Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(157)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate_openssl_android.cc

Issue 8429034: Upstream: Build net_unittests for Android. (Closed) Base URL: http://git.chromium.org/git/chromium.git@trunk
Patch Set: address comments Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/x509_certificate_openssl.cc ('K') | « net/base/x509_certificate_openssl.cc ('k') | net/net.gyp » ('j') | net/net.gyp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "net/android/network_library.h" 8 #include "net/android/network_library.h"
9 #include "net/base/cert_status_flags.h" 9 #include "net/base/cert_status_flags.h"
10 #include "net/base/cert_verify_result.h" 10 #include "net/base/cert_verify_result.h"
11 #include "net/base/net_errors.h" 11 #include "net/base/net_errors.h"
12 12
13 namespace net { 13 namespace net {
14 14
15 int X509Certificate::VerifyInternal(const std::string& hostname, 15 int X509Certificate::VerifyInternal(const std::string& hostname,
16 int flags, 16 int flags,
17 CRLSet* crl_set, 17 CRLSet* crl_set,
18 CertVerifyResult* verify_result) const { 18 CertVerifyResult* verify_result) const {
19 if (!VerifyNameMatch(hostname)) 19 if (!VerifyNameMatch(hostname))
20 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID; 20 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID;
21 21
22 std::vector<std::string> cert_bytes; 22 std::vector<std::string> cert_bytes;
23 GetChainDEREncodedBytes(&cert_bytes); 23 GetChainDEREncodedBytes(&cert_bytes);
24 24
25 // TODO(joth): Fetch the authentication type from SSL rather than hardcode. 25 // TODO(joth): Fetch the authentication type from SSL rather than hardcode.
26 android::VerifyResult result = 26 // TODO(jingzhao): Uncomment the following code once we support JNI.
27 /*android::VerifyResult result =
27 android::VerifyX509CertChain(cert_bytes, hostname, "RSA"); 28 android::VerifyX509CertChain(cert_bytes, hostname, "RSA");
joth 2011/11/02 18:57:05 just #if 0 out this one line, and in the #else ini
Jing Zhao 2011/11/03 17:49:08 Done.
28 switch (result) { 29 switch (result) {
29 case android::VERIFY_OK: 30 case android::VERIFY_OK:
30 return OK; 31 return OK;
31 case android::VERIFY_BAD_HOSTNAME: 32 case android::VERIFY_BAD_HOSTNAME:
32 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID; 33 verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID;
33 break; 34 break;
34 case android::VERIFY_NO_TRUSTED_ROOT: 35 case android::VERIFY_NO_TRUSTED_ROOT:
35 verify_result->cert_status |= CERT_STATUS_AUTHORITY_INVALID; 36 verify_result->cert_status |= CERT_STATUS_AUTHORITY_INVALID;
36 break; 37 break;
37 case android::VERIFY_INVOCATION_ERROR: 38 case android::VERIFY_INVOCATION_ERROR:
38 default: 39 default:
39 verify_result->cert_status |= ERR_CERT_INVALID; 40 verify_result->cert_status |= ERR_CERT_INVALID;
40 break; 41 break;
41 } 42 }*/
42 return MapCertStatusToNetError(verify_result->cert_status); 43 return MapCertStatusToNetError(verify_result->cert_status);
43 } 44 }
44 45
45 void X509Certificate::GetChainDEREncodedBytes( 46 void X509Certificate::GetChainDEREncodedBytes(
joth 2011/11/02 18:57:05 this method should just be removed from here and p
Jing Zhao 2011/11/03 17:49:08 Done.
46 std::vector<std::string>* chain_bytes) const { 47 std::vector<std::string>* chain_bytes) const {
47 OSCertHandles cert_handles(intermediate_ca_certs_); 48 OSCertHandles cert_handles(intermediate_ca_certs_);
48 // Make sure the peer's own cert is the first in the chain, if it's not 49 // Make sure the peer's own cert is the first in the chain, if it's not
49 // already there. 50 // already there.
50 if (cert_handles.empty()) 51 if (cert_handles.empty())
51 cert_handles.insert(cert_handles.begin(), cert_handle_); 52 cert_handles.insert(cert_handles.begin(), cert_handle_);
52 53
53 chain_bytes->reserve(cert_handles.size()); 54 chain_bytes->reserve(cert_handles.size());
54 for (OSCertHandles::const_iterator it = cert_handles.begin(); 55 for (OSCertHandles::const_iterator it = cert_handles.begin();
55 it != cert_handles.end(); ++it) { 56 it != cert_handles.end(); ++it) {
56 DERCache der_cache = {0}; 57 DERCache der_cache = {0};
57 GetDERAndCacheIfNeeded(*it, &der_cache); 58 GetDERAndCacheIfNeeded(*it, &der_cache);
58 std::string cert_bytes ( 59 std::string cert_bytes (
59 reinterpret_cast<const char*>(der_cache.data), der_cache.data_length); 60 reinterpret_cast<const char*>(der_cache.data), der_cache.data_length);
60 chain_bytes->push_back(cert_bytes); 61 chain_bytes->push_back(cert_bytes);
61 } 62 }
62 } 63 }
63 64
64 } // namespace net 65 } // namespace net
OLDNEW
« net/base/x509_certificate_openssl.cc ('K') | « net/base/x509_certificate_openssl.cc ('k') | net/net.gyp » ('j') | net/net.gyp » ('J')

Powered by Google App Engine
This is Rietveld 408576698