net/base/x509_certificate_openssl_android.cc - Issue 7538029: Upstream certificate and mime Android implementation.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/base/x509_certificate_openssl_android.cc

Issue 7538029: Upstream certificate and mime Android implementation. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Sync again Created 9 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "net/base/x509_certificate.h"

	6

	7 #include "base/logging.h"

	8 #include "net/android/network_library.h"

	9 #include "net/base/cert_status_flags.h"

	10 #include "net/base/cert_verify_result.h"

	11 #include "net/base/net_errors.h"

	12

	13 namespace net {

	14

	15 int X509Certificate::VerifyInternal(const std::string& hostname,

	16 int flags,

	17 CertVerifyResult* verify_result) const {

	18 if (!VerifyNameMatch(hostname))

	19 verify_result->cert_status \|= CERT_STATUS_COMMON_NAME_INVALID;

	20

	21 std::vector<std::string> cert_bytes;

	22 GetChainDEREncodedBytes(&cert_bytes);

	23

	24 // TODO(joth): Fetch the authentication type from SSL rather than hardcode.

	25 android::VerifyResult result =

	26 android::VerifyX509CertChain(cert_bytes, hostname, "RSA");

	27 switch (result) {

	28 case android::VERIFY_OK:

	29 return OK;

	30 case android::VERIFY_BAD_HOSTNAME:

	31 verify_result->cert_status \|= CERT_STATUS_COMMON_NAME_INVALID;

	32 break;

	33 case android::VERIFY_NO_TRUSTED_ROOT:

	34 verify_result->cert_status \|= CERT_STATUS_AUTHORITY_INVALID;

	35 break;

	36 case android::VERIFY_INVOCATION_ERROR:

	37 default:

	38 verify_result->cert_status \|= ERR_CERT_INVALID;

	39 break;

	40 }

	41 return MapCertStatusToNetError(verify_result->cert_status);

	42 }

	43

	44 void X509Certificate::GetChainDEREncodedBytes(

	45 std::vector<std::string>* chain_bytes) const {

	46 OSCertHandles cert_handles(intermediate_ca_certs_);

	47 // Make sure the peer's own cert is the first in the chain, if it's not

	48 // already there.

	49 if (cert_handles.empty())

	50 cert_handles.insert(cert_handles.begin(), cert_handle_);

	51

	52 chain_bytes->reserve(cert_handles.size());

	53 for (OSCertHandles::const_iterator it = cert_handles.begin();

	54 it != cert_handles.end(); ++it) {

	55 DERCache der_cache = {0};

	56 GetDERAndCacheIfNeeded(*it, &der_cache);

	57 std::string cert_bytes (

	58 reinterpret_cast<const char*>(der_cache.data), der_cache.data_length);

	59 chain_bytes->push_back(cert_bytes);

	60 }

	61 }

	62

	63 } // namespace net

OLD	NEW

« no previous file with comments | « net/base/x509_certificate_openssl.cc ('k') | no next file » | no next file with comments »