| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
| 6 | 6 |
| 7 #include <openssl/asn1.h> | 7 #include <openssl/asn1.h> |
| 8 #include <openssl/bytestring.h> | 8 #include <openssl/bytestring.h> |
| 9 #include <openssl/crypto.h> | 9 #include <openssl/crypto.h> |
| 10 #include <openssl/obj_mac.h> | 10 #include <openssl/obj_mac.h> |
| 11 #include <openssl/pem.h> | 11 #include <openssl/pem.h> |
| 12 #include <openssl/sha.h> | 12 #include <openssl/sha.h> |
| 13 #include <openssl/ssl.h> | 13 #include <openssl/ssl.h> |
| 14 #include <openssl/x509v3.h> | 14 #include <openssl/x509v3.h> |
| 15 | 15 |
| 16 #include "base/macros.h" | 16 #include "base/macros.h" |
| 17 #include "base/memory/singleton.h" | 17 #include "base/memory/singleton.h" |
| 18 #include "base/numerics/safe_conversions.h" | 18 #include "base/numerics/safe_conversions.h" |
| 19 #include "base/pickle.h" | 19 #include "base/pickle.h" |
| 20 #include "base/sha1.h" | 20 #include "base/sha1.h" |
| 21 #include "base/strings/string_number_conversions.h" | 21 #include "base/strings/string_number_conversions.h" |
| 22 #include "base/strings/string_piece.h" | 22 #include "base/strings/string_piece.h" |
| 23 #include "base/strings/string_util.h" | 23 #include "base/strings/string_util.h" |
| 24 #include "base/trace_event/trace_event.h" |
| 24 #include "crypto/openssl_util.h" | 25 #include "crypto/openssl_util.h" |
| 25 #include "crypto/scoped_openssl_types.h" | 26 #include "crypto/scoped_openssl_types.h" |
| 26 #include "net/base/ip_address_number.h" | 27 #include "net/base/ip_address_number.h" |
| 27 #include "net/base/net_errors.h" | 28 #include "net/base/net_errors.h" |
| 28 #include "net/cert/x509_util_openssl.h" | 29 #include "net/cert/x509_util_openssl.h" |
| 29 | 30 |
| 30 #if defined(OS_ANDROID) | 31 #if defined(OS_ANDROID) |
| 31 #include "base/logging.h" | 32 #include "base/logging.h" |
| 32 #include "net/android/network_library.h" | 33 #include "net/android/network_library.h" |
| 33 #endif | 34 #endif |
| (...skipping 151 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 185 | 186 |
| 186 // static | 187 // static |
| 187 void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) { | 188 void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) { |
| 188 // Decrement the ref-count for the cert and, if all references are gone, | 189 // Decrement the ref-count for the cert and, if all references are gone, |
| 189 // free the memory and any application-specific data associated with the | 190 // free the memory and any application-specific data associated with the |
| 190 // certificate. | 191 // certificate. |
| 191 X509_free(cert_handle); | 192 X509_free(cert_handle); |
| 192 } | 193 } |
| 193 | 194 |
| 194 void X509Certificate::Initialize() { | 195 void X509Certificate::Initialize() { |
| 196 TRACE_EVENT0("toplevel", "X509Certificate::Initialize"); |
| 195 crypto::EnsureOpenSSLInit(); | 197 crypto::EnsureOpenSSLInit(); |
| 196 fingerprint_ = CalculateFingerprint(cert_handle_); | 198 fingerprint_ = CalculateFingerprint(cert_handle_); |
| 197 ca_fingerprint_ = CalculateCAFingerprint(intermediate_ca_certs_); | 199 ca_fingerprint_ = CalculateCAFingerprint(intermediate_ca_certs_); |
| 198 | 200 |
| 199 ASN1_INTEGER* serial_num = X509_get_serialNumber(cert_handle_); | 201 ASN1_INTEGER* serial_num = X509_get_serialNumber(cert_handle_); |
| 200 if (serial_num) { | 202 if (serial_num) { |
| 201 // ASN1_INTEGERS represent the decoded number, in a format internal to | 203 // ASN1_INTEGERS represent the decoded number, in a format internal to |
| 202 // OpenSSL. Most notably, this may have leading zeroes stripped off for | 204 // OpenSSL. Most notably, this may have leading zeroes stripped off for |
| 203 // numbers whose first byte is >= 0x80. Thus, it is necessary to | 205 // numbers whose first byte is >= 0x80. Thus, it is necessary to |
| 204 // re-encoded the integer back into DER, which is what the interface | 206 // re-encoded the integer back into DER, which is what the interface |
| (...skipping 250 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 455 bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) { | 457 bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) { |
| 456 crypto::ScopedEVP_PKEY scoped_key(X509_get_pubkey(cert_handle)); | 458 crypto::ScopedEVP_PKEY scoped_key(X509_get_pubkey(cert_handle)); |
| 457 if (!scoped_key) | 459 if (!scoped_key) |
| 458 return false; | 460 return false; |
| 459 | 461 |
| 460 // NOTE: X509_verify() returns 1 in case of success, 0 or -1 on error. | 462 // NOTE: X509_verify() returns 1 in case of success, 0 or -1 on error. |
| 461 return X509_verify(cert_handle, scoped_key.get()) == 1; | 463 return X509_verify(cert_handle, scoped_key.get()) == 1; |
| 462 } | 464 } |
| 463 | 465 |
| 464 } // namespace net | 466 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1569673002:
[NOT FOR LANDING] Detailed loading traces
Base URL: https://chromium.googlesource.com/chromium/src.git@master