OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/x509_cert_types.h" | 5 #include "net/base/x509_cert_types.h" |
6 | 6 |
7 #include <CoreServices/CoreServices.h> | 7 #include <CoreServices/CoreServices.h> |
8 #include <Security/Security.h> | 8 #include <Security/Security.h> |
9 #include <Security/SecAsn1Coder.h> | 9 #include <Security/SecAsn1Coder.h> |
10 | 10 |
11 #include "base/logging.h" | 11 #include "base/logging.h" |
12 #include "base/i18n/icu_string_conversions.h" | 12 #include "base/i18n/icu_string_conversions.h" |
13 #include "base/utf_string_conversions.h" | 13 #include "base/utf_string_conversions.h" |
14 | 14 |
15 namespace net { | 15 namespace net { |
16 | 16 |
17 namespace { | 17 namespace { |
18 | 18 |
19 // The BER encoding of 0.9.2342.19200300.100.1.25. | |
20 // On 10.6 and later this is available as CSSMOID_DomainComponent, which is an | |
21 // external symbol from Security.framework. However, it appears that Apple's | |
22 // implementation improperly encoded this on 10.6+, and even still is | |
wtc
2011/12/01 23:59:41
Would be nice to include Apple's improper encoding
| |
23 // unavailable on 10.5, so simply including the raw BER here. | |
24 // | |
25 // Note: CSSM is allowed to store CSSM_OIDs in any arbitrary format desired, | |
26 // as long as the symbols are properly exposed. The fact that Apple's | |
27 // implementation stores it in BER is an internal implementation detail | |
28 // observed by studying libsecurity_cssm. | |
29 const uint8 kDomainComponentData[] = { | |
30 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19 | |
31 }; | |
32 | |
33 const CSSM_OID kDomainComponent = { | |
wtc
2011/12/01 23:59:41
Nit: kDomainComponent => kDomainComponentOID
| |
34 arraysize(kDomainComponentData), | |
35 const_cast<uint8*>(kDomainComponentData) | |
36 }; | |
37 | |
19 const CSSM_OID* kOIDs[] = { | 38 const CSSM_OID* kOIDs[] = { |
20 &CSSMOID_CommonName, | 39 &CSSMOID_CommonName, |
21 &CSSMOID_LocalityName, | 40 &CSSMOID_LocalityName, |
22 &CSSMOID_StateProvinceName, | 41 &CSSMOID_StateProvinceName, |
23 &CSSMOID_CountryName, | 42 &CSSMOID_CountryName, |
24 &CSSMOID_StreetAddress, | 43 &CSSMOID_StreetAddress, |
25 &CSSMOID_OrganizationName, | 44 &CSSMOID_OrganizationName, |
26 &CSSMOID_OrganizationalUnitName, | 45 &CSSMOID_OrganizationalUnitName, |
27 &CSSMOID_DNQualifier // This should be "DC" but is undoubtedly wrong. | 46 &kDomainComponent, |
28 }; // TODO(avi): Find the right OID. | 47 }; |
29 | 48 |
30 // The following structs and templates work with Apple's very arcane and under- | 49 // The following structs and templates work with Apple's very arcane and under- |
31 // documented SecAsn1Parser API, which is apparently the same as NSS's ASN.1 | 50 // documented SecAsn1Parser API, which is apparently the same as NSS's ASN.1 |
32 // decoder: | 51 // decoder: |
33 // http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn1.html | 52 // http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn1.html |
34 | 53 |
35 // These are used to parse the contents of a raw | 54 // These are used to parse the contents of a raw |
36 // BER DistinguishedName structure. | 55 // BER DistinguishedName structure. |
37 | 56 |
38 struct KeyValuePair { | 57 struct KeyValuePair { |
(...skipping 263 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
302 match(locality_name, against.locality_name) && | 321 match(locality_name, against.locality_name) && |
303 match(state_or_province_name, against.state_or_province_name) && | 322 match(state_or_province_name, against.state_or_province_name) && |
304 match(country_name, against.country_name) && | 323 match(country_name, against.country_name) && |
305 match(street_addresses, against.street_addresses) && | 324 match(street_addresses, against.street_addresses) && |
306 match(organization_names, against.organization_names) && | 325 match(organization_names, against.organization_names) && |
307 match(organization_unit_names, against.organization_unit_names) && | 326 match(organization_unit_names, against.organization_unit_names) && |
308 match(domain_components, against.domain_components); | 327 match(domain_components, against.domain_components); |
309 } | 328 } |
310 | 329 |
311 } // namespace net | 330 } // namespace net |
OLD | NEW |