Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(578)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/parse_ocsp.cc

Issue 1969293002: Remove net::ParsedCertificate struct. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/internal/parse_ocsp.h ('k') | net/cert/internal/parse_ocsp_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <algorithm> 5 #include <algorithm>
6 6
7 #include "base/sha1.h" 7 #include "base/sha1.h"
8 #include "crypto/sha2.h" 8 #include "crypto/sha2.h"
9 #include "net/cert/internal/parse_ocsp.h" 9 #include "net/cert/internal/parse_ocsp.h"
10 10
(...skipping 475 matching lines...) Expand 10 before | Expand all | Expand 10 after
486 der::Input key_tlv = key_bits.bytes(); 486 der::Input key_tlv = key_bits.bytes();
487 if (!VerifyHash(type, id.issuer_key_hash, key_tlv)) 487 if (!VerifyHash(type, id.issuer_key_hash, key_tlv))
488 return false; 488 return false;
489 489
490 return id.serial_number == serial_number; 490 return id.serial_number == serial_number;
491 } 491 }
492 492
493 } // namespace 493 } // namespace
494 494
495 bool GetOCSPCertStatus(const OCSPResponseData& response_data, 495 bool GetOCSPCertStatus(const OCSPResponseData& response_data,
496 const ParsedCertificate& issuer, 496 const der::Input& issuer_tbs_certificate_tlv,
497 const ParsedCertificate& cert, 497 const der::Input& cert_tbs_certificate_tlv,
498 OCSPCertStatus* out) { 498 OCSPCertStatus* out) {
499 out->status = OCSPCertStatus::Status::GOOD; 499 out->status = OCSPCertStatus::Status::GOOD;
500 500
501 ParsedTbsCertificate tbs_cert; 501 ParsedTbsCertificate tbs_cert;
502 if (!ParseTbsCertificate(cert.tbs_certificate_tlv, &tbs_cert)) 502 if (!ParseTbsCertificate(cert_tbs_certificate_tlv, &tbs_cert))
503 return false; 503 return false;
504 ParsedTbsCertificate issuer_tbs_cert; 504 ParsedTbsCertificate issuer_tbs_cert;
505 if (!ParseTbsCertificate(issuer.tbs_certificate_tlv, &issuer_tbs_cert)) 505 if (!ParseTbsCertificate(issuer_tbs_certificate_tlv, &issuer_tbs_cert))
506 return false; 506 return false;
507 507
508 bool found = false; 508 bool found = false;
509 for (const auto& response : response_data.responses) { 509 for (const auto& response : response_data.responses) {
510 OCSPSingleResponse single_response; 510 OCSPSingleResponse single_response;
511 if (!ParseOCSPSingleResponse(response, &single_response)) 511 if (!ParseOCSPSingleResponse(response, &single_response))
512 return false; 512 return false;
513 if (CheckCertID(single_response.cert_id_tlv, tbs_cert, issuer_tbs_cert, 513 if (CheckCertID(single_response.cert_id_tlv, tbs_cert, issuer_tbs_cert,
514 tbs_cert.serial_number)) { 514 tbs_cert.serial_number)) {
515 OCSPCertStatus new_status = single_response.cert_status; 515 OCSPCertStatus new_status = single_response.cert_status;
516 found = true; 516 found = true;
517 // In the case that we receive multiple responses, we keep only the 517 // In the case that we receive multiple responses, we keep only the
518 // strictest status (REVOKED > UNKNOWN > GOOD). 518 // strictest status (REVOKED > UNKNOWN > GOOD).
519 if (out->status == OCSPCertStatus::Status::GOOD || 519 if (out->status == OCSPCertStatus::Status::GOOD ||
520 new_status.status == OCSPCertStatus::Status::REVOKED) { 520 new_status.status == OCSPCertStatus::Status::REVOKED) {
521 *out = new_status; 521 *out = new_status;
522 } 522 }
523 } 523 }
524 } 524 }
525 525
526 if (!found) 526 if (!found)
527 out->status = OCSPCertStatus::Status::UNKNOWN; 527 out->status = OCSPCertStatus::Status::UNKNOWN;
528 528
529 return found; 529 return found;
530 } 530 }
531 531
532 } // namespace net 532 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/internal/parse_ocsp.h ('k') | net/cert/internal/parse_ocsp_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698