| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
| 6 | 6 |
| 7 #include <openssl/asn1.h> | 7 #include <openssl/asn1.h> |
| 8 #include <openssl/bytestring.h> | 8 #include <openssl/bytestring.h> |
| 9 #include <openssl/crypto.h> | 9 #include <openssl/crypto.h> |
| 10 #include <openssl/obj_mac.h> | 10 #include <openssl/obj_mac.h> |
| (...skipping 124 matching lines...) Loading... |
| 135 } | 135 } |
| 136 } | 136 } |
| 137 } | 137 } |
| 138 | 138 |
| 139 class X509InitSingleton { | 139 class X509InitSingleton { |
| 140 public: | 140 public: |
| 141 static X509InitSingleton* GetInstance() { | 141 static X509InitSingleton* GetInstance() { |
| 142 // We allow the X509 store to leak, because it is used from a non-joinable | 142 // We allow the X509 store to leak, because it is used from a non-joinable |
| 143 // worker that is not stopped on shutdown, hence may still be using | 143 // worker that is not stopped on shutdown, hence may still be using |
| 144 // OpenSSL library after the AtExit runner has completed. | 144 // OpenSSL library after the AtExit runner has completed. |
| 145 return Singleton<X509InitSingleton, | 145 return base::Singleton<X509InitSingleton, base::LeakySingletonTraits< |
| 146 LeakySingletonTraits<X509InitSingleton> >::get(); | 146 X509InitSingleton>>::get(); |
| 147 } | 147 } |
| 148 X509_STORE* store() const { return store_.get(); } | 148 X509_STORE* store() const { return store_.get(); } |
| 149 | 149 |
| 150 void ResetCertStore() { | 150 void ResetCertStore() { |
| 151 store_.reset(X509_STORE_new()); | 151 store_.reset(X509_STORE_new()); |
| 152 DCHECK(store_.get()); | 152 DCHECK(store_.get()); |
| 153 X509_STORE_set_default_paths(store_.get()); | 153 X509_STORE_set_default_paths(store_.get()); |
| 154 // TODO(joth): Enable CRL (see X509_STORE_set_flags(X509_V_FLAG_CRL_CHECK)). | 154 // TODO(joth): Enable CRL (see X509_STORE_set_flags(X509_V_FLAG_CRL_CHECK)). |
| 155 } | 155 } |
| 156 | 156 |
| 157 private: | 157 private: |
| 158 friend struct DefaultSingletonTraits<X509InitSingleton>; | 158 friend struct base::DefaultSingletonTraits<X509InitSingleton>; |
| 159 X509InitSingleton() { | 159 X509InitSingleton() { |
| 160 crypto::EnsureOpenSSLInit(); | 160 crypto::EnsureOpenSSLInit(); |
| 161 ResetCertStore(); | 161 ResetCertStore(); |
| 162 } | 162 } |
| 163 | 163 |
| 164 crypto::ScopedOpenSSL<X509_STORE, X509_STORE_free> store_; | 164 crypto::ScopedOpenSSL<X509_STORE, X509_STORE_free> store_; |
| 165 | 165 |
| 166 DISALLOW_COPY_AND_ASSIGN(X509InitSingleton); | 166 DISALLOW_COPY_AND_ASSIGN(X509InitSingleton); |
| 167 }; | 167 }; |
| 168 | 168 |
| (...skipping 284 matching lines...) Loading... |
| 453 bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) { | 453 bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) { |
| 454 crypto::ScopedEVP_PKEY scoped_key(X509_get_pubkey(cert_handle)); | 454 crypto::ScopedEVP_PKEY scoped_key(X509_get_pubkey(cert_handle)); |
| 455 if (!scoped_key) | 455 if (!scoped_key) |
| 456 return false; | 456 return false; |
| 457 | 457 |
| 458 // NOTE: X509_verify() returns 1 in case of success, 0 or -1 on error. | 458 // NOTE: X509_verify() returns 1 in case of success, 0 or -1 on error. |
| 459 return X509_verify(cert_handle, scoped_key.get()) == 1; | 459 return X509_verify(cert_handle, scoped_key.get()) == 1; |
| 460 } | 460 } |
| 461 | 461 |
| 462 } // namespace net | 462 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews