net/socket/ssl_client_socket_nss.cc - Issue 23596013: Prefer to generate SHA-1 signatures for TLS 1.2 client authentication if

Side by Side Diff: net/socket/ssl_client_socket_nss.cc

Issue 23596013: Prefer to generate SHA-1 signatures for TLS 1.2 client authentication if (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Created 7 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived	5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived

6 // from AuthCertificateCallback() in	6 // from AuthCertificateCallback() in

7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.	7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp.

8	8

9 /* *** BEGIN LICENSE BLOCK ***	9 /* *** BEGIN LICENSE BLOCK ***

10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1	10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1

(...skipping 1308 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1319 #if defined(OS_WIN)	1319 #if defined(OS_WIN)

1320 if (core->ssl_config_.send_client_cert) {	1320 if (core->ssl_config_.send_client_cert) {

1321 if (core->ssl_config_.client_cert) {	1321 if (core->ssl_config_.client_cert) {

1322 PCCERT_CONTEXT cert_context =	1322 PCCERT_CONTEXT cert_context =

1323 core->ssl_config_.client_cert->os_cert_handle();	1323 core->ssl_config_.client_cert->os_cert_handle();

1324	1324

1325 HCRYPTPROV_OR_NCRYPT_KEY_HANDLE crypt_prov = 0;	1325 HCRYPTPROV_OR_NCRYPT_KEY_HANDLE crypt_prov = 0;

1326 DWORD key_spec = 0;	1326 DWORD key_spec = 0;

1327 BOOL must_free = FALSE;	1327 BOOL must_free = FALSE;

1328 DWORD flags = 0;	1328 DWORD flags = 0;

	1329 #if 0

1329 if (base::win::GetVersion() >= base::win::VERSION_VISTA)	1330 if (base::win::GetVersion() >= base::win::VERSION_VISTA)

1330 flags \|= CRYPT_ACQUIRE_PREFER_NCRYPT_KEY_FLAG;	1331 flags \|= CRYPT_ACQUIRE_PREFER_NCRYPT_KEY_FLAG;

	1332 #endif

1331	1333

1332 BOOL acquired_key = CryptAcquireCertificatePrivateKey(	1334 BOOL acquired_key = CryptAcquireCertificatePrivateKey(

1333 cert_context, flags, NULL, &crypt_prov, &key_spec, &must_free);	1335 cert_context, flags, NULL, &crypt_prov, &key_spec, &must_free);

1334	1336

1335 if (acquired_key) {	1337 if (acquired_key) {

1336 // Should never get a cached handle back - ownership must always be	1338 // Should never get a cached handle back - ownership must always be

1337 // transferred.	1339 // transferred.

1338 CHECK_EQ(must_free, TRUE);	1340 CHECK_EQ(must_free, TRUE);

1339	1341

1340 SECItem der_cert;	1342 SECItem der_cert;

(...skipping 2154 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
3495 EnsureThreadIdAssigned();	3497 EnsureThreadIdAssigned();

3496 base::AutoLock auto_lock(lock_);	3498 base::AutoLock auto_lock(lock_);

3497 return valid_thread_id_ == base::PlatformThread::CurrentId();	3499 return valid_thread_id_ == base::PlatformThread::CurrentId();

3498 }	3500 }

3499	3501

3500 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const {	3502 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const {

3501 return server_bound_cert_service_;	3503 return server_bound_cert_service_;

3502 }	3504 }

3503	3505

3504 } // namespace net	3506 } // namespace net

OLD	NEW

« no previous file with comments | « no previous file | net/third_party/nss/README.chromium » ('j') | net/third_party/nss/ssl/ssl3con.c » ('J')