OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
6 | 6 |
7 #include <openssl/asn1.h> | 7 #include <openssl/asn1.h> |
8 #include <openssl/crypto.h> | 8 #include <openssl/crypto.h> |
9 #include <openssl/obj_mac.h> | 9 #include <openssl/obj_mac.h> |
10 #include <openssl/pem.h> | 10 #include <openssl/pem.h> |
(...skipping 289 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
300 } | 300 } |
301 | 301 |
302 // static | 302 // static |
303 void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) { | 303 void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) { |
304 // Decrement the ref-count for the cert and, if all references are gone, | 304 // Decrement the ref-count for the cert and, if all references are gone, |
305 // free the memory and any application-specific data associated with the | 305 // free the memory and any application-specific data associated with the |
306 // certificate. | 306 // certificate. |
307 X509_free(cert_handle); | 307 X509_free(cert_handle); |
308 } | 308 } |
309 | 309 |
310 // static | |
311 void X509Certificate::FreeOSCertListHandle(OSCertListHandle cert_list) { | |
wtc
2011/10/04 00:26:34
cert_list => cert_list_handle
| |
312 sk_X509_pop_free(cert_list, X509_free); | |
313 } | |
314 | |
310 void X509Certificate::Initialize() { | 315 void X509Certificate::Initialize() { |
311 crypto::EnsureOpenSSLInit(); | 316 crypto::EnsureOpenSSLInit(); |
312 fingerprint_ = CalculateFingerprint(cert_handle_); | 317 fingerprint_ = CalculateFingerprint(cert_handle_); |
313 | 318 |
314 ASN1_INTEGER* num = X509_get_serialNumber(cert_handle_); | 319 ASN1_INTEGER* num = X509_get_serialNumber(cert_handle_); |
315 if (num) { | 320 if (num) { |
316 serial_number_ = std::string( | 321 serial_number_ = std::string( |
317 reinterpret_cast<char*>(num->data), | 322 reinterpret_cast<char*>(num->data), |
318 num->length); | 323 num->length); |
319 // Remove leading zeros. | 324 // Remove leading zeros. |
(...skipping 15 matching lines...) Expand all Loading... | |
335 SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) { | 340 SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) { |
336 SHA1Fingerprint sha1; | 341 SHA1Fingerprint sha1; |
337 unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data)); | 342 unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data)); |
338 int ret = X509_digest(cert, EVP_sha1(), sha1.data, &sha1_size); | 343 int ret = X509_digest(cert, EVP_sha1(), sha1.data, &sha1_size); |
339 CHECK(ret); | 344 CHECK(ret); |
340 CHECK_EQ(sha1_size, sizeof(sha1.data)); | 345 CHECK_EQ(sha1_size, sizeof(sha1.data)); |
341 return sha1; | 346 return sha1; |
342 } | 347 } |
343 | 348 |
344 // static | 349 // static |
350 X509Certificate::OSCertListHandle | |
351 X509Certificate::CreateOSCertListHandle() const { | |
wtc
2011/10/04 00:26:34
Change VerifyInternal to use CreateOSCertListHandl
| |
352 STACK_OF(X509)* cert_list_handle = sk_X509_new_null(); | |
353 if (!cert_list_handle) | |
354 return NULL; | |
355 | |
356 if (!sk_X509_push(cert_list_handle, DupOSCertHandle(cert_handle_))) { | |
357 FreeOSCertListHandle(cert_list_handle); | |
358 return NULL; | |
359 } | |
360 | |
361 bool ok = true; | |
362 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) { | |
363 if (!sk_X509_push(cert_list_handle, | |
364 DupOSCertHandle(intermediate_ca_certs_[i]))) { | |
365 ok = false; | |
366 break; | |
367 } | |
368 } | |
369 if (!ok) { | |
370 FreeOSCertListHandle(cert_list_handle); | |
371 return NULL; | |
372 } | |
373 | |
374 return cert_list_handle; | |
375 } | |
376 | |
377 // static | |
345 X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes( | 378 X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes( |
346 const char* data, int length) { | 379 const char* data, int length) { |
347 if (length < 0) | 380 if (length < 0) |
348 return NULL; | 381 return NULL; |
349 crypto::EnsureOpenSSLInit(); | 382 crypto::EnsureOpenSSLInit(); |
350 const unsigned char* d2i_data = | 383 const unsigned char* d2i_data = |
351 reinterpret_cast<const unsigned char*>(data); | 384 reinterpret_cast<const unsigned char*>(data); |
352 // Don't cache this data via SetDERCache as this wire format may be not be | 385 // Don't cache this data via SetDERCache as this wire format may be not be |
353 // identical from the i2d_X509 roundtrip. | 386 // identical from the i2d_X509 roundtrip. |
354 X509* cert = d2i_X509(NULL, &d2i_data, length); | 387 X509* cert = d2i_X509(NULL, &d2i_data, length); |
(...skipping 167 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
522 DERCache der_cache; | 555 DERCache der_cache; |
523 if (!GetDERAndCacheIfNeeded(cert_handle, &der_cache)) | 556 if (!GetDERAndCacheIfNeeded(cert_handle, &der_cache)) |
524 return false; | 557 return false; |
525 | 558 |
526 return pickle->WriteData( | 559 return pickle->WriteData( |
527 reinterpret_cast<const char*>(der_cache.data), | 560 reinterpret_cast<const char*>(der_cache.data), |
528 der_cache.data_length); | 561 der_cache.data_length); |
529 } | 562 } |
530 | 563 |
531 } // namespace net | 564 } // namespace net |
OLD | NEW |