| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/tools/cert_verify_tool/verify_using_path_builder.h" | 5 #include "net/tools/cert_verify_tool/verify_using_path_builder.h" |
| 6 | 6 |
| 7 #include <iostream> | 7 #include <iostream> |
| 8 | 8 |
| 9 #include "base/memory/ptr_util.h" | 9 #include "base/memory/ptr_util.h" |
| 10 #include "base/strings/string_number_conversions.h" | 10 #include "base/strings/string_number_conversions.h" |
| (...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 112 // the normalized subject. | 112 // the normalized subject. |
| 113 if (trust_anchor->cert()) | 113 if (trust_anchor->cert()) |
| 114 return SubjectFromParsedCertificate(trust_anchor->cert().get()); | 114 return SubjectFromParsedCertificate(trust_anchor->cert().get()); |
| 115 | 115 |
| 116 net::RDNSequence parsed_subject; | 116 net::RDNSequence parsed_subject; |
| 117 if (!net::ParseNameValue(trust_anchor->normalized_subject(), &parsed_subject)) | 117 if (!net::ParseNameValue(trust_anchor->normalized_subject(), &parsed_subject)) |
| 118 return std::string(); | 118 return std::string(); |
| 119 return SubjectToString(parsed_subject); | 119 return SubjectToString(parsed_subject); |
| 120 } | 120 } |
| 121 | 121 |
| 122 void PrintCertErrors(const net::CertErrors& errors) { | |
| 123 // TODO(crbug.com/634443): Include more detailed error information. Also this | |
| 124 // should likely be extracted to a common location and used by unit-tests and | |
| 125 // other debugging needs. | |
| 126 for (const auto& error : errors.errors()) { | |
| 127 std::cout << " " << error.type << "\n"; | |
| 128 } | |
| 129 } | |
| 130 | |
| 131 // Dumps a ResultPath to std::cout. | 122 // Dumps a ResultPath to std::cout. |
| 132 void PrintResultPath(const net::CertPathBuilder::ResultPath* result_path, | 123 void PrintResultPath(const net::CertPathBuilder::ResultPath* result_path, |
| 133 size_t index, | 124 size_t index, |
| 134 bool is_best) { | 125 bool is_best) { |
| 135 std::cout << "path " << index << " " | 126 std::cout << "path " << index << " " |
| 136 << (result_path->valid ? "valid" : "invalid") | 127 << (result_path->valid ? "valid" : "invalid") |
| 137 << (is_best ? " (best)" : "") << "\n"; | 128 << (is_best ? " (best)" : "") << "\n"; |
| 138 | 129 |
| 139 // Print the certificate chain. | 130 // Print the certificate chain. |
| 140 for (const auto& cert : result_path->path.certs) { | 131 for (const auto& cert : result_path->path.certs) { |
| 141 std::cout << " " << FingerPrintParsedCertificate(cert.get()) << " " | 132 std::cout << " " << FingerPrintParsedCertificate(cert.get()) << " " |
| 142 << SubjectFromParsedCertificate(cert.get()) << "\n"; | 133 << SubjectFromParsedCertificate(cert.get()) << "\n"; |
| 143 } | 134 } |
| 144 | 135 |
| 145 // Print the trust anchor (if there was one). | 136 // Print the trust anchor (if there was one). |
| 146 const auto& trust_anchor = result_path->path.trust_anchor; | 137 const auto& trust_anchor = result_path->path.trust_anchor; |
| 147 if (trust_anchor) { | 138 if (trust_anchor) { |
| 148 std::string trust_anchor_cert_fingerprint = "<no cert>"; | 139 std::string trust_anchor_cert_fingerprint = "<no cert>"; |
| 149 if (trust_anchor->cert()) { | 140 if (trust_anchor->cert()) { |
| 150 trust_anchor_cert_fingerprint = | 141 trust_anchor_cert_fingerprint = |
| 151 FingerPrintParsedCertificate(trust_anchor->cert().get()); | 142 FingerPrintParsedCertificate(trust_anchor->cert().get()); |
| 152 } | 143 } |
| 153 std::cout << " " << trust_anchor_cert_fingerprint << " " | 144 std::cout << " " << trust_anchor_cert_fingerprint << " " |
| 154 << SubjectFromTrustAnchor(trust_anchor.get()) << "\n"; | 145 << SubjectFromTrustAnchor(trust_anchor.get()) << "\n"; |
| 155 } | 146 } |
| 156 | 147 |
| 157 // Print the errors. | 148 // Print the errors. |
| 158 if (!result_path->errors.errors().empty()) { | 149 if (!result_path->errors.errors().empty()) { |
| 159 std::cout << "Errors:\n"; | 150 std::cout << "Errors:\n"; |
| 160 PrintCertErrors(result_path->errors); | 151 std::cout << result_path->errors.ToDebugString() << "\n"; |
| 161 } | 152 } |
| 162 } | 153 } |
| 163 | 154 |
| 164 } // namespace | 155 } // namespace |
| 165 | 156 |
| 166 // Verifies |target_der_cert| using CertPathBuilder. | 157 // Verifies |target_der_cert| using CertPathBuilder. |
| 167 bool VerifyUsingPathBuilder( | 158 bool VerifyUsingPathBuilder( |
| 168 const CertInput& target_der_cert, | 159 const CertInput& target_der_cert, |
| 169 const std::vector<CertInput>& intermediate_der_certs, | 160 const std::vector<CertInput>& intermediate_der_certs, |
| 170 const std::vector<CertInput>& root_der_certs, | 161 const std::vector<CertInput>& root_der_certs, |
| (...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 269 if (!DumpParsedCertificateChain( | 260 if (!DumpParsedCertificateChain( |
| 270 dump_prefix_path.AddExtension( | 261 dump_prefix_path.AddExtension( |
| 271 FILE_PATH_LITERAL(".CertPathBuilder.pem")), | 262 FILE_PATH_LITERAL(".CertPathBuilder.pem")), |
| 272 result.paths[result.best_result_index]->path)) { | 263 result.paths[result.best_result_index]->path)) { |
| 273 return false; | 264 return false; |
| 274 } | 265 } |
| 275 } | 266 } |
| 276 | 267 |
| 277 return result.HasValidPath(); | 268 return result.HasValidPath(); |
| 278 } | 269 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2326923002:
Introduce CertErrors::ToDebugString(). (Closed)
