Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(202)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/x509_certificate_openssl.cc

Issue 1841863002: Update monet. (Closed) Base URL: https://github.com/domokit/monet.git@master
Patch Set: Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/x509_certificate_nss.cc ('k') | net/cert/x509_certificate_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/x509_certificate.h" 5 #include "net/cert/x509_certificate.h"
6 6
7 #include <openssl/asn1.h> 7 #include <openssl/asn1.h>
8 #include <openssl/bytestring.h> 8 #include <openssl/bytestring.h>
9 #include <openssl/crypto.h> 9 #include <openssl/crypto.h>
10 #include <openssl/obj_mac.h> 10 #include <openssl/obj_mac.h>
(...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after
196 ASN1_INTEGER* serial_num = X509_get_serialNumber(cert_handle_); 196 ASN1_INTEGER* serial_num = X509_get_serialNumber(cert_handle_);
197 if (serial_num) { 197 if (serial_num) {
198 // ASN1_INTEGERS represent the decoded number, in a format internal to 198 // ASN1_INTEGERS represent the decoded number, in a format internal to
199 // OpenSSL. Most notably, this may have leading zeroes stripped off for 199 // OpenSSL. Most notably, this may have leading zeroes stripped off for
200 // numbers whose first byte is >= 0x80. Thus, it is necessary to 200 // numbers whose first byte is >= 0x80. Thus, it is necessary to
201 // re-encoded the integer back into DER, which is what the interface 201 // re-encoded the integer back into DER, which is what the interface
202 // of X509Certificate exposes, to ensure callers get the proper (DER) 202 // of X509Certificate exposes, to ensure callers get the proper (DER)
203 // value. 203 // value.
204 int bytes_required = i2c_ASN1_INTEGER(serial_num, NULL); 204 int bytes_required = i2c_ASN1_INTEGER(serial_num, NULL);
205 unsigned char* buffer = reinterpret_cast<unsigned char*>( 205 unsigned char* buffer = reinterpret_cast<unsigned char*>(
206 WriteInto(&serial_number_, bytes_required + 1)); 206 base::WriteInto(&serial_number_, bytes_required + 1));
207 int bytes_written = i2c_ASN1_INTEGER(serial_num, &buffer); 207 int bytes_written = i2c_ASN1_INTEGER(serial_num, &buffer);
208 DCHECK_EQ(static_cast<size_t>(bytes_written), serial_number_.size()); 208 DCHECK_EQ(static_cast<size_t>(bytes_written), serial_number_.size());
209 } 209 }
210 210
211 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_); 211 ParsePrincipal(cert_handle_, X509_get_subject_name(cert_handle_), &subject_);
212 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_); 212 ParsePrincipal(cert_handle_, X509_get_issuer_name(cert_handle_), &issuer_);
213 x509_util::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_); 213 x509_util::ParseDate(X509_get_notBefore(cert_handle_), &valid_start_);
214 x509_util::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_); 214 x509_util::ParseDate(X509_get_notAfter(cert_handle_), &valid_expiry_);
215 } 215 }
216 216
(...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after
336 // DER data. Encoding it from OSCertHandle is an expensive operation, so we 336 // DER data. Encoding it from OSCertHandle is an expensive operation, so we
337 // cache the DER (if not already cached via X509_set_ex_data). 337 // cache the DER (if not already cached via X509_set_ex_data).
338 base::StringPiece der_a, der_b; 338 base::StringPiece der_a, der_b;
339 339
340 return x509_util::GetDER(a, &der_a) && 340 return x509_util::GetDER(a, &der_a) &&
341 x509_util::GetDER(b, &der_b) && 341 x509_util::GetDER(b, &der_b) &&
342 der_a == der_b; 342 der_a == der_b;
343 } 343 }
344 344
345 // static 345 // static
346 X509Certificate::OSCertHandle 346 X509Certificate::OSCertHandle X509Certificate::ReadOSCertHandleFromPickle(
347 X509Certificate::ReadOSCertHandleFromPickle(PickleIterator* pickle_iter) { 347 base::PickleIterator* pickle_iter) {
348 const char* data; 348 const char* data;
349 int length; 349 int length;
350 if (!pickle_iter->ReadData(&data, &length)) 350 if (!pickle_iter->ReadData(&data, &length))
351 return NULL; 351 return NULL;
352 352
353 return CreateOSCertHandleFromBytes(data, length); 353 return CreateOSCertHandleFromBytes(data, length);
354 } 354 }
355 355
356 // static 356 // static
357 bool X509Certificate::WriteOSCertHandleToPickle(OSCertHandle cert_handle, 357 bool X509Certificate::WriteOSCertHandleToPickle(OSCertHandle cert_handle,
358 Pickle* pickle) { 358 base::Pickle* pickle) {
359 base::StringPiece der; 359 base::StringPiece der;
360 if (!x509_util::GetDER(cert_handle, &der)) 360 if (!x509_util::GetDER(cert_handle, &der))
361 return false; 361 return false;
362 362
363 return pickle->WriteData(der.data(), der.length()); 363 return pickle->WriteData(der.data(), der.length());
364 } 364 }
365 365
366 // static 366 // static
367 void X509Certificate::GetPublicKeyInfo(OSCertHandle cert_handle, 367 void X509Certificate::GetPublicKeyInfo(OSCertHandle cert_handle,
368 size_t* size_bits, 368 size_t* size_bits,
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after
453 bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) { 453 bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) {
454 crypto::ScopedEVP_PKEY scoped_key(X509_get_pubkey(cert_handle)); 454 crypto::ScopedEVP_PKEY scoped_key(X509_get_pubkey(cert_handle));
455 if (!scoped_key) 455 if (!scoped_key)
456 return false; 456 return false;
457 457
458 // NOTE: X509_verify() returns 1 in case of success, 0 or -1 on error. 458 // NOTE: X509_verify() returns 1 in case of success, 0 or -1 on error.
459 return X509_verify(cert_handle, scoped_key.get()) == 1; 459 return X509_verify(cert_handle, scoped_key.get()) == 1;
460 } 460 }
461 461
462 } // namespace net 462 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/x509_certificate_nss.cc ('k') | net/cert/x509_certificate_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698