| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ | 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ |
| 6 #define NET_BASE_X509_CERTIFICATE_H_ | 6 #define NET_BASE_X509_CERTIFICATE_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <string.h> | 9 #include <string.h> |
| 10 | 10 |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 67 typedef X509* OSCertHandle; | 67 typedef X509* OSCertHandle; |
| 68 #elif defined(USE_NSS) | 68 #elif defined(USE_NSS) |
| 69 typedef struct CERTCertificateStr* OSCertHandle; | 69 typedef struct CERTCertificateStr* OSCertHandle; |
| 70 #else | 70 #else |
| 71 // TODO(ericroman): not implemented | 71 // TODO(ericroman): not implemented |
| 72 typedef void* OSCertHandle; | 72 typedef void* OSCertHandle; |
| 73 #endif | 73 #endif |
| 74 | 74 |
| 75 typedef std::vector<OSCertHandle> OSCertHandles; | 75 typedef std::vector<OSCertHandle> OSCertHandles; |
| 76 | 76 |
| 77 enum PublicKeyType { |
| 78 kPublicKeyTypeUnknown, |
| 79 kPublicKeyTypeRSA, |
| 80 kPublicKeyTypeDSA, |
| 81 kPublicKeyTypeECDSA, |
| 82 kPublicKeyTypeDH, |
| 83 kPublicKeyTypeECDH |
| 84 }; |
| 85 |
| 77 // Predicate functor used in maps when X509Certificate is used as the key. | 86 // Predicate functor used in maps when X509Certificate is used as the key. |
| 78 class NET_EXPORT LessThan { | 87 class NET_EXPORT LessThan { |
| 79 public: | 88 public: |
| 80 bool operator() (X509Certificate* lhs, X509Certificate* rhs) const; | 89 bool operator() (X509Certificate* lhs, X509Certificate* rhs) const; |
| 81 }; | 90 }; |
| 82 | 91 |
| 83 enum VerifyFlags { | 92 enum VerifyFlags { |
| 84 VERIFY_REV_CHECKING_ENABLED = 1 << 0, | 93 VERIFY_REV_CHECKING_ENABLED = 1 << 0, |
| 85 VERIFY_EV_CERT = 1 << 1, | 94 VERIFY_EV_CERT = 1 << 1, |
| 86 }; | 95 }; |
| (...skipping 328 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 415 static bool GetPEMEncoded(OSCertHandle cert_handle, | 424 static bool GetPEMEncoded(OSCertHandle cert_handle, |
| 416 std::string* pem_encoded); | 425 std::string* pem_encoded); |
| 417 | 426 |
| 418 // Encodes the entire certificate chain (this certificate and any | 427 // Encodes the entire certificate chain (this certificate and any |
| 419 // intermediate certificates stored in |intermediate_ca_certs_|) as a series | 428 // intermediate certificates stored in |intermediate_ca_certs_|) as a series |
| 420 // of PEM encoded strings. Returns true if all certificates were encoded, | 429 // of PEM encoded strings. Returns true if all certificates were encoded, |
| 421 // storig the result in |*pem_encoded|, with this certificate stored as | 430 // storig the result in |*pem_encoded|, with this certificate stored as |
| 422 // the first element. | 431 // the first element. |
| 423 bool GetPEMEncodedChain(std::vector<std::string>* pem_encoded) const; | 432 bool GetPEMEncodedChain(std::vector<std::string>* pem_encoded) const; |
| 424 | 433 |
| 434 // Sets |*size_bits| to be the length of the public key in bits, and sets |
| 435 // |*type| to one of the |PublicKeyType| values. In case of |
| 436 // |kPublicKeyTypeUnknown|, |*size_bits| will be set to 0. |
| 437 static void GetPublicKeyInfo(OSCertHandle cert_handle, |
| 438 size_t* size_bits, |
| 439 PublicKeyType* type); |
| 440 |
| 425 // Returns the OSCertHandle of this object. Because of caching, this may | 441 // Returns the OSCertHandle of this object. Because of caching, this may |
| 426 // differ from the OSCertHandle originally supplied during initialization. | 442 // differ from the OSCertHandle originally supplied during initialization. |
| 427 // Note: On Windows, CryptoAPI may return unexpected results if this handle | 443 // Note: On Windows, CryptoAPI may return unexpected results if this handle |
| 428 // is used across multiple threads. For more details, see | 444 // is used across multiple threads. For more details, see |
| 429 // CreateOSCertChainForCert(). | 445 // CreateOSCertChainForCert(). |
| 430 OSCertHandle os_cert_handle() const { return cert_handle_; } | 446 OSCertHandle os_cert_handle() const { return cert_handle_; } |
| 431 | 447 |
| 432 // Returns true if two OSCertHandles refer to identical certificates. | 448 // Returns true if two OSCertHandles refer to identical certificates. |
| 433 static bool IsSameOSCert(OSCertHandle a, OSCertHandle b); | 449 static bool IsSameOSCert(OSCertHandle a, OSCertHandle b); |
| 434 | 450 |
| (...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 597 // (Marked mutable because it's used in a const method.) | 613 // (Marked mutable because it's used in a const method.) |
| 598 mutable base::Lock verification_lock_; | 614 mutable base::Lock verification_lock_; |
| 599 #endif | 615 #endif |
| 600 | 616 |
| 601 DISALLOW_COPY_AND_ASSIGN(X509Certificate); | 617 DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
| 602 }; | 618 }; |
| 603 | 619 |
| 604 } // namespace net | 620 } // namespace net |
| 605 | 621 |
| 606 #endif // NET_BASE_X509_CERTIFICATE_H_ | 622 #endif // NET_BASE_X509_CERTIFICATE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8568040:
Refuse to accept certificate chains containing any RSA public key smaller (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/