net/cert/x509_certificate_openssl.cc - Issue 2000503002: Remove the fingerprint and ca_fingerprint from X509Certificate

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/x509_certificate_openssl.cc

Issue 2000503002: Remove the fingerprint and ca_fingerprint from X509Certificate (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@move_cache

Patch Set: Feedback Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/x509_certificate_openssl.cc

diff --git a/net/cert/x509_certificate_openssl.cc b/net/cert/x509_certificate_openssl.cc

index 4809b4529da3ec65f60ce05b2dfa62e2f865a946..c2bd6aa53a642d0f898f2b658d26dcdc600c8386 100644

--- a/net/cert/x509_certificate_openssl.cc

+++ b/net/cert/x509_certificate_openssl.cc

@@ -193,8 +193,6 @@ void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) {

void X509Certificate::Initialize() {

crypto::EnsureOpenSSLInit();

- fingerprint_ = CalculateFingerprint(cert_handle_);

- ca_fingerprint_ = CalculateCAFingerprint(intermediate_ca_certs_);

ASN1_INTEGER* serial_num = X509_get_serialNumber(cert_handle_);

if (serial_num) {

@@ -223,16 +221,6 @@ void X509Certificate::ResetCertStore() {

}

// static

-SHA1HashValue X509Certificate::CalculateFingerprint(OSCertHandle cert) {

- SHA1HashValue sha1;

- unsigned int sha1_size = static_cast<unsigned int>(sizeof(sha1.data));

- int ret = X509_digest(cert, EVP_sha1(), sha1.data, &sha1_size);

- CHECK(ret);

- CHECK_EQ(sha1_size, sizeof(sha1.data));

- return sha1;

-// static

SHA256HashValue X509Certificate::CalculateFingerprint256(OSCertHandle cert) {

SHA256HashValue sha256;

unsigned int sha256_size = static_cast<unsigned int>(sizeof(sha256.data));

@@ -243,22 +231,22 @@ SHA256HashValue X509Certificate::CalculateFingerprint256(OSCertHandle cert) {

}

// static

-SHA1HashValue X509Certificate::CalculateCAFingerprint(

+SHA256HashValue X509Certificate::CalculateCAFingerprint256(

const OSCertHandles& intermediates) {

- SHA1HashValue sha1;

- memset(sha1.data, 0, sizeof(sha1.data));

+ SHA256HashValue sha256;

+ memset(sha256.data, 0, sizeof(sha256.data));

- SHA_CTX sha1_ctx;

- SHA1_Init(&sha1_ctx);

+ SHA256_CTX sha256_ctx;

+ SHA256_Init(&sha256_ctx);

base::StringPiece der;

for (size_t i = 0; i < intermediates.size(); ++i) {

if (!x509_util::GetDER(intermediates[i], &der))

- return sha1;

- SHA1_Update(&sha1_ctx, der.data(), der.length());

+ return sha256;

+ SHA256_Update(&sha256_ctx, der.data(), der.length());

}

- SHA1_Final(sha1.data, &sha1_ctx);

+ SHA256_Final(sha256.data, &sha256_ctx);

- return sha1;

+ return sha256;

}

// static

« net/cert/x509_certificate.cc ('K') | « net/cert/x509_certificate_nss.cc ('k') | net/cert/x509_certificate_unittest.cc » ('j') | no next file with comments »