Chromium Code Reviews Chromium Code Reviews
Issue 8400075:
Fix the "certificate is not yet valid" error for server certificates (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
| 6 | 6 |
| 7 #include "base/lazy_instance.h" | 7 #include "base/lazy_instance.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/pickle.h" | 9 #include "base/pickle.h" |
| 10 #include "base/sha1.h" | 10 #include "base/sha1.h" |
| (...skipping 523 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 534 &cert_handle_->pCertInfo->Issuer, | 534 &cert_handle_->pCertInfo->Issuer, |
| 535 CERT_X500_NAME_STR | CERT_NAME_STR_CRLF_FLAG, | 535 CERT_X500_NAME_STR | CERT_NAME_STR_CRLF_FLAG, |
| 536 WriteInto(&issuer_info, name_size), name_size); | 536 WriteInto(&issuer_info, name_size), name_size); |
| 537 ParsePrincipal(WideToUTF8(subject_info), &subject_); | 537 ParsePrincipal(WideToUTF8(subject_info), &subject_); |
| 538 ParsePrincipal(WideToUTF8(issuer_info), &issuer_); | 538 ParsePrincipal(WideToUTF8(issuer_info), &issuer_); |
| 539 | 539 |
| 540 valid_start_ = Time::FromFileTime(cert_handle_->pCertInfo->NotBefore); | 540 valid_start_ = Time::FromFileTime(cert_handle_->pCertInfo->NotBefore); |
| 541 valid_expiry_ = Time::FromFileTime(cert_handle_->pCertInfo->NotAfter); | 541 valid_expiry_ = Time::FromFileTime(cert_handle_->pCertInfo->NotAfter); |
| 542 | 542 |
| 543 fingerprint_ = CalculateFingerprint(cert_handle_); | 543 fingerprint_ = CalculateFingerprint(cert_handle_); |
| 544 chain_fingerprint_ = CalculateChainFingerprint(); | |
| 544 | 545 |
| 545 const CRYPT_INTEGER_BLOB* serial = &cert_handle_->pCertInfo->SerialNumber; | 546 const CRYPT_INTEGER_BLOB* serial = &cert_handle_->pCertInfo->SerialNumber; |
| 546 scoped_array<uint8> serial_bytes(new uint8[serial->cbData]); | 547 scoped_array<uint8> serial_bytes(new uint8[serial->cbData]); |
| 547 for (unsigned i = 0; i < serial->cbData; i++) | 548 for (unsigned i = 0; i < serial->cbData; i++) |
| 548 serial_bytes[i] = serial->pbData[serial->cbData - i - 1]; | 549 serial_bytes[i] = serial->pbData[serial->cbData - i - 1]; |
| 549 serial_number_ = std::string( | 550 serial_number_ = std::string( |
| 550 reinterpret_cast<char*>(serial_bytes.get()), serial->cbData); | 551 reinterpret_cast<char*>(serial_bytes.get()), serial->cbData); |
| 551 // Remove leading zeros. | 552 // Remove leading zeros. |
| 552 while (serial_number_.size() > 1 && serial_number_[0] == 0) | 553 while (serial_number_.size() > 1 && serial_number_[0] == 0) |
| 553 serial_number_ = serial_number_.substr(1, serial_number_.size() - 1); | 554 serial_number_ = serial_number_.substr(1, serial_number_.size() - 1); |
| (...skipping 457 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1011 SHA1Fingerprint sha1; | 1012 SHA1Fingerprint sha1; |
| 1012 DWORD sha1_size = sizeof(sha1.data); | 1013 DWORD sha1_size = sizeof(sha1.data); |
| 1013 rv = CryptHashCertificate(NULL, CALG_SHA1, 0, cert->pbCertEncoded, | 1014 rv = CryptHashCertificate(NULL, CALG_SHA1, 0, cert->pbCertEncoded, |
| 1014 cert->cbCertEncoded, sha1.data, &sha1_size); | 1015 cert->cbCertEncoded, sha1.data, &sha1_size); |
| 1015 DCHECK(rv && sha1_size == sizeof(sha1.data)); | 1016 DCHECK(rv && sha1_size == sizeof(sha1.data)); |
| 1016 if (!rv) | 1017 if (!rv) |
| 1017 memset(sha1.data, 0, sizeof(sha1.data)); | 1018 memset(sha1.data, 0, sizeof(sha1.data)); |
| 1018 return sha1; | 1019 return sha1; |
| 1019 } | 1020 } |
| 1020 | 1021 |
| 1022 SHA1Fingerprint X509Certificate::CalculateChainFingerprint() const { | |
| 1023 // TODO(wtc): implement this. | |
| 1024 return CalculateFingerprint(cert_handle_); | |
|
wtc
2011/10/28 22:24:04
I still need to implement this on Windows. If nec
| |
| 1025 } | |
| 1026 | |
| 1021 // static | 1027 // static |
| 1022 X509Certificate::OSCertHandle | 1028 X509Certificate::OSCertHandle |
| 1023 X509Certificate::ReadOSCertHandleFromPickle(const Pickle& pickle, | 1029 X509Certificate::ReadOSCertHandleFromPickle(const Pickle& pickle, |
| 1024 void** pickle_iter) { | 1030 void** pickle_iter) { |
| 1025 const char* data; | 1031 const char* data; |
| 1026 int length; | 1032 int length; |
| 1027 if (!pickle.ReadData(pickle_iter, &data, &length)) | 1033 if (!pickle.ReadData(pickle_iter, &data, &length)) |
| 1028 return NULL; | 1034 return NULL; |
| 1029 | 1035 |
| 1030 OSCertHandle cert_handle = NULL; | 1036 OSCertHandle cert_handle = NULL; |
| (...skipping 21 matching lines...) Expand all Loading... | |
| 1052 if (!CertSerializeCertificateStoreElement(cert_handle, 0, &buffer[0], | 1058 if (!CertSerializeCertificateStoreElement(cert_handle, 0, &buffer[0], |
| 1053 &length)) { | 1059 &length)) { |
| 1054 return false; | 1060 return false; |
| 1055 } | 1061 } |
| 1056 | 1062 |
| 1057 return pickle->WriteData(reinterpret_cast<const char*>(&buffer[0]), | 1063 return pickle->WriteData(reinterpret_cast<const char*>(&buffer[0]), |
| 1058 length); | 1064 length); |
| 1059 } | 1065 } |
| 1060 | 1066 |
| 1061 } // namespace net | 1067 } // namespace net |
| OLD | NEW |
