Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(298)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate_win.cc

Issue 21071: Add X509Certificate::Verify stubs for Mac and Linux.... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 11 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/x509_certificate_nss.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/pickle.h" 8 #include "base/pickle.h"
9 #include "base/string_tokenizer.h" 9 #include "base/string_tokenizer.h"
10 #include "base/string_util.h" 10 #include "base/string_util.h"
(...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after
158 extension->Value.cbData, 158 extension->Value.cbData,
159 CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG, 159 CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG,
160 &decode_para, 160 &decode_para,
161 &alt_name_info, 161 &alt_name_info,
162 &alt_name_info_size); 162 &alt_name_info_size);
163 if (rv) 163 if (rv)
164 output->reset(alt_name_info); 164 output->reset(alt_name_info);
165 } 165 }
166 166
167 // Saves some information about the certificate chain chain_context in 167 // Saves some information about the certificate chain chain_context in
168 // *verify_result. 168 // *verify_result. The caller MUST initialize *verify_result before calling
169 // this function.
169 void GetCertChainInfo(PCCERT_CHAIN_CONTEXT chain_context, 170 void GetCertChainInfo(PCCERT_CHAIN_CONTEXT chain_context,
170 CertVerifyResult* verify_result) { 171 CertVerifyResult* verify_result) {
171 PCERT_SIMPLE_CHAIN first_chain = chain_context->rgpChain[0]; 172 PCERT_SIMPLE_CHAIN first_chain = chain_context->rgpChain[0];
172 int num_elements = first_chain->cElement; 173 int num_elements = first_chain->cElement;
173 PCERT_CHAIN_ELEMENT* element = first_chain->rgpElement; 174 PCERT_CHAIN_ELEMENT* element = first_chain->rgpElement;
174 175
175 // Each chain starts with the end entity certificate (i = 0) and ends with 176 // Each chain starts with the end entity certificate (i = 0) and ends with
176 // the root CA certificate (i = num_elements - 1). Do not inspect the 177 // the root CA certificate (i = num_elements - 1). Do not inspect the
177 // signature algorithm of the root CA certificate because the signature on 178 // signature algorithm of the root CA certificate because the signature on
178 // the trust anchor is not important. 179 // the trust anchor is not important.
(...skipping 247 matching lines...) Expand 10 before | Expand all | Expand 10 after
426 dns_names->push_back(subject_.common_name); 427 dns_names->push_back(subject_.common_name);
427 } 428 }
428 429
429 bool X509Certificate::HasExpired() const { 430 bool X509Certificate::HasExpired() const {
430 return Time::Now() > valid_expiry(); 431 return Time::Now() > valid_expiry();
431 } 432 }
432 433
433 int X509Certificate::Verify(const std::string& hostname, 434 int X509Certificate::Verify(const std::string& hostname,
434 bool rev_checking_enabled, 435 bool rev_checking_enabled,
435 CertVerifyResult* verify_result) const { 436 CertVerifyResult* verify_result) const {
436 verify_result->cert_status = 0; 437 verify_result->Reset();
437 verify_result->has_md5 = false;
438 verify_result->has_md2 = false;
439 verify_result->has_md4 = false;
440 verify_result->has_md5_ca = false;
441 verify_result->has_md2_ca = false;
442 438
443 // Build and validate certificate chain. 439 // Build and validate certificate chain.
444 440
445 CERT_CHAIN_PARA chain_para; 441 CERT_CHAIN_PARA chain_para;
446 memset(&chain_para, 0, sizeof(chain_para)); 442 memset(&chain_para, 0, sizeof(chain_para));
447 chain_para.cbSize = sizeof(chain_para); 443 chain_para.cbSize = sizeof(chain_para);
448 // TODO(wtc): consider requesting the usage szOID_PKIX_KP_SERVER_AUTH 444 // TODO(wtc): consider requesting the usage szOID_PKIX_KP_SERVER_AUTH
449 // or szOID_SERVER_GATED_CRYPTO or szOID_SGC_NETSCAPE 445 // or szOID_SERVER_GATED_CRYPTO or szOID_SGC_NETSCAPE
450 chain_para.RequestedUsage.dwType = USAGE_MATCH_TYPE_AND; 446 chain_para.RequestedUsage.dwType = USAGE_MATCH_TYPE_AND;
451 chain_para.RequestedUsage.Usage.cUsageIdentifier = 0; 447 chain_para.RequestedUsage.Usage.cUsageIdentifier = 0;
(...skipping 200 matching lines...) Expand 10 before | Expand all | Expand 10 after
652 rv = CryptHashCertificate(NULL, CALG_SHA1, 0, cert->pbCertEncoded, 648 rv = CryptHashCertificate(NULL, CALG_SHA1, 0, cert->pbCertEncoded,
653 cert->cbCertEncoded, sha1.data, &sha1_size); 649 cert->cbCertEncoded, sha1.data, &sha1_size);
654 DCHECK(rv && sha1_size == sizeof(sha1.data)); 650 DCHECK(rv && sha1_size == sizeof(sha1.data));
655 if (!rv) 651 if (!rv)
656 memset(sha1.data, 0, sizeof(sha1.data)); 652 memset(sha1.data, 0, sizeof(sha1.data));
657 return sha1; 653 return sha1;
658 } 654 }
659 655
660 } // namespace net 656 } // namespace net
661 657
OLDNEW
« no previous file with comments | « net/base/x509_certificate_nss.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698