OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
6 | 6 |
7 #include <openssl/asn1.h> | 7 #include <openssl/asn1.h> |
8 #include <openssl/bytestring.h> | 8 #include <openssl/bytestring.h> |
9 #include <openssl/crypto.h> | 9 #include <openssl/crypto.h> |
10 #include <openssl/obj_mac.h> | 10 #include <openssl/obj_mac.h> |
(...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
196 ASN1_INTEGER* serial_num = X509_get_serialNumber(cert_handle_); | 196 ASN1_INTEGER* serial_num = X509_get_serialNumber(cert_handle_); |
197 if (serial_num) { | 197 if (serial_num) { |
198 // ASN1_INTEGERS represent the decoded number, in a format internal to | 198 // ASN1_INTEGERS represent the decoded number, in a format internal to |
199 // OpenSSL. Most notably, this may have leading zeroes stripped off for | 199 // OpenSSL. Most notably, this may have leading zeroes stripped off for |
200 // numbers whose first byte is >= 0x80. Thus, it is necessary to | 200 // numbers whose first byte is >= 0x80. Thus, it is necessary to |
201 // re-encoded the integer back into DER, which is what the interface | 201 // re-encoded the integer back into DER, which is what the interface |
202 // of X509Certificate exposes, to ensure callers get the proper (DER) | 202 // of X509Certificate exposes, to ensure callers get the proper (DER) |
203 // value. | 203 // value. |
204 int bytes_required = i2c_ASN1_INTEGER(serial_num, NULL); | 204 int bytes_required = i2c_ASN1_INTEGER(serial_num, NULL); |
205 unsigned char* buffer = reinterpret_cast<unsigned char*>( | 205 unsigned char* buffer = reinterpret_cast<unsigned char*>( |
206 WriteInto(&serial_number_, bytes_required + 1)); | 206 base::WriteInto(&serial_number_, bytes_required + 1)); |
207 int bytes_written = i2c_ASN1_INTEGER(serial_num, &buffer); | 207 int bytes_written = i2c_ASN1_INTEGER(serial_num, &buffer); |
208 DCHECK_EQ(static_cast<size_t>(bytes_written), serial_number_.size()); | 208 DCHECK_EQ(static_cast<size_t>(bytes_written), serial_number_.size()); |
209 } | 209 } |
210 | 210 |
211 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_); | 211 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_); |
212 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_); | 212 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_); |
213 x509_util::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_); | 213 x509_util::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_); |
214 x509_util::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_); | 214 x509_util::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_); |
215 } | 215 } |
216 | 216 |
(...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
453 bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) { | 453 bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) { |
454 crypto::ScopedEVP_PKEY scoped_key(X509_get_pubkey(cert_handle)); | 454 crypto::ScopedEVP_PKEY scoped_key(X509_get_pubkey(cert_handle)); |
455 if (!scoped_key) | 455 if (!scoped_key) |
456 return false; | 456 return false; |
457 | 457 |
458 // NOTE: X509_verify() returns 1 in case of success, 0 or -1 on error. | 458 // NOTE: X509_verify() returns 1 in case of success, 0 or -1 on error. |
459 return X509_verify(cert_handle, scoped_key.get()) == 1; | 459 return X509_verify(cert_handle, scoped_key.get()) == 1; |
460 } | 460 } |
461 | 461 |
462 } // namespace net | 462 } // namespace net |
OLD | NEW |