Chromium Code Reviews Chromium Code Reviews
Issue 4963002:
Refactor EnsureOpenSSLInit and openssl_util into base (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ | 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ |
| 6 #define NET_BASE_X509_CERTIFICATE_H_ | 6 #define NET_BASE_X509_CERTIFICATE_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <string.h> | 9 #include <string.h> |
| 10 | 10 |
| 11 #include <string> | 11 #include <string> |
| 12 #include <vector> | 12 #include <vector> |
| 13 | 13 |
| 14 #include "base/gtest_prod_util.h" | 14 #include "base/gtest_prod_util.h" |
| 15 #include "base/ref_counted.h" | 15 #include "base/ref_counted.h" |
| 16 #include "base/string_piece.h" | 16 #include "base/string_piece.h" |
| 17 #include "base/time.h" | 17 #include "base/time.h" |
| 18 #include "net/base/x509_cert_types.h" | 18 #include "net/base/x509_cert_types.h" |
| 19 | 19 |
| 20 #if defined(OS_WIN) | 20 #if defined(OS_WIN) |
| 21 #include <windows.h> | 21 #include <windows.h> |
| 22 #include <wincrypt.h> | 22 #include <wincrypt.h> |
| 23 #elif defined(OS_MACOSX) | 23 #elif defined(OS_MACOSX) |
| 24 #include <CoreFoundation/CFArray.h> | 24 #include <CoreFoundation/CFArray.h> |
| 25 #include <Security/SecBase.h> | 25 #include <Security/SecBase.h> |
| 26 #elif defined(USE_OPENSSL) | 26 #elif defined(USE_OPENSSL) |
| 27 // Forward declaration; real one in <x509.h> | 27 // Forward declaration; real one in <x509.h> |
| 28 struct x509_st; | 28 struct x509_st; |
| 29 typedef struct x509_store_st X509_STORE; | |
| 29 #elif defined(USE_NSS) | 30 #elif defined(USE_NSS) |
| 30 // Forward declaration; real one in <cert.h> | 31 // Forward declaration; real one in <cert.h> |
| 31 struct CERTCertificateStr; | 32 struct CERTCertificateStr; |
| 32 #endif | 33 #endif |
| 33 | 34 |
| 34 class Pickle; | 35 class Pickle; |
| 35 | 36 |
| 36 namespace net { | 37 namespace net { |
| 37 | 38 |
| 38 class CertVerifyResult; | 39 class CertVerifyResult; |
| (...skipping 188 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 227 // Returns a handle to a global, in-memory certificate store. We use it for | 228 // Returns a handle to a global, in-memory certificate store. We use it for |
| 228 // two purposes: | 229 // two purposes: |
| 229 // 1. Import server certificates into this store so that we can verify and | 230 // 1. Import server certificates into this store so that we can verify and |
| 230 // display the certificates using CryptoAPI. | 231 // display the certificates using CryptoAPI. |
| 231 // 2. Copy client certificates from the "MY" system certificate store into | 232 // 2. Copy client certificates from the "MY" system certificate store into |
| 232 // this store so that we can close the system store when we finish | 233 // this store so that we can close the system store when we finish |
| 233 // searching for client certificates. | 234 // searching for client certificates. |
| 234 static HCERTSTORE cert_store(); | 235 static HCERTSTORE cert_store(); |
| 235 #endif | 236 #endif |
| 236 | 237 |
| 238 #if defined(USE_OPENSSL) | |
| 239 // Returns a handle to a global, in-memory trusted root certificate store. We | |
|
wtc
2010/11/16 15:35:07
Nit: is this certificate store for trusted roots o
joth
2010/11/16 16:07:19
The latter, but only after the test code has used
wtc
2010/11/16 20:20:19
A test server's cert is not a "root" cert. "Root"
joth
2010/11/17 09:57:13
Done.
| |
| 240 // use it for test code, e.g. importing the test server's certificate. | |
| 241 static X509_STORE* cert_store(); | |
| 242 #endif | |
| 243 | |
| 237 // Verifies the certificate against the given hostname. Returns OK if | 244 // Verifies the certificate against the given hostname. Returns OK if |
| 238 // successful or an error code upon failure. | 245 // successful or an error code upon failure. |
| 239 // | 246 // |
| 240 // The |*verify_result| structure, including the |verify_result->cert_status| | 247 // The |*verify_result| structure, including the |verify_result->cert_status| |
| 241 // bitmask, is always filled out regardless of the return value. If the | 248 // bitmask, is always filled out regardless of the return value. If the |
| 242 // certificate has multiple errors, the corresponding status flags are set in | 249 // certificate has multiple errors, the corresponding status flags are set in |
| 243 // |verify_result->cert_status|, and the error code for the most serious | 250 // |verify_result->cert_status|, and the error code for the most serious |
| 244 // error is returned. | 251 // error is returned. |
| 245 // | 252 // |
| 246 // |flags| is bitwise OR'd of VerifyFlags. | 253 // |flags| is bitwise OR'd of VerifyFlags. |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 329 | 336 |
| 330 // Where the certificate comes from. | 337 // Where the certificate comes from. |
| 331 Source source_; | 338 Source source_; |
| 332 | 339 |
| 333 DISALLOW_COPY_AND_ASSIGN(X509Certificate); | 340 DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
| 334 }; | 341 }; |
| 335 | 342 |
| 336 } // namespace net | 343 } // namespace net |
| 337 | 344 |
| 338 #endif // NET_BASE_X509_CERTIFICATE_H_ | 345 #endif // NET_BASE_X509_CERTIFICATE_H_ |
| OLD | NEW |
