Chromium Code Reviews Chromium Code Reviews
Issue 16158005:
Adds CreateSelfSignedCertEC to x509_util.h in preparation of persistent DTLS identity store for Web… (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/x509_util.h" | 5 #include "net/cert/x509_util.h" |
| 6 #include "net/cert/x509_util_nss.h" | 6 #include "net/cert/x509_util_nss.h" |
| 7 | 7 |
| 8 #include <cert.h> // Must be included before certdb.h | 8 #include <cert.h> // Must be included before certdb.h |
| 9 #include <certdb.h> | 9 #include <certdb.h> |
| 10 #include <cryptohi.h> | 10 #include <cryptohi.h> |
| (...skipping 347 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 358 DCHECK(key); | 358 DCHECK(key); |
| 359 return CreateDomainBoundCertInternal(key->public_key(), | 359 return CreateDomainBoundCertInternal(key->public_key(), |
| 360 key->key(), | 360 key->key(), |
| 361 domain, | 361 domain, |
| 362 serial_number, | 362 serial_number, |
| 363 not_valid_before, | 363 not_valid_before, |
| 364 not_valid_after, | 364 not_valid_after, |
| 365 der_cert); | 365 der_cert); |
| 366 } | 366 } |
| 367 | 367 |
| 368 bool CreateSelfSignedCertEC( | |
| 369 crypto::ECPrivateKey* key, | |
| 370 const std::string& subject, | |
| 371 uint32 serial_number, | |
| 372 base::Time not_valid_before, | |
| 373 base::Time not_valid_after, | |
| 374 std::string* der_cert) { | |
| 375 DCHECK(key); | |
|
Ryan Sleevi
2013/06/06 23:26:15
DESIGN: You probably want to be looking at IsSuppo
jiayl
2013/06/06 23:45:37
CreateCertificate already checks range validity an
| |
| 376 CERTCertificate* cert = CreateSelfSignedCert(key->public_key(), | |
| 377 key->key(), | |
| 378 subject, | |
| 379 serial_number, | |
| 380 not_valid_before, | |
| 381 not_valid_after); | |
| 382 if (!cert) | |
| 383 return false; | |
| 384 der_cert->assign(reinterpret_cast<char*>(cert->derCert.data), | |
| 385 cert->derCert.len); | |
| 386 CERT_DestroyCertificate(cert); | |
| 387 cert = NULL; | |
|
Ryan Sleevi
2013/06/06 23:26:15
There's no need for this "= NULL"
jiayl
2013/06/06 23:45:37
Done.
| |
| 388 | |
| 389 return true; | |
| 390 } | |
| 391 | |
| 368 #if defined(USE_NSS) || defined(OS_IOS) | 392 #if defined(USE_NSS) || defined(OS_IOS) |
| 369 void ParsePrincipal(CERTName* name, CertPrincipal* principal) { | 393 void ParsePrincipal(CERTName* name, CertPrincipal* principal) { |
| 370 // Starting in NSS 3.15, CERTGetNameFunc takes a const CERTName* argument. | 394 // Starting in NSS 3.15, CERTGetNameFunc takes a const CERTName* argument. |
| 371 #if NSS_VMINOR >= 15 | 395 #if NSS_VMINOR >= 15 |
| 372 typedef char* (*CERTGetNameFunc)(const CERTName* name); | 396 typedef char* (*CERTGetNameFunc)(const CERTName* name); |
| 373 #else | 397 #else |
| 374 typedef char* (*CERTGetNameFunc)(CERTName* name); | 398 typedef char* (*CERTGetNameFunc)(CERTName* name); |
| 375 #endif | 399 #endif |
| 376 | 400 |
| 377 // TODO(jcampan): add business_category and serial_number. | 401 // TODO(jcampan): add business_category and serial_number. |
| (...skipping 248 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 626 } | 650 } |
| 627 | 651 |
| 628 return new_name; | 652 return new_name; |
| 629 } | 653 } |
| 630 | 654 |
| 631 #endif // defined(USE_NSS) || defined(OS_IOS) | 655 #endif // defined(USE_NSS) || defined(OS_IOS) |
| 632 | 656 |
| 633 } // namespace x509_util | 657 } // namespace x509_util |
| 634 | 658 |
| 635 } // namespace net | 659 } // namespace net |
| OLD | NEW |
