| Index: net/base/x509_certificate.cc
|
| ===================================================================
|
| --- net/base/x509_certificate.cc (revision 128526)
|
| +++ net/base/x509_certificate.cc (working copy)
|
| @@ -4,6 +4,17 @@
|
|
|
| #include "net/base/x509_certificate.h"
|
|
|
| +#if defined(USE_OPENSSL)
|
| +#include <openssl/ecdsa.h>
|
| +#include <openssl/ssl.h>
|
| +#else // !defined(USE_OPENSSL)
|
| +#include <cryptohi.h>
|
| +#include <hasht.h>
|
| +#include <keyhi.h>
|
| +#include <pk11pub.h>
|
| +#include <nspr.h>
|
| +#endif
|
| +
|
| #include <stdlib.h>
|
|
|
| #include <algorithm>
|
| @@ -11,6 +22,7 @@
|
| #include <string>
|
| #include <vector>
|
|
|
| +#include "net/base/asn1_util.h"
|
| #include "base/base64.h"
|
| #include "base/lazy_instance.h"
|
| #include "base/logging.h"
|
| @@ -22,10 +34,15 @@
|
| #include "base/string_util.h"
|
| #include "base/synchronization/lock.h"
|
| #include "base/time.h"
|
| +#include "crypto/sha2.h"
|
| #include "googleurl/src/url_canon_ip.h"
|
| #include "net/base/net_util.h"
|
| #include "net/base/pem_tokenizer.h"
|
|
|
| +#if defined(USE_OPENSSL)
|
| +#include "crypto/openssl_util.h"
|
| +#endif
|
| +
|
| namespace net {
|
|
|
| namespace {
|
| @@ -479,6 +496,23 @@
|
| dns_names->push_back(subject_.common_name);
|
| }
|
|
|
| +// static
|
| +bool X509Certificate::GetPublicKeyHash(const OSCertHandle& cert,
|
| + SHA1Fingerprint* fingerprint) {
|
| + std::string der_bytes;
|
| + if (!GetDEREncoded(cert, &der_bytes))
|
| + return false;
|
| +
|
| + base::StringPiece spki;
|
| + if (!asn1::ExtractSPKIFromDERCert(der_bytes, &spki))
|
| + return false;
|
| +
|
| + base::SHA1HashBytes(reinterpret_cast<const unsigned char*>(spki.data()),
|
| + spki.size(), fingerprint->data);
|
| + return true;
|
| +}
|
| +
|
| +
|
| bool X509Certificate::HasExpired() const {
|
| return base::Time::Now() > valid_expiry();
|
| }
|
|
|
Chromium Code Reviews
Issue 9415040:
Refactor TransportSecurityState. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/