Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(291)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/x509_util.cc

Issue 1076063002: Remove certificates from Channel ID (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Udpate KeysEqual to fail if preconditions fail Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/x509_util.h ('k') | net/cert/x509_util_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/x509_util.h" 5 #include "net/cert/x509_util.h"
6 6
7 #include "base/basictypes.h" 7 #include "base/basictypes.h"
8 #include "base/memory/scoped_ptr.h" 8 #include "base/memory/scoped_ptr.h"
9 #include "base/time/time.h" 9 #include "base/time/time.h"
10 #include "crypto/ec_private_key.h" 10 #include "crypto/ec_private_key.h"
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after
48 return a->valid_start() > b->valid_start(); 48 return a->valid_start() > b->valid_start();
49 49
50 // Otherwise, prefer client certificates with shorter chains. 50 // Otherwise, prefer client certificates with shorter chains.
51 const X509Certificate::OSCertHandles& a_intermediates = 51 const X509Certificate::OSCertHandles& a_intermediates =
52 a->GetIntermediateCertificates(); 52 a->GetIntermediateCertificates();
53 const X509Certificate::OSCertHandles& b_intermediates = 53 const X509Certificate::OSCertHandles& b_intermediates =
54 b->GetIntermediateCertificates(); 54 b->GetIntermediateCertificates();
55 return a_intermediates.size() < b_intermediates.size(); 55 return a_intermediates.size() < b_intermediates.size();
56 } 56 }
57 57
58 bool CreateKeyAndChannelIDEC(const std::string& domain,
59 uint32 serial_number,
60 base::Time not_valid_before,
61 base::Time not_valid_after,
62 scoped_ptr<crypto::ECPrivateKey>* key,
63 std::string* der_cert) {
64 scoped_ptr<crypto::ECPrivateKey> new_key(crypto::ECPrivateKey::Create());
65 if (!new_key.get())
66 return false;
67
68 bool success = CreateChannelIDEC(new_key.get(),
69 kSignatureDigestAlgorithm,
70 domain,
71 serial_number,
72 not_valid_before,
73 not_valid_after,
74 der_cert);
75 if (success)
76 key->reset(new_key.release());
77
78 return success;
79 }
80
81 bool CreateKeyAndSelfSignedCert(const std::string& subject, 58 bool CreateKeyAndSelfSignedCert(const std::string& subject,
82 uint32 serial_number, 59 uint32 serial_number,
83 base::Time not_valid_before, 60 base::Time not_valid_before,
84 base::Time not_valid_after, 61 base::Time not_valid_after,
85 scoped_ptr<crypto::RSAPrivateKey>* key, 62 scoped_ptr<crypto::RSAPrivateKey>* key,
86 std::string* der_cert) { 63 std::string* der_cert) {
87 scoped_ptr<crypto::RSAPrivateKey> new_key( 64 scoped_ptr<crypto::RSAPrivateKey> new_key(
88 crypto::RSAPrivateKey::Create(kRSAKeyLength)); 65 crypto::RSAPrivateKey::Create(kRSAKeyLength));
89 if (!new_key.get()) 66 if (!new_key.get())
90 return false; 67 return false;
91 68
92 bool success = CreateSelfSignedCert(new_key.get(), 69 bool success = CreateSelfSignedCert(new_key.get(),
93 kSignatureDigestAlgorithm, 70 kSignatureDigestAlgorithm,
94 subject, 71 subject,
95 serial_number, 72 serial_number,
96 not_valid_before, 73 not_valid_before,
97 not_valid_after, 74 not_valid_after,
98 der_cert); 75 der_cert);
99 if (success) 76 if (success)
100 key->reset(new_key.release()); 77 key->reset(new_key.release());
101 78
102 return success; 79 return success;
103 } 80 }
104 81
105 } // namespace x509_util 82 } // namespace x509_util
106 83
107 } // namespace net 84 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/x509_util.h ('k') | net/cert/x509_util_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698