| Index: net/base/x509_certificate_win.cc
|
| ===================================================================
|
| --- net/base/x509_certificate_win.cc (revision 107789)
|
| +++ net/base/x509_certificate_win.cc (working copy)
|
| @@ -4,6 +4,8 @@
|
|
|
| #include "net/base/x509_certificate.h"
|
|
|
| +#include <sechash.h> // Implement CalculateChainFingerprint() with NSS.
|
| +
|
| #include "base/lazy_instance.h"
|
| #include "base/logging.h"
|
| #include "base/pickle.h"
|
| @@ -541,6 +543,7 @@
|
| valid_expiry_ = Time::FromFileTime(cert_handle_->pCertInfo->NotAfter);
|
|
|
| fingerprint_ = CalculateFingerprint(cert_handle_);
|
| + chain_fingerprint_ = CalculateChainFingerprint();
|
|
|
| const CRYPT_INTEGER_BLOB* serial = &cert_handle_->pCertInfo->SerialNumber;
|
| scoped_array<uint8> serial_bytes(new uint8[serial->cbData]);
|
| @@ -1018,6 +1021,27 @@
|
| return sha1;
|
| }
|
|
|
| +SHA1Fingerprint X509Certificate::CalculateChainFingerprint() const {
|
| + SHA1Fingerprint sha1;
|
| + memset(sha1.data, 0, sizeof(sha1.data));
|
| +
|
| + HASHContext* sha1_ctx = HASH_Create(HASH_AlgSHA1);
|
| + if (!sha1_ctx)
|
| + return sha1;
|
| + HASH_Begin(sha1_ctx);
|
| + HASH_Update(sha1_ctx, cert_handle_->pbCertEncoded,
|
| + cert_handle_->cert->cbCertEncoded);
|
| + for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) {
|
| + CERTCertificate* ca_cert = intermediate_ca_certs_[i];
|
| + HASH_Update(sha1_ctx, ca_cert->pbCertEncoded, ca_cert->cbCertEncoded);
|
| + }
|
| + unsigned int result_len;
|
| + HASH_End(sha1_ctx, sha1.data, &result_len, HASH_ResultLenContext(sha1_ctx));
|
| + HASH_Destroy(sha1_ctx);
|
| +
|
| + return sha1;
|
| +}
|
| +
|
| // static
|
| X509Certificate::OSCertHandle
|
| X509Certificate::ReadOSCertHandleFromPickle(const Pickle& pickle,
|
|
|