net/base/x509_certificate_openssl_android.cc - Issue 8429034: Upstream: Build net_unittests for Android.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/base/x509_certificate_openssl_android.cc

Issue 8429034: Upstream: Build net_unittests for Android. (Closed) Base URL: http://git.chromium.org/git/chromium.git@trunk

Patch Set: split out unreviewed files Created 9 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
	(Empty)
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.

4

5 #include "net/base/x509_certificate.h"

6

7 #include "base/logging.h"

8 #include "net/android/network_library.h"

9 #include "net/base/cert_status_flags.h"

10 #include "net/base/cert_verify_result.h"

11 #include "net/base/net_errors.h"

12

13 namespace net {

14

15 int X509Certificate::VerifyInternal(const std::string& hostname,

16 int flags,

17 CRLSet* crl_set,

18 CertVerifyResult* verify_result) const {

19 if (!VerifyNameMatch(hostname))

20 verify_result->cert_status \|= CERT_STATUS_COMMON_NAME_INVALID;

21

22 std::vector<std::string> cert_bytes;

23 GetChainDEREncodedBytes(&cert_bytes);

24

25 // TODO(joth): Fetch the authentication type from SSL rather than hardcode.

26 android::VerifyResult result =

27 android::VerifyX509CertChain(cert_bytes, hostname, "RSA");

28 switch (result) {

29 case android::VERIFY_OK:

30 return OK;

31 case android::VERIFY_BAD_HOSTNAME:

32 verify_result->cert_status \|= CERT_STATUS_COMMON_NAME_INVALID;

33 break;

34 case android::VERIFY_NO_TRUSTED_ROOT:

35 verify_result->cert_status \|= CERT_STATUS_AUTHORITY_INVALID;

36 break;

37 case android::VERIFY_INVOCATION_ERROR:

38 default:

39 verify_result->cert_status \|= ERR_CERT_INVALID;

40 break;

41 }

42 return MapCertStatusToNetError(verify_result->cert_status);

43 }

44

45 void X509Certificate::GetChainDEREncodedBytes(

46 std::vector<std::string>* chain_bytes) const {

47 OSCertHandles cert_handles(intermediate_ca_certs_);

48 // Make sure the peer's own cert is the first in the chain, if it's not

49 // already there.

50 if (cert_handles.empty())

51 cert_handles.insert(cert_handles.begin(), cert_handle_);

52

53 chain_bytes->reserve(cert_handles.size());

54 for (OSCertHandles::const_iterator it = cert_handles.begin();

55 it != cert_handles.end(); ++it) {

56 DERCache der_cache = {0};

57 GetDERAndCacheIfNeeded(*it, &der_cache);

58 std::string cert_bytes (

59 reinterpret_cast<const char*>(der_cache.data), der_cache.data_length);

60 chain_bytes->push_back(cert_bytes);

61 }

62 }

63

64 } // namespace net

OLD	NEW

« no previous file with comments | « net/base/x509_certificate_openssl.cc ('k') | net/dns/dns_config_service_posix.cc » ('j') | no next file with comments »