Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(14)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/client_cert_store_mac.cc

Issue 2000503002: Remove the fingerprint and ca_fingerprint from X509Certificate (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@move_cache
Patch Set: Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/x509_certificate_unittest.cc ('K') | « net/cert/x509_certificate_win.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/ssl/client_cert_store_mac.h" 5 #include "net/ssl/client_cert_store_mac.h"
6 6
7 #include <CommonCrypto/CommonDigest.h> 7 #include <CommonCrypto/CommonDigest.h>
8 #include <CoreFoundation/CFArray.h> 8 #include <CoreFoundation/CFArray.h>
9 #include <CoreServices/CoreServices.h> 9 #include <CoreServices/CoreServices.h>
10 #include <Security/SecBase.h> 10 #include <Security/SecBase.h>
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after
139 preliminary_list.insert(preliminary_list.end(), regular_certs.begin(), 139 preliminary_list.insert(preliminary_list.end(), regular_certs.begin(),
140 regular_certs.end()); 140 regular_certs.end());
141 141
142 selected_certs->clear(); 142 selected_certs->clear();
143 for (size_t i = 0; i < preliminary_list.size(); ++i) { 143 for (size_t i = 0; i < preliminary_list.size(); ++i) {
144 scoped_refptr<X509Certificate>& cert = preliminary_list[i]; 144 scoped_refptr<X509Certificate>& cert = preliminary_list[i];
145 if (cert->HasExpired() || !cert->SupportsSSLClientAuth()) 145 if (cert->HasExpired() || !cert->SupportsSSLClientAuth())
146 continue; 146 continue;
147 147
148 // Skip duplicates (a cert may be in multiple keychains). 148 // Skip duplicates (a cert may be in multiple keychains).
149 const SHA1HashValue& fingerprint = cert->fingerprint();
150 auto cert_iter = std::find_if( 149 auto cert_iter = std::find_if(
151 selected_certs->begin(), selected_certs->end(), 150 selected_certs->begin(), selected_certs->end(),
152 [&fingerprint](const scoped_refptr<X509Certificate>& cert) { 151 [&cert](const scoped_refptr<X509Certificate>& other_cert) {
153 return cert->fingerprint() == fingerprint; 152 return X509Certificate::IsSameOSCert(cert->os_cert_handle(),
Ryan Sleevi 2016/05/20 06:02:32 Fixed this to do what it should have done :)
153 other_cert->os_cert_handle());
154 }); 154 });
155 if (cert_iter != selected_certs->end()) 155 if (cert_iter != selected_certs->end())
156 continue; 156 continue;
157 157
158 // Check if the certificate issuer is allowed by the server. 158 // Check if the certificate issuer is allowed by the server.
159 if (request.cert_authorities.empty() || 159 if (request.cert_authorities.empty() ||
160 cert->IsIssuedByEncoded(request.cert_authorities) || 160 cert->IsIssuedByEncoded(request.cert_authorities) ||
161 (query_keychain && 161 (query_keychain &&
162 IsIssuedByInKeychain(request.cert_authorities, &cert))) { 162 IsIssuedByInKeychain(request.cert_authorities, &cert))) {
163 selected_certs->push_back(cert); 163 selected_certs->push_back(cert);
(...skipping 111 matching lines...) Expand 10 before | Expand all | Expand 10 after
275 const SSLCertRequestInfo& request, 275 const SSLCertRequestInfo& request,
276 CertificateList* selected_certs) { 276 CertificateList* selected_certs) {
277 GetClientCertsImpl( 277 GetClientCertsImpl(
278 preferred_cert, regular_certs, request, false, selected_certs); 278 preferred_cert, regular_certs, request, false, selected_certs);
279 return true; 279 return true;
280 } 280 }
281 281
282 #pragma clang diagnostic pop // "-Wdeprecated-declarations" 282 #pragma clang diagnostic pop // "-Wdeprecated-declarations"
283 283
284 } // namespace net 284 } // namespace net
OLDNEW
« net/cert/x509_certificate_unittest.cc ('K') | « net/cert/x509_certificate_win.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698