Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(655)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate_openssl.cc

Issue 6793026: Initial support for HSTS certificate locking. This isn't a finished work, but (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/x509_certificate_nss.cc ('K') | « net/base/x509_certificate_nss.cc ('k') | net/url_request/url_request_http_job.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #include <openssl/asn1.h> 7 #include <openssl/asn1.h>
8 #include <openssl/crypto.h> 8 #include <openssl/crypto.h>
9 #include <openssl/obj_mac.h> 9 #include <openssl/obj_mac.h>
10 #include <openssl/pem.h> 10 #include <openssl/pem.h>
(...skipping 314 matching lines...) Expand 10 before | Expand all | Expand 10 after
325 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_); 325 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_);
326 nxou::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_); 326 nxou::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_);
327 nxou::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_); 327 nxou::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_);
328 } 328 }
329 329
330 // static 330 // static
331 void X509Certificate::ResetCertStore() { 331 void X509Certificate::ResetCertStore() {
332 X509InitSingleton::GetInstance()->ResetCertStore(); 332 X509InitSingleton::GetInstance()->ResetCertStore();
333 } 333 }
334 334
335 // static
336 void X509Certificate::GetCertChainFromCert(OSCertHandle cert_handle,
337 OSCertHandles* cert_handles) {
338 // TODO(bulach): how to get the chain out of a certificate?
wtc 2011/04/07 01:00:29 I don't know. Usually a certificate chain is a by
339 cert_handles->push_back(net::X509Certificate::DupOSCertHandle(cert_handle));
340 }
341
342 // static
343 void X509Certificate::DestroyCertChain(OSCertHandles* cert_handles) {
344 for (OSCertHandles::iterator i = cert_handles->begin();
345 i != cert_handles->end(); ++i)
346 X509_free(*i);
347 cert_handles->clear();
348 }
349
335 SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) { 350 SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) {
336 SHA1Fingerprint sha1; 351 SHA1Fingerprint sha1;
337 unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data)); 352 unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data));
338 int ret = X509_digest(cert, EVP_sha1(), sha1.data, &sha1_size); 353 int ret = X509_digest(cert, EVP_sha1(), sha1.data, &sha1_size);
339 CHECK(ret); 354 CHECK(ret);
340 CHECK_EQ(sha1_size, sizeof(sha1.data)); 355 CHECK_EQ(sha1_size, sizeof(sha1.data));
341 return sha1; 356 return sha1;
342 } 357 }
343 358
344 // static 359 // static
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after
495 // cache the DER (if not already cached via X509_set_ex_data). 510 // cache the DER (if not already cached via X509_set_ex_data).
496 DERCache der_cache_a, der_cache_b; 511 DERCache der_cache_a, der_cache_b;
497 512
498 return GetDERAndCacheIfNeeded(a, &der_cache_a) && 513 return GetDERAndCacheIfNeeded(a, &der_cache_a) &&
499 GetDERAndCacheIfNeeded(b, &der_cache_b) && 514 GetDERAndCacheIfNeeded(b, &der_cache_b) &&
500 der_cache_a.data_length == der_cache_b.data_length && 515 der_cache_a.data_length == der_cache_b.data_length &&
501 memcmp(der_cache_a.data, der_cache_b.data, der_cache_a.data_length) == 0; 516 memcmp(der_cache_a.data, der_cache_b.data, der_cache_a.data_length) == 0;
502 } 517 }
503 518
504 } // namespace net 519 } // namespace net
OLDNEW
« net/base/x509_certificate_nss.cc ('K') | « net/base/x509_certificate_nss.cc ('k') | net/url_request/url_request_http_job.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698