OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
6 | 6 |
7 #include <openssl/asn1.h> | 7 #include <openssl/asn1.h> |
8 #include <openssl/crypto.h> | 8 #include <openssl/crypto.h> |
9 #include <openssl/obj_mac.h> | 9 #include <openssl/obj_mac.h> |
10 #include <openssl/pem.h> | 10 #include <openssl/pem.h> |
(...skipping 457 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
468 X509* verified_cert = NULL; | 468 X509* verified_cert = NULL; |
469 std::vector<X509*> verified_chain; | 469 std::vector<X509*> verified_chain; |
470 for (int i = 0; i < sk_X509_num(chain); ++i) { | 470 for (int i = 0; i < sk_X509_num(chain); ++i) { |
471 X509* cert = sk_X509_value(chain, i); | 471 X509* cert = sk_X509_value(chain, i); |
472 if (i == 0) { | 472 if (i == 0) { |
473 verified_cert = cert; | 473 verified_cert = cert; |
474 } else { | 474 } else { |
475 verified_chain.push_back(cert); | 475 verified_chain.push_back(cert); |
476 } | 476 } |
477 | 477 |
478 int sig_alg = OBJ_obj2nid(cert->sig_alg->algorithm); | |
479 if (sig_alg == NID_md2WithRSAEncryption) { | |
480 verify_result->has_md2 = true; | |
481 if (i != 0) | |
482 verify_result->has_md2_ca = true; | |
483 } else if (sig_alg == NID_md4WithRSAEncryption) { | |
484 verify_result->has_md4 = true; | |
palmer
2011/10/25 19:44:48
Even if we never expect to see it, perhaps we shou
wtc
2011/10/25 20:37:31
Thank you for the suggestion. I should explain wh
| |
485 } else if (sig_alg == NID_md5WithRSAEncryption) { | |
486 verify_result->has_md5 = true; | |
487 if (i != 0) | |
488 verify_result->has_md5_ca = true; | |
489 } | |
490 | |
478 DERCache der_cache; | 491 DERCache der_cache; |
479 if (!GetDERAndCacheIfNeeded(cert, &der_cache)) | 492 if (!GetDERAndCacheIfNeeded(cert, &der_cache)) |
480 continue; | 493 continue; |
481 | 494 |
482 base::StringPiece der_bytes(reinterpret_cast<const char*>(der_cache.data), | 495 base::StringPiece der_bytes(reinterpret_cast<const char*>(der_cache.data), |
483 der_cache.data_length); | 496 der_cache.data_length); |
484 base::StringPiece spki_bytes; | 497 base::StringPiece spki_bytes; |
485 if (!asn1::ExtractSPKIFromDERCert(der_bytes, &spki_bytes)) | 498 if (!asn1::ExtractSPKIFromDERCert(der_bytes, &spki_bytes)) |
486 continue; | 499 continue; |
487 | 500 |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
553 DERCache der_cache; | 566 DERCache der_cache; |
554 if (!GetDERAndCacheIfNeeded(cert_handle, &der_cache)) | 567 if (!GetDERAndCacheIfNeeded(cert_handle, &der_cache)) |
555 return false; | 568 return false; |
556 | 569 |
557 return pickle->WriteData( | 570 return pickle->WriteData( |
558 reinterpret_cast<const char*>(der_cache.data), | 571 reinterpret_cast<const char*>(der_cache.data), |
559 der_cache.data_length); | 572 der_cache.data_length); |
560 } | 573 } |
561 | 574 |
562 } // namespace net | 575 } // namespace net |
OLD | NEW |