Chromium Code Reviews Chromium Code Reviews
Issue 8387032:
OpenSSL: fix serial number tests. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
| 6 | 6 |
| 7 #include <openssl/asn1.h> | 7 #include <openssl/asn1.h> |
| 8 #include <openssl/crypto.h> | 8 #include <openssl/crypto.h> |
| 9 #include <openssl/obj_mac.h> | 9 #include <openssl/obj_mac.h> |
| 10 #include <openssl/pem.h> | 10 #include <openssl/pem.h> |
| (...skipping 314 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 325 void X509Certificate::Initialize() { | 325 void X509Certificate::Initialize() { |
| 326 crypto::EnsureOpenSSLInit(); | 326 crypto::EnsureOpenSSLInit(); |
| 327 fingerprint_ = CalculateFingerprint(cert_handle_); | 327 fingerprint_ = CalculateFingerprint(cert_handle_); |
| 328 chain_fingerprint_ = CalculateChainFingerprint(); | 328 chain_fingerprint_ = CalculateChainFingerprint(); |
| 329 | 329 |
| 330 ASN1_INTEGER* num = X509_get_serialNumber(cert_handle_); | 330 ASN1_INTEGER* num = X509_get_serialNumber(cert_handle_); |
| 331 if (num) { | 331 if (num) { |
| 332 serial_number_ = std::string( | 332 serial_number_ = std::string( |
| 333 reinterpret_cast<char*>(num->data), | 333 reinterpret_cast<char*>(num->data), |
| 334 num->length); | 334 num->length); |
| 335 if ((num->type & V_ASN1_NEG) == 0 && | |
| 336 num->length != 0 && | |
| 337 num->data[0] >= 0x80) { | |
|
joth
2011/10/31 17:17:45
nit: I find the last term slightly easier to read
agl
2011/10/31 17:23:45
Done.
| |
| 338 // The non-negative serial_number_ needs to be padded with a leading 0 | |
| 339 // byte in order that the MSB isn't set. | |
|
joth
2011/10/31 17:17:45
is there a reasonable hint you could add here as t
agl
2011/10/31 17:23:45
Have expanded the comment.
| |
| 340 serial_number_ = std::string("", 1) + serial_number_; | |
| 341 } | |
| 335 } | 342 } |
| 336 | 343 |
| 337 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_); | 344 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_); |
| 338 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_); | 345 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_); |
| 339 x509_util::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_); | 346 x509_util::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_); |
| 340 x509_util::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_); | 347 x509_util::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_); |
| 341 } | 348 } |
| 342 | 349 |
| 343 // static | 350 // static |
| 344 void X509Certificate::ResetCertStore() { | 351 void X509Certificate::ResetCertStore() { |
| (...skipping 227 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 572 DERCache der_cache; | 579 DERCache der_cache; |
| 573 if (!GetDERAndCacheIfNeeded(cert_handle, &der_cache)) | 580 if (!GetDERAndCacheIfNeeded(cert_handle, &der_cache)) |
| 574 return false; | 581 return false; |
| 575 | 582 |
| 576 return pickle->WriteData( | 583 return pickle->WriteData( |
| 577 reinterpret_cast<const char*>(der_cache.data), | 584 reinterpret_cast<const char*>(der_cache.data), |
| 578 der_cache.data_length); | 585 der_cache.data_length); |
| 579 } | 586 } |
| 580 | 587 |
| 581 } // namespace net | 588 } // namespace net |
| OLD | NEW |
