blimp/net/exact_match_cert_verifier.cc - Issue 2000503002: Remove the fingerprint and ca_fingerprint from X509Certificate

Side by Side Diff: blimp/net/exact_match_cert_verifier.cc

Issue 2000503002: Remove the fingerprint and ca_fingerprint from X509Certificate (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@move_cache

Patch Set: Fix IDN test Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2016 The Chromium Authors. All rights reserved.	1 // Copyright 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "blimp/net/exact_match_cert_verifier.h"	5 #include "blimp/net/exact_match_cert_verifier.h"

6	6

7 #include <memory>	7 #include <memory>

8	8

9 #include "base/callback.h"	9 #include "base/callback.h"

10 #include "base/macros.h"	10 #include "base/macros.h"

11 #include "net/base/net_errors.h"	11 #include "net/base/net_errors.h"

12 #include "net/cert/cert_verifier.h"	12 #include "net/cert/cert_verifier.h"

13 #include "net/cert/cert_verify_result.h"	13 #include "net/cert/cert_verify_result.h"

14 #include "net/cert/x509_certificate.h"	14 #include "net/cert/x509_certificate.h"

15	15

16 namespace blimp {	16 namespace blimp {

17	17

18 ExactMatchCertVerifier::ExactMatchCertVerifier(	18 ExactMatchCertVerifier::ExactMatchCertVerifier(

19 scoped_refptr<net::X509Certificate> engine_cert)	19 scoped_refptr<net::X509Certificate> engine_cert)

20 : engine_cert_(std::move(engine_cert)) {	20 : engine_cert_(std::move(engine_cert)) {

21 DCHECK(engine_cert_);	21 DCHECK(engine_cert_);

22	22

23 net::SHA1HashValue sha1_hash;

24 sha1_hash = net::X509Certificate::CalculateFingerprint(

25 engine_cert_->os_cert_handle());

26 engine_cert_hashes_.push_back(net::HashValue(sha1_hash));

27

28 net::SHA256HashValue sha256_hash;	23 net::SHA256HashValue sha256_hash;

29 sha256_hash = net::X509Certificate::CalculateFingerprint256(	24 sha256_hash = net::X509Certificate::CalculateFingerprint256(

30 engine_cert_->os_cert_handle());	25 engine_cert_->os_cert_handle());

31 engine_cert_hashes_.push_back(net::HashValue(sha256_hash));	26 engine_cert_hashes_.push_back(net::HashValue(sha256_hash));

32 }	27 }

33	28

34 ExactMatchCertVerifier::~ExactMatchCertVerifier() {}	29 ExactMatchCertVerifier::~ExactMatchCertVerifier() {}

35	30

36 int ExactMatchCertVerifier::Verify(const RequestParams& params,	31 int ExactMatchCertVerifier::Verify(const RequestParams& params,

37 net::CRLSet* crl_set,	32 net::CRLSet* crl_set,

38 net::CertVerifyResult* verify_result,	33 net::CertVerifyResult* verify_result,

39 const net::CompletionCallback& callback,	34 const net::CompletionCallback& callback,

40 std::unique_ptr<Request>* out_req,	35 std::unique_ptr<Request>* out_req,

41 const net::BoundNetLog& net_log) {	36 const net::BoundNetLog& net_log) {

42 verify_result->Reset();	37 verify_result->Reset();

43 verify_result->verified_cert = engine_cert_;	38 verify_result->verified_cert = engine_cert_;

44	39

45 if (!params.certificate()->Equals(engine_cert_.get())) {	40 if (!params.certificate()->Equals(engine_cert_.get())) {

46 verify_result->cert_status = net::CERT_STATUS_INVALID;	41 verify_result->cert_status = net::CERT_STATUS_INVALID;

47 return net::ERR_CERT_INVALID;	42 return net::ERR_CERT_INVALID;

48 }	43 }

49	44

50 verify_result->public_key_hashes = engine_cert_hashes_;	45 verify_result->public_key_hashes = engine_cert_hashes_;

51 return net::OK;	46 return net::OK;

52 }	47 }

53	48

54 } // namespace blimp	49 } // namespace blimp

OLD	NEW

« no previous file with comments | « no previous file | chrome/browser/safe_browsing/download_protection_service.cc » ('j') | no next file with comments »