net/cert/x509_certificate_nss.cc - Issue 2000503002: Remove the fingerprint and ca_fingerprint from X509Certificate

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/x509_certificate_nss.cc

Issue 2000503002: Remove the fingerprint and ca_fingerprint from X509Certificate (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@move_cache

Patch Set: I'm an idiot Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/x509_certificate_nss.cc

diff --git a/net/cert/x509_certificate_nss.cc b/net/cert/x509_certificate_nss.cc

index 8681b3c2f35efc0ef0e7f3482726c32debd0cefb..abb6f20462e3113a198298359a031ddeb2aeb5cd 100644

--- a/net/cert/x509_certificate_nss.cc

+++ b/net/cert/x509_certificate_nss.cc

@@ -33,9 +33,6 @@ void X509Certificate::Initialize() {

x509_util::ParseDate(&cert_handle_->validity.notBefore, &valid_start_);

x509_util::ParseDate(&cert_handle_->validity.notAfter, &valid_expiry_);

- fingerprint_ = CalculateFingerprint(cert_handle_);

- ca_fingerprint_ = CalculateCAFingerprint(intermediate_ca_certs_);

serial_number_ = x509_util::ParseSerialNumber(cert_handle_);

}

@@ -208,22 +205,6 @@ void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) {

}

// static

-SHA1HashValue X509Certificate::CalculateFingerprint(

- OSCertHandle cert) {

- SHA1HashValue sha1;

- memset(sha1.data, 0, sizeof(sha1.data));

- DCHECK(NULL != cert->derCert.data);

- DCHECK_NE(0U, cert->derCert.len);

- SECStatus rv = HASH_HashBuf(HASH_AlgSHA1, sha1.data,

- cert->derCert.data, cert->derCert.len);

- DCHECK_EQ(SECSuccess, rv);

- return sha1;

-// static

SHA256HashValue X509Certificate::CalculateFingerprint256(OSCertHandle cert) {

SHA256HashValue sha256;

memset(sha256.data, 0, sizeof(sha256.data));

@@ -239,24 +220,25 @@ SHA256HashValue X509Certificate::CalculateFingerprint256(OSCertHandle cert) {

}

// static

-SHA1HashValue X509Certificate::CalculateCAFingerprint(

+SHA256HashValue X509Certificate::CalculateCAFingerprint256(

const OSCertHandles& intermediates) {

- SHA1HashValue sha1;

- memset(sha1.data, 0, sizeof(sha1.data));

+ SHA256HashValue sha256;

+ memset(sha256.data, 0, sizeof(sha256.data));

- HASHContext* sha1_ctx = HASH_Create(HASH_AlgSHA1);

- if (!sha1_ctx)

- return sha1;

- HASH_Begin(sha1_ctx);

+ HASHContext* sha256_ctx = HASH_Create(HASH_AlgSHA256);

+ if (!sha256_ctx)

+ return sha256;

+ HASH_Begin(sha256_ctx);

for (size_t i = 0; i < intermediates.size(); ++i) {

CERTCertificate* ca_cert = intermediates[i];

- HASH_Update(sha1_ctx, ca_cert->derCert.data, ca_cert->derCert.len);

+ HASH_Update(sha256_ctx, ca_cert->derCert.data, ca_cert->derCert.len);

}

unsigned int result_len;

- HASH_End(sha1_ctx, sha1.data, &result_len, HASH_ResultLenContext(sha1_ctx));

- HASH_Destroy(sha1_ctx);

+ HASH_End(sha256_ctx, sha256.data, &result_len,

+ HASH_ResultLenContext(sha256_ctx));

+ HASH_Destroy(sha256_ctx);

- return sha1;

+ return sha256;

}

// static

« ios/web/navigation/crw_session_certificate_policy_manager.mm ('K') | « net/cert/x509_certificate_mac.cc ('k') | net/cert/x509_certificate_openssl.cc » ('j') | no next file with comments »