net/base/x509_cert_types_mac.cc - Issue 8608003: Parse individual X.509 name components on Windows, rather than their stringified form

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/base/x509_cert_types_mac.cc

Issue 8608003: Parse individual X.509 name components on Windows, rather than their stringified form (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Fix tests for Mac by fixing the domainComponent OID Created 9 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/base/x509_cert_types_mac.cc

diff --git a/net/base/x509_cert_types_mac.cc b/net/base/x509_cert_types_mac.cc

index 8fb0d8db632a041fb69e6b50ea84b5faf65e16c1..7174c99ede4720a2617ef97e77b101c19f05cff4 100644

--- a/net/base/x509_cert_types_mac.cc

+++ b/net/base/x509_cert_types_mac.cc

@@ -16,6 +16,25 @@ namespace net {

namespace {

+// The BER encoding of 0.9.2342.19200300.100.1.25.

+// On 10.6 and later this is available as CSSMOID_DomainComponent, which is an

+// external symbol from Security.framework. However, it appears that Apple's

+// implementation improperly encoded this on 10.6+, and even still is

wtc 2011/12/01 23:59:41 Would be nice to include Apple's improper encoding

+// unavailable on 10.5, so simply including the raw BER here.

+//

+// Note: CSSM is allowed to store CSSM_OIDs in any arbitrary format desired,

+// as long as the symbols are properly exposed. The fact that Apple's

+// implementation stores it in BER is an internal implementation detail

+// observed by studying libsecurity_cssm.

+const uint8 kDomainComponentData[] = {

+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19

+};

+const CSSM_OID kDomainComponent = {

wtc 2011/12/01 23:59:41 Nit: kDomainComponent => kDomainComponentOID

+ arraysize(kDomainComponentData),

+ const_cast<uint8*>(kDomainComponentData)

+};

const CSSM_OID* kOIDs[] = {

&CSSMOID_CommonName,

&CSSMOID_LocalityName,

@@ -24,8 +43,8 @@ const CSSM_OID* kOIDs[] = {

&CSSMOID_StreetAddress,

&CSSMOID_OrganizationName,

&CSSMOID_OrganizationalUnitName,

- &CSSMOID_DNQualifier // This should be "DC" but is undoubtedly wrong.

-}; // TODO(avi): Find the right OID.

+ &kDomainComponent,

+};

// The following structs and templates work with Apple's very arcane and under-

// documented SecAsn1Parser API, which is apparently the same as NSS's ASN.1

« no previous file with comments | « no previous file | net/base/x509_certificate_unittest.cc » ('j') | net/base/x509_certificate_unittest.cc » ('J')