Chromium Code Reviews Chromium Code Reviews
Issue 6874039:
Return the constructed certificate chain in X509Certificate::Verify() (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
| 6 | 6 |
| 7 #include <CommonCrypto/CommonDigest.h> | 7 #include <CommonCrypto/CommonDigest.h> |
| 8 #include <CoreServices/CoreServices.h> | 8 #include <CoreServices/CoreServices.h> |
| 9 #include <Security/Security.h> | 9 #include <Security/Security.h> |
| 10 #include <time.h> | 10 #include <time.h> |
| (...skipping 830 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 841 if (status) | 841 if (status) |
| 842 return NetErrorFromOSStatus(status); | 842 return NetErrorFromOSStatus(status); |
| 843 CFArrayRef completed_chain = NULL; | 843 CFArrayRef completed_chain = NULL; |
| 844 CSSM_TP_APPLE_EVIDENCE_INFO* chain_info; | 844 CSSM_TP_APPLE_EVIDENCE_INFO* chain_info; |
| 845 status = SecTrustGetResult(trust_ref, &trust_result, &completed_chain, | 845 status = SecTrustGetResult(trust_ref, &trust_result, &completed_chain, |
| 846 &chain_info); | 846 &chain_info); |
| 847 if (status) | 847 if (status) |
| 848 return NetErrorFromOSStatus(status); | 848 return NetErrorFromOSStatus(status); |
| 849 ScopedCFTypeRef<CFArrayRef> scoped_completed_chain(completed_chain); | 849 ScopedCFTypeRef<CFArrayRef> scoped_completed_chain(completed_chain); |
| 850 | 850 |
| 851 SecCertificateRef verified_cert = NULL; | |
| 852 std::vector<SecCertificateRef> verified_intermediates; | |
|
wtc
2011/07/26 19:32:29
Let's change this back to verified_chain, to be co
| |
| 853 for (CFIndex i = 0, count = CFArrayGetCount(completed_chain); | |
| 854 i < count; ++i) { | |
| 855 SecCertificateRef chain_cert = reinterpret_cast<SecCertificateRef>( | |
| 856 const_cast<void*>(CFArrayGetValueAtIndex(completed_chain, i))); | |
| 857 if (i == 0) { | |
| 858 verified_cert = chain_cert; | |
| 859 } else { | |
| 860 verified_intermediates.push_back(chain_cert); | |
| 861 } | |
| 862 } | |
| 863 if (verified_cert) { | |
| 864 verify_result->verified_cert = CreateFromHandle(verified_cert, | |
| 865 verified_intermediates); | |
| 866 } | |
| 867 | |
| 851 // Evaluate the results | 868 // Evaluate the results |
| 852 OSStatus cssm_result; | 869 OSStatus cssm_result; |
| 853 bool got_certificate_error = false; | 870 bool got_certificate_error = false; |
| 854 switch (trust_result) { | 871 switch (trust_result) { |
| 855 case kSecTrustResultUnspecified: | 872 case kSecTrustResultUnspecified: |
| 856 case kSecTrustResultProceed: | 873 case kSecTrustResultProceed: |
| 857 // Certificate chain is valid and trusted ("unspecified" indicates that | 874 // Certificate chain is valid and trusted ("unspecified" indicates that |
| 858 // the user has not explicitly set a trust setting) | 875 // the user has not explicitly set a trust setting) |
| 859 break; | 876 break; |
| 860 | 877 |
| (...skipping 510 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1371 CSSM_DATA cert_data; | 1388 CSSM_DATA cert_data; |
| 1372 OSStatus status = SecCertificateGetData(cert_handle, &cert_data); | 1389 OSStatus status = SecCertificateGetData(cert_handle, &cert_data); |
| 1373 if (status) | 1390 if (status) |
| 1374 return false; | 1391 return false; |
| 1375 | 1392 |
| 1376 return pickle->WriteData(reinterpret_cast<char*>(cert_data.Data), | 1393 return pickle->WriteData(reinterpret_cast<char*>(cert_data.Data), |
| 1377 cert_data.Length); | 1394 cert_data.Length); |
| 1378 } | 1395 } |
| 1379 | 1396 |
| 1380 } // namespace net | 1397 } // namespace net |
| OLD | NEW |
