| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
| 6 | 6 |
| 7 #include <stdlib.h> | 7 #include <stdlib.h> |
| 8 | 8 |
| 9 #include <algorithm> | 9 #include <algorithm> |
| 10 #include <map> | 10 #include <map> |
| (...skipping 692 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 703 // subjectAltName dNSName: www.google.com, google.com | 703 // subjectAltName dNSName: www.google.com, google.com |
| 704 {0xf5,0xc8,0x6a,0xf3,0x61,0x62,0xf1,0x3a,0x64,0xf5,0x4f,0x6d,0xc9,0x58,0x7c,
0x06}, | 704 {0xf5,0xc8,0x6a,0xf3,0x61,0x62,0xf1,0x3a,0x64,0xf5,0x4f,0x6d,0xc9,0x58,0x7c,
0x06}, |
| 705 // Subject: CN=login.yahoo.com | 705 // Subject: CN=login.yahoo.com |
| 706 // subjectAltName dNSName: login.yahoo.com | 706 // subjectAltName dNSName: login.yahoo.com |
| 707 {0x39,0x2a,0x43,0x4f,0x0e,0x07,0xdf,0x1f,0x8a,0xa3,0x05,0xde,0x34,0xe0,0xc2,
0x29}, | 707 {0x39,0x2a,0x43,0x4f,0x0e,0x07,0xdf,0x1f,0x8a,0xa3,0x05,0xde,0x34,0xe0,0xc2,
0x29}, |
| 708 // Subject: CN=login.yahoo.com | 708 // Subject: CN=login.yahoo.com |
| 709 // subjectAltName dNSName: login.yahoo.com | 709 // subjectAltName dNSName: login.yahoo.com |
| 710 {0x3e,0x75,0xce,0xd4,0x6b,0x69,0x30,0x21,0x21,0x88,0x30,0xae,0x86,0xa8,0x2a,
0x71}, | 710 {0x3e,0x75,0xce,0xd4,0x6b,0x69,0x30,0x21,0x21,0x88,0x30,0xae,0x86,0xa8,0x2a,
0x71}, |
| 711 }; | 711 }; |
| 712 | 712 |
| 713 if (!serial_number_.empty() && serial_number_[0] >= 0x80) { | 713 if (!serial_number_.empty() && (serial_number_[0] & 0x80) != 0) { |
| 714 // This is a negative serial number, which isn't technically allowed but | 714 // This is a negative serial number, which isn't technically allowed but |
| 715 // which probably happens. In order to avoid confusing a negative serial | 715 // which probably happens. In order to avoid confusing a negative serial |
| 716 // number with a positive one once the leading zeros have been removed, we | 716 // number with a positive one once the leading zeros have been removed, we |
| 717 // disregard it. | 717 // disregard it. |
| 718 return false; | 718 return false; |
| 719 } | 719 } |
| 720 | 720 |
| 721 base::StringPiece serial(serial_number_); | 721 base::StringPiece serial(serial_number_); |
| 722 // Remove leading zeros. | 722 // Remove leading zeros. |
| 723 while (serial.size() > 1 && serial[0] == 0) | 723 while (serial.size() > 1 && serial[0] == 0) |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 777 bool X509Certificate::IsSHA1HashInSortedArray(const SHA1Fingerprint& hash, | 777 bool X509Certificate::IsSHA1HashInSortedArray(const SHA1Fingerprint& hash, |
| 778 const uint8* array, | 778 const uint8* array, |
| 779 size_t array_byte_len) { | 779 size_t array_byte_len) { |
| 780 DCHECK_EQ(0u, array_byte_len % base::kSHA1Length); | 780 DCHECK_EQ(0u, array_byte_len % base::kSHA1Length); |
| 781 const size_t arraylen = array_byte_len / base::kSHA1Length; | 781 const size_t arraylen = array_byte_len / base::kSHA1Length; |
| 782 return NULL != bsearch(hash.data, array, arraylen, base::kSHA1Length, | 782 return NULL != bsearch(hash.data, array, arraylen, base::kSHA1Length, |
| 783 CompareSHA1Hashes); | 783 CompareSHA1Hashes); |
| 784 } | 784 } |
| 785 | 785 |
| 786 } // namespace net | 786 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
