Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(8)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/cast_certificate/cast_cert_validator.cc

Issue 1924323002: Move Cast certificate verification code from extensions to components. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« components/cast_certificate/cast_cert_validator.h ('K') | « components/cast_certificate/cast_cert_validator.h ('k') | components/cast_certificate/cast_cert_validator_test_helpers.h » ('j') | components/cast_certificate/cast_cert_validator_test_helpers.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/common/cast/cast_cert_validator.h" 5 #include "components/cast_certificate/cast_cert_validator.h"
6 6
7 #include <stddef.h> 7 #include <stddef.h>
8 #include <stdint.h> 8 #include <stdint.h>
9 9
10 #include <algorithm> 10 #include <algorithm>
11 #include <memory> 11 #include <memory>
12 #include <utility> 12 #include <utility>
13 13
14 #include "base/memory/ptr_util.h" 14 #include "base/memory/ptr_util.h"
15 #include "base/memory/singleton.h" 15 #include "base/memory/singleton.h"
16 #include "net/cert/internal/certificate_policies.h" 16 #include "net/cert/internal/certificate_policies.h"
17 #include "net/cert/internal/extended_key_usage.h" 17 #include "net/cert/internal/extended_key_usage.h"
18 #include "net/cert/internal/parse_certificate.h" 18 #include "net/cert/internal/parse_certificate.h"
19 #include "net/cert/internal/parse_name.h" 19 #include "net/cert/internal/parse_name.h"
20 #include "net/cert/internal/signature_algorithm.h" 20 #include "net/cert/internal/signature_algorithm.h"
21 #include "net/cert/internal/signature_policy.h" 21 #include "net/cert/internal/signature_policy.h"
22 #include "net/cert/internal/verify_certificate_chain.h" 22 #include "net/cert/internal/verify_certificate_chain.h"
23 #include "net/cert/internal/verify_signed_data.h" 23 #include "net/cert/internal/verify_signed_data.h"
24 #include "net/der/input.h" 24 #include "net/der/input.h"
25 25
26 namespace extensions { 26 namespace cast_certificate {
27 namespace api {
28 namespace cast_crypto {
29 namespace { 27 namespace {
30 28
31 // ------------------------------------------------------------------------- 29 // -------------------------------------------------------------------------
32 // Cast trust anchors. 30 // Cast trust anchors.
33 // ------------------------------------------------------------------------- 31 // -------------------------------------------------------------------------
34 32
35 // There are two trusted roots for Cast certificate chains: 33 // There are two trusted roots for Cast certificate chains:
36 // 34 //
37 // (1) CN=Cast Root CA (kCastRootCaDer) 35 // (1) CN=Cast Root CA (kCastRootCaDer)
38 // (2) CN=Eureka Root CA (kEurekaRootCaDer) 36 // (2) CN=Eureka Root CA (kEurekaRootCaDer)
39 // 37 //
40 // These constants are defined by the files included next: 38 // These constants are defined by the files included next:
41 39
42 #include "extensions/common/cast/cast_root_ca_cert_der-inc.h" 40 #include "components/cast_certificate/cast_root_ca_cert_der-inc.h"
43 #include "extensions/common/cast/eureka_root_ca_der-inc.h" 41 #include "components/cast_certificate/eureka_root_ca_der-inc.h"
44 42
45 // Singleton for the Cast trust store. 43 // Singleton for the Cast trust store.
46 class CastTrustStore { 44 class CastTrustStore {
47 public: 45 public:
48 static CastTrustStore* GetInstance() { 46 static CastTrustStore* GetInstance() {
49 return base::Singleton<CastTrustStore, 47 return base::Singleton<CastTrustStore,
50 base::LeakySingletonTraits<CastTrustStore>>::get(); 48 base::LeakySingletonTraits<CastTrustStore>>::get();
51 } 49 }
52 50
53 static net::TrustStore& Get() { return GetInstance()->store_; } 51 static net::TrustStore& Get() { return GetInstance()->store_; }
(...skipping 181 matching lines...) Expand 10 before | Expand all | Expand 10 after
235 233
236 // Get the Common Name for the certificate. 234 // Get the Common Name for the certificate.
237 std::string common_name; 235 std::string common_name;
238 if (!GetCommonNameFromSubject(tbs.subject_tlv, &common_name)) 236 if (!GetCommonNameFromSubject(tbs.subject_tlv, &common_name))
239 return false; 237 return false;
240 238
241 context->reset(new CertVerificationContextImpl(tbs.spki_tlv, common_name)); 239 context->reset(new CertVerificationContextImpl(tbs.spki_tlv, common_name));
242 return true; 240 return true;
243 } 241 }
244 242
245
246 // Converts a base::Time::Exploded to a net::der::GeneralizedTime. 243 // Converts a base::Time::Exploded to a net::der::GeneralizedTime.
247 net::der::GeneralizedTime ConvertExplodedTime( 244 net::der::GeneralizedTime ConvertExplodedTime(
248 const base::Time::Exploded& exploded) { 245 const base::Time::Exploded& exploded) {
249 net::der::GeneralizedTime result; 246 net::der::GeneralizedTime result;
250 result.year = exploded.year; 247 result.year = exploded.year;
251 result.month = exploded.month; 248 result.month = exploded.month;
252 result.day = exploded.day_of_month; 249 result.day = exploded.day_of_month;
253 result.hours = exploded.hour; 250 result.hours = exploded.hour;
254 result.minutes = exploded.minute; 251 result.minutes = exploded.minute;
255 result.seconds = exploded.second; 252 result.seconds = exploded.second;
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
290 // verification by unittests. 287 // verification by unittests.
291 return base::WrapUnique( 288 return base::WrapUnique(
292 new CertVerificationContextImpl(net::der::Input(spki), "CommonName")); 289 new CertVerificationContextImpl(net::der::Input(spki), "CommonName"));
293 } 290 }
294 291
295 bool AddTrustAnchorForTest(const uint8_t* data, size_t length) { 292 bool AddTrustAnchorForTest(const uint8_t* data, size_t length) {
296 return CastTrustStore::Get().AddTrustedCertificateWithoutCopying(data, 293 return CastTrustStore::Get().AddTrustedCertificateWithoutCopying(data,
297 length); 294 length);
298 } 295 }
299 296
300 } // namespace cast_crypto 297 } // namespace cast_certificate
301 } // namespace api
302 } // namespace extensions
OLDNEW
« components/cast_certificate/cast_cert_validator.h ('K') | « components/cast_certificate/cast_cert_validator.h ('k') | components/cast_certificate/cast_cert_validator_test_helpers.h » ('j') | components/cast_certificate/cast_cert_validator_test_helpers.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698