->x509_store(), x509_cert)) {
33 unsigned long error_code = ERR_get_error(); 32 unsigned long error_code = ERR_get_error();
34 if (ERR_GET_LIB(error_code) != ERR_LIB_X509 || 33 if (ERR_GET_LIB(error_code) != ERR_LIB_X509 ||
35 ERR_GET_REASON(error_code) != X509_R_CERT_ALREADY_IN_HASH_TABLE) { 34 ERR_GET_REASON(error_code) != X509_R_CERT_ALREADY_IN_HASH_TABLE) {
36 do { 35 base::ClearOpenSSLERRStack();
37 LOG(ERROR) << "X509_STORE_add_cert error: " << error_code;
38 } while ((error_code = ERR_get_error()) != 0);
39 return NULL; 36 return NULL;
40 } 37 }
41 } 38 }
42 return X509Certificate::CreateFromHandle( 39 return X509Certificate::CreateFromHandle(
43 x509_cert, X509Certificate::SOURCE_LONE_CERT_IMPORT, 40 x509_cert, X509Certificate::SOURCE_LONE_CERT_IMPORT,
44 X509Certificate::OSCertHandles()); 41 X509Certificate::OSCertHandles());
45 } 42 }
46 43
47 X509Certificate* LoadTemporaryRootCert(const FilePath& filename) { 44 X509Certificate* LoadTemporaryRootCert(const FilePath& filename) {
48 EnsureOpenSSLInit(); 45 base::EnsureOpenSSLInit();
49 46
50 std::string rawcert; 47 std::string rawcert;
51 if (!file_util::ReadFileToString(filename, &rawcert)) { 48 if (!file_util::ReadFileToString(filename, &rawcert)) {
52 LOG(ERROR) << "Can't load certificate " << filename.value(); 49 LOG(ERROR) << "Can't load certificate " << filename.value();
53 return NULL; 50 return NULL;
54 } 51 }
55 52
56 ScopedSSL<BIO, BIO_free_all> cert_bio( 53 base::ScopedOpenSSL<BIO, BIO_free_all> cert_bio(
57 BIO_new_mem_buf(const_cast<char*>(rawcert.c_str()), 54 BIO_new_mem_buf(const_cast<char*>(rawcert.c_str()),
58 rawcert.length())); 55 rawcert.length()));
59 if (!cert_bio.get()) { 56 if (!cert_bio.get()) {
60 LOG(ERROR) << "Can't create read-only BIO " << filename.value(); 57 LOG(ERROR) << "Can't create read-only BIO " << filename.value();
61 return NULL; 58 return NULL;
62 } 59 }
63 60
64 ScopedSSL<X509, X509_free> pem_cert(PEM_read_bio_X509(cert_bio.get(), 61 base::ScopedOpenSSL<X509, X509_free> pem_cert(PEM_read_bio_X509(
65 NULL, NULL, NULL)); 62 cert_bio.get(), NULL, NULL, NULL));
66 if (pem_cert.get()) 63 if (pem_cert.get())
67 return AddTemporaryRootCertToStore(pem_cert.get()); 64 return AddTemporaryRootCertToStore(pem_cert.get());
68 65
69 // File does not contain PEM data, let's try DER. 66 // File does not contain PEM data, let's try DER.
70 const unsigned char* der_data = 67 const unsigned char* der_data =
71 reinterpret_cast<const unsigned char*>(rawcert.c_str()); 68 reinterpret_cast<const unsigned char*>(rawcert.c_str());
72 int der_length = rawcert.length(); 69 int der_length = rawcert.length();
73 ScopedSSL<X509, X509_free> der_cert(d2i_X509(NULL, &der_data, der_length)); 70 base::ScopedOpenSSL<X509, X509_free> der_cert(d2i_X509(
71 NULL, &der_data, der_length));
74 if (der_cert.get()) 72 if (der_cert.get())
75 return AddTemporaryRootCertToStore(der_cert.get()); 73 return AddTemporaryRootCertToStore(der_cert.get());
76 74
77 LOG(ERROR) << "Can't parse certificate " << filename.value(); 75 LOG(ERROR) << "Can't parse certificate " << filename.value();
78 return NULL; 76 return NULL;
79 } 77 }
80 #elif defined(USE_NSS) 78 #elif defined(USE_NSS)
81 X509Certificate* LoadTemporaryRootCert(const FilePath& filename) { 79 X509Certificate* LoadTemporaryRootCert(const FilePath& filename) {
82 base::EnsureNSSInit(); 80 base::EnsureNSSInit();
83 81
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after
149 SecCertificateRef cert_ref = static_cast<SecCertificateRef>( 147 SecCertificateRef cert_ref = static_cast<SecCertificateRef>(
150 const_cast<void*>(CFArrayGetValueAtIndex(cert_array, 0))); 148 const_cast<void*>(CFArrayGetValueAtIndex(cert_array, 0)));
151 149
152 return X509Certificate::CreateFromHandle(cert_ref, 150 return X509Certificate::CreateFromHandle(cert_ref,
153 X509Certificate::SOURCE_LONE_CERT_IMPORT, 151 X509Certificate::SOURCE_LONE_CERT_IMPORT,
154 X509Certificate::OSCertHandles()); 152 X509Certificate::OSCertHandles());
155 } 153 }
156 #endif 154 #endif
157 155
158 } // namespace net 156 } // namespace net
OLDNEW
« no previous file with comments | « base/scoped_vector.h ('k') | net/base/openssl_util.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698