Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(542)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate_openssl_android.cc

Issue 8429034: Upstream: Build net_unittests for Android. (Closed) Base URL: http://git.chromium.org/git/chromium.git@trunk
Patch Set: Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/x509_certificate_openssl.cc ('K') | « net/base/x509_certificate_openssl.cc ('k') | net/net.gyp » ('j') | net/net.gyp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "net/android/network_library.h" 8 #include "net/android/network_library.h"
9 #include "net/base/cert_status_flags.h" 9 #include "net/base/cert_status_flags.h"
10 #include "net/base/cert_verify_result.h" 10 #include "net/base/cert_verify_result.h"
11 #include "net/base/net_errors.h" 11 #include "net/base/net_errors.h"
12 12
13 namespace net { 13 namespace net {
14 14
15 struct DERCache {
John Grabowski 2011/11/01 23:09:34 Hmm where do other platforms pick this up?
Jing Zhao 2011/11/02 16:22:55 It was only used in net/base/x509_certificate_open
John Grabowski 2011/11/02 22:18:16 Per subsequent follow-up, follow joth's instructio
16 unsigned char* data;
17 int data_length;
18 };
19
20 bool GetDERAndCacheIfNeeded(X509Certificate::OSCertHandle cert,
21 DERCache* der_cache);
22
15 int X509Certificate::VerifyInternal(const std::string& hostname, 23 int X509Certificate::VerifyInternal(const std::string& hostname,
16 int flags, 24 int flags,
17 CRLSet* crl_set, 25 CRLSet* crl_set,
18 CertVerifyResult* verify_result) const { 26 CertVerifyResult* verify_result) const {
19 if (!VerifyNameMatch(hostname)) 27 if (!VerifyNameMatch(hostname))
20 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID; 28 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID;
21 29
22 std::vector<std::string> cert_bytes; 30 std::vector<std::string> cert_bytes;
23 GetChainDEREncodedBytes(&cert_bytes); 31 GetChainDEREncodedBytes(&cert_bytes);
24 32
25 // TODO(joth): Fetch the authentication type from SSL rather than hardcode. 33 // TODO(joth): Fetch the authentication type from SSL rather than hardcode.
26 android::VerifyResult result = 34 // TODO(jingzhao): Uncomment the following code once we support JNI.
John Grabowski 2011/11/01 23:09:34 ditto on doc
Jing Zhao 2011/11/02 16:22:55 Done.
35 /*android::VerifyResult result =
27 android::VerifyX509CertChain(cert_bytes, hostname, "RSA"); 36 android::VerifyX509CertChain(cert_bytes, hostname, "RSA");
28 switch (result) { 37 switch (result) {
29 case android::VERIFY_OK: 38 case android::VERIFY_OK:
30 return OK; 39 return OK;
31 case android::VERIFY_BAD_HOSTNAME: 40 case android::VERIFY_BAD_HOSTNAME:
32 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID; 41 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID;
33 break; 42 break;
34 case android::VERIFY_NO_TRUSTED_ROOT: 43 case android::VERIFY_NO_TRUSTED_ROOT:
35 verify_result->cert_status |= CERT_STATUS_AUTHORITY_INVALID; 44 verify_result->cert_status |= CERT_STATUS_AUTHORITY_INVALID;
36 break; 45 break;
37 case android::VERIFY_INVOCATION_ERROR: 46 case android::VERIFY_INVOCATION_ERROR:
38 default: 47 default:
39 verify_result->cert_status |= ERR_CERT_INVALID; 48 verify_result->cert_status |= ERR_CERT_INVALID;
40 break; 49 break;
41 } 50 }*/
42 return MapCertStatusToNetError(verify_result->cert_status); 51 return MapCertStatusToNetError(verify_result->cert_status);
43 } 52 }
44 53
45 void X509Certificate::GetChainDEREncodedBytes( 54 void X509Certificate::GetChainDEREncodedBytes(
46 std::vector<std::string>* chain_bytes) const { 55 std::vector<std::string>* chain_bytes) const {
47 OSCertHandles cert_handles(intermediate_ca_certs_); 56 OSCertHandles cert_handles(intermediate_ca_certs_);
48 // Make sure the peer's own cert is the first in the chain, if it's not 57 // Make sure the peer's own cert is the first in the chain, if it's not
49 // already there. 58 // already there.
50 if (cert_handles.empty()) 59 if (cert_handles.empty())
51 cert_handles.insert(cert_handles.begin(), cert_handle_); 60 cert_handles.insert(cert_handles.begin(), cert_handle_);
52 61
53 chain_bytes->reserve(cert_handles.size()); 62 chain_bytes->reserve(cert_handles.size());
54 for (OSCertHandles::const_iterator it = cert_handles.begin(); 63 for (OSCertHandles::const_iterator it = cert_handles.begin();
55 it != cert_handles.end(); ++it) { 64 it != cert_handles.end(); ++it) {
56 DERCache der_cache = {0}; 65 DERCache der_cache = {0};
57 GetDERAndCacheIfNeeded(*it, &der_cache); 66 GetDERAndCacheIfNeeded(*it, &der_cache);
58 std::string cert_bytes ( 67 std::string cert_bytes (
59 reinterpret_cast<const char*>(der_cache.data), der_cache.data_length); 68 reinterpret_cast<const char*>(der_cache.data), der_cache.data_length);
60 chain_bytes->push_back(cert_bytes); 69 chain_bytes->push_back(cert_bytes);
61 } 70 }
62 } 71 }
63 72
64 } // namespace net 73 } // namespace net
OLDNEW
« net/base/x509_certificate_openssl.cc ('K') | « net/base/x509_certificate_openssl.cc ('k') | net/net.gyp » ('j') | net/net.gyp » ('J')

Powered by Google App Engine
This is Rietveld 408576698