OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
6 | 6 |
7 #include <CommonCrypto/CommonDigest.h> | 7 #include <CommonCrypto/CommonDigest.h> |
8 #include <CoreServices/CoreServices.h> | 8 #include <CoreServices/CoreServices.h> |
9 #include <Security/Security.h> | 9 #include <Security/Security.h> |
10 #include <time.h> | 10 #include <time.h> |
(...skipping 830 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
841 if (status) | 841 if (status) |
842 return NetErrorFromOSStatus(status); | 842 return NetErrorFromOSStatus(status); |
843 CFArrayRef completed_chain = NULL; | 843 CFArrayRef completed_chain = NULL; |
844 CSSM_TP_APPLE_EVIDENCE_INFO* chain_info; | 844 CSSM_TP_APPLE_EVIDENCE_INFO* chain_info; |
845 status = SecTrustGetResult(trust_ref, &trust_result, &completed_chain, | 845 status = SecTrustGetResult(trust_ref, &trust_result, &completed_chain, |
846 &chain_info); | 846 &chain_info); |
847 if (status) | 847 if (status) |
848 return NetErrorFromOSStatus(status); | 848 return NetErrorFromOSStatus(status); |
849 ScopedCFTypeRef<CFArrayRef> scoped_completed_chain(completed_chain); | 849 ScopedCFTypeRef<CFArrayRef> scoped_completed_chain(completed_chain); |
850 | 850 |
851 SecCertificateRef verified_cert = NULL; | |
852 std::vector<SecCertificateRef> verified_intermediates; | |
wtc
2011/07/26 19:32:29
Let's change this back to verified_chain, to be co
| |
853 for (CFIndex i = 0, count = CFArrayGetCount(completed_chain); | |
854 i < count; ++i) { | |
855 SecCertificateRef chain_cert = reinterpret_cast<SecCertificateRef>( | |
856 const_cast<void*>(CFArrayGetValueAtIndex(completed_chain, i))); | |
857 if (i == 0) { | |
858 verified_cert = chain_cert; | |
859 } else { | |
860 verified_intermediates.push_back(chain_cert); | |
861 } | |
862 } | |
863 if (verified_cert) { | |
864 verify_result->verified_cert = CreateFromHandle(verified_cert, | |
865 verified_intermediates); | |
866 } | |
867 | |
851 // Evaluate the results | 868 // Evaluate the results |
852 OSStatus cssm_result; | 869 OSStatus cssm_result; |
853 bool got_certificate_error = false; | 870 bool got_certificate_error = false; |
854 switch (trust_result) { | 871 switch (trust_result) { |
855 case kSecTrustResultUnspecified: | 872 case kSecTrustResultUnspecified: |
856 case kSecTrustResultProceed: | 873 case kSecTrustResultProceed: |
857 // Certificate chain is valid and trusted ("unspecified" indicates that | 874 // Certificate chain is valid and trusted ("unspecified" indicates that |
858 // the user has not explicitly set a trust setting) | 875 // the user has not explicitly set a trust setting) |
859 break; | 876 break; |
860 | 877 |
(...skipping 510 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1371 CSSM_DATA cert_data; | 1388 CSSM_DATA cert_data; |
1372 OSStatus status = SecCertificateGetData(cert_handle, &cert_data); | 1389 OSStatus status = SecCertificateGetData(cert_handle, &cert_data); |
1373 if (status) | 1390 if (status) |
1374 return false; | 1391 return false; |
1375 | 1392 |
1376 return pickle->WriteData(reinterpret_cast<char*>(cert_data.Data), | 1393 return pickle->WriteData(reinterpret_cast<char*>(cert_data.Data), |
1377 cert_data.Length); | 1394 cert_data.Length); |
1378 } | 1395 } |
1379 | 1396 |
1380 } // namespace net | 1397 } // namespace net |
OLD | NEW |