net/base/x509_util_nss.cc - Issue 8890073: Handle Origin Bound Certificate expiration.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/base/x509_util_nss.cc

Issue 8890073: Handle Origin Bound Certificate expiration. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 9 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/base/x509_util_nss.cc

diff --git a/net/base/x509_util_nss.cc b/net/base/x509_util_nss.cc

index 61126af6a1fbc68f65e5f664fc17103a33505b94..95b53f765221950dd948a997b1e931c9d1f379d8 100644

--- a/net/base/x509_util_nss.cc

+++ b/net/base/x509_util_nss.cc

@@ -78,7 +78,7 @@ CERTCertificate* CreateCertificate(

SECKEYPublicKey* public_key,

const std::string& subject,

uint32 serial_number,

- base::TimeDelta valid_duration) {

+ base::Time not_valid_after) {

// Create info about public key.

CERTSubjectPublicKeyInfo* spki =

SECKEY_CreateSubjectPublicKeyInfo(public_key);

@@ -100,10 +100,9 @@ CERTCertificate* CreateCertificate(

}

PRTime now = PR_Now();

- PRTime not_after = now + valid_duration.InMicroseconds();

- // Note that the time is now in micro-second unit.

- CERTValidity* validity = CERT_CreateValidity(now, not_after);

+ CERTValidity* validity = CERT_CreateValidity(

+ now, crypto::BaseTimeToPRTime(not_valid_after));

CERTCertificate* cert = CERT_CreateCertificate(serial_number, subject_name,

validity, cert_request);

if (!cert) {

@@ -176,13 +175,13 @@ bool CreateOriginBoundCertInternal(

SECKEYPrivateKey* private_key,

const std::string& origin,

uint32 serial_number,

- base::TimeDelta valid_duration,

+ base::Time not_valid_after,

std::string* der_cert) {

CERTCertificate* cert = CreateCertificate(public_key,

"CN=anonymous.invalid",

serial_number,

- valid_duration);

+ not_valid_after);

if (!cert)

return false;

@@ -254,11 +253,11 @@ CERTCertificate* CreateSelfSignedCert(

SECKEYPrivateKey* private_key,

const std::string& subject,

uint32 serial_number,

- base::TimeDelta valid_duration) {

+ base::Time not_valid_after) {

CERTCertificate* cert = CreateCertificate(public_key,

subject,

serial_number,

- valid_duration);

+ not_valid_after);

if (!cert)

return NULL;

@@ -274,7 +273,7 @@ bool CreateOriginBoundCertRSA(

crypto::RSAPrivateKey* key,

const std::string& origin,

uint32 serial_number,

- base::TimeDelta valid_duration,

+ base::Time not_valid_after,

std::string* der_cert) {

DCHECK(key);

@@ -329,7 +328,7 @@ bool CreateOriginBoundCertRSA(

private_key,

origin,

serial_number,

- valid_duration,

+ not_valid_after,

der_cert);

}

@@ -337,14 +336,14 @@ bool CreateOriginBoundCertEC(

crypto::ECPrivateKey* key,

const std::string& origin,

uint32 serial_number,

- base::TimeDelta valid_duration,

+ base::Time not_valid_after,

std::string* der_cert) {

DCHECK(key);

return CreateOriginBoundCertInternal(key->public_key(),

key->key(),

origin,

serial_number,

- valid_duration,

+ not_valid_after,

der_cert);

}

« net/base/x509_util.h ('K') | « net/base/x509_util.h ('k') | net/base/x509_util_nss_unittest.cc » ('j') | no next file with comments »