Chromium Code Reviews Chromium Code Reviews
Issue 8566056:
This applies GUIDs to certificate and key nicknames when (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: net/base/x509_certificate.h |
| diff --git a/net/base/x509_certificate.h b/net/base/x509_certificate.h |
| index 04d0b8e42175d639f286720d1290190078f77c21..7986eda88c4aceb0a254c26d1c48acf76d275027 100644 |
| --- a/net/base/x509_certificate.h |
| +++ b/net/base/x509_certificate.h |
| @@ -31,6 +31,7 @@ |
| typedef struct x509_st X509; |
| typedef struct x509_store_st X509_STORE; |
| #elif defined(USE_NSS) |
| +#include <net/base/cert_type.h> |
|
wtc
2011/11/29 23:13:57
This should be
#include "net/base/cert_type.h"
Greg Spencer (Chromium)
2011/12/02 18:50:07
Whoops, yeah, I know that. :) Fixed.
|
| // Forward declaration; real one in <cert.h> |
| struct CERTCertificateStr; |
| #endif |
| @@ -128,7 +129,7 @@ class NET_EXPORT X509Certificate |
| base::Time start_date, base::Time expiration_date); |
| // Create an X509Certificate from a handle to the certificate object in the |
| - // underlying crypto library. The returned pointer must be stored in a |
| + // underlying crypto library. The returned pointer MUST be stored in a |
|
wtc
2011/11/29 23:13:57
Nit: we don't have a convention of capitalizing MU
Greg Spencer (Chromium)
2011/12/02 18:50:07
OK, fixed.
|
| // scoped_refptr<X509Certificate>. |
| static X509Certificate* CreateFromHandle(OSCertHandle cert_handle, |
| const OSCertHandles& intermediates); |
| @@ -136,7 +137,7 @@ class NET_EXPORT X509Certificate |
| // Create an X509Certificate from a chain of DER encoded certificates. The |
| // first certificate in the chain is the end-entity certificate to which a |
| // handle is returned. The other certificates in the chain are intermediate |
| - // certificates. The returned pointer must be stored in a |
| + // certificates. The returned pointer MUST be stored in a |
| // scoped_refptr<X509Certificate>. |
| static X509Certificate* CreateFromDERCertChain( |
| const std::vector<base::StringPiece>& der_certs); |
| @@ -144,15 +145,26 @@ class NET_EXPORT X509Certificate |
| // Create an X509Certificate from the DER-encoded representation. |
| // Returns NULL on failure. |
| // |
| - // The returned pointer must be stored in a scoped_refptr<X509Certificate>. |
| + // The returned pointer MUST be stored in a scoped_refptr<X509Certificate>. |
| static X509Certificate* CreateFromBytes(const char* data, int length); |
| +#if defined(USE_NSS) |
| + // Create an X509Certificate from the DER-encoded representation. |
| + // |nickname| can be NULL if an auto-generated nickname is desired. |
| + // Returns NULL on failure. |
| + // |
| + // The returned pointer MUST be stored in a scoped_refptr<X509Certificate>. |
| + static X509Certificate* CreateFromBytesWithNickname(const char* data, |
|
wtc
2011/11/29 23:13:57
It would be nice to point out the difference betwe
Greg Spencer (Chromium)
2011/12/02 18:50:07
Done.
|
| + int length, |
| + const char* nickname); |
| +#endif |
| + |
| // Create an X509Certificate from the representation stored in the given |
| // pickle. The data for this object is found relative to the given |
| // pickle_iter, which should be passed to the pickle's various Read* methods. |
| // Returns NULL on failure. |
| // |
| - // The returned pointer must be stored in a scoped_refptr<X509Certificate>. |
| + // The returned pointer MUST be stored in a scoped_refptr<X509Certificate>. |
| static X509Certificate* CreateFromPickle(const Pickle& pickle, |
| void** pickle_iter, |
| PickleType type); |
| @@ -199,6 +211,18 @@ class NET_EXPORT X509Certificate |
| // The issuer of the certificate. |
| const CertPrincipal& issuer() const { return issuer_; } |
| +#if defined(USE_NSS) |
| + // Set/get the label of this certificate (the equivalent of NSS's |
|
wtc
2011/11/29 23:13:57
Nit: Set/get => Sets/gets
NSS's => PKCS #11's
Greg Spencer (Chromium)
2011/12/02 18:50:07
Done.
|
| + // CKA_LABEL attribute, which is the nickname or friendly name of |
| + // the certificate). |
| + bool SetLabel(const std::string& label); |
| + std::string GetLabel(); |
|
wtc
2011/11/29 23:13:57
I believe GetLabel() can be 'const':
std::string
Greg Spencer (Chromium)
2011/12/02 18:50:07
Yes, it should be. But I've moved these functions
|
| + |
| + // Gets the type of certificate this is, based on the certificate's |
| + // properties. |
| + CertType GetCertificateType() const; |
|
wtc
2011/11/29 23:13:57
Nit: GetCertificateType => GetCertType
Greg Spencer (Chromium)
2011/12/02 18:50:07
Done.
|
| +#endif // defined(USE_NSS) |
| + |
| // Time period during which the certificate is valid. More precisely, this |
| // certificate is invalid before the |valid_start| date and invalid after |
| // the |valid_expiry| date. |
| @@ -414,11 +438,19 @@ class NET_EXPORT X509Certificate |
| // Returns true if two OSCertHandles refer to identical certificates. |
| static bool IsSameOSCert(OSCertHandle a, OSCertHandle b); |
| - // Creates an OS certificate handle from the BER-encoded representation. |
| + // Creates an OS certificate handle from the DER-encoded representation. |
| // Returns NULL on failure. |
| static OSCertHandle CreateOSCertHandleFromBytes(const char* data, |
| int length); |
| +#if defined(USE_NSS) |
| + // Creates an OS certificate handle from the DER-encoded representation, |
| + // with the given nickname. NULL nickname will do the same thing as |
| + // CreateOSCertHandleFromBytes. Returns NULL on failure. |
| + static OSCertHandle CreateOSCertHandleFromBytesWithNickname( |
| + const char* data, int length, const char* nickname); |
|
wtc
2011/11/29 23:13:57
Nit: List one parameter on each line. See
http://
Greg Spencer (Chromium)
2011/12/02 18:50:07
OK, done. Thanks, I had forgotten that rule, and
|
| +#endif |
| + |
| // Creates all possible OS certificate handles from |data| encoded in a |
| // specific |format|. Returns an empty collection on failure. |
| static OSCertHandles CreateOSCertHandlesFromBytes( |
