net/base/x509_certificate_openssl.cc - Issue 8400075: Fix the "certificate is not yet valid" error for server certificates

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/base/x509_certificate_openssl.cc

Issue 8400075: Fix the "certificate is not yet valid" error for server certificates (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Use NSS BLAPI. Add comments. Created 9 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/base/x509_certificate_openssl.cc

===================================================================

--- net/base/x509_certificate_openssl.cc (revision 107789)

+++ net/base/x509_certificate_openssl.cc (working copy)

@@ -325,6 +325,7 @@

void X509Certificate::Initialize() {

crypto::EnsureOpenSSLInit();

fingerprint_ = CalculateFingerprint(cert_handle_);

+ chain_fingerprint_ = CalculateChainFingerprint();

ASN1_INTEGER* num = X509_get_serialNumber(cert_handle_);

if (num) {

@@ -347,6 +348,7 @@

X509InitSingleton::GetInstance()->ResetCertStore();

}

+// static

SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) {

SHA1Fingerprint sha1;

unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data));

@@ -356,6 +358,26 @@

return sha1;

}

+SHA1Fingerprint X509Certificate::CalculateChainFingerprint() const {

+ SHA1Fingerprint sha1;

+ memset(sha1.data, 0, sizeof(sha1.data));

+ SHA_CTX sha1_ctx;

+ SHA1_Init(&sha1_ctx);

+ DERCache der_cache;

+ if (!GetDERAndCacheIfNeeded(cert_handle_, &der_cache))

+ return sha1;

+ SHA1_Update(&sha1_ctx, der_cache.data, der_cache.data_length);

+ for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) {

+ if (!GetDERAndCacheIfNeeded(intermediate_ca_certs_[i], &der_cache))

+ return sha1;

+ SHA1_Update(&sha1_ctx, der_cache.data, der_cache.data_length);

+ }

+ SHA1_Final(sha1.data, &sha1_ctx);

+ return sha1;

// static

X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes(

const char* data, int length) {

« no previous file with comments | « net/base/x509_certificate_nss.cc ('k') | net/base/x509_certificate_unittest.cc » ('j') | no next file with comments »