| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/verify_name_match.h" | 5 #include "net/cert/internal/verify_name_match.h" |
| 6 | 6 |
| 7 #include <openssl/bytestring.h> |
| 8 #include <openssl/mem.h> |
| 9 |
| 7 #include <algorithm> | 10 #include <algorithm> |
| 8 #include <vector> | 11 #include <vector> |
| 9 | 12 |
| 10 #include "base/strings/string_util.h" | 13 #include "base/strings/string_util.h" |
| 11 #include "base/tuple.h" | 14 #include "base/tuple.h" |
| 12 #include "crypto/auto_cbb.h" | |
| 13 #include "crypto/scoped_openssl_types.h" | |
| 14 #include "net/cert/internal/parse_name.h" | 15 #include "net/cert/internal/parse_name.h" |
| 15 #include "net/der/input.h" | 16 #include "net/der/input.h" |
| 16 #include "net/der/parser.h" | 17 #include "net/der/parser.h" |
| 17 #include "net/der/tag.h" | 18 #include "net/der/tag.h" |
| 18 | 19 |
| 19 namespace net { | 20 namespace net { |
| 20 | 21 |
| 21 namespace { | 22 namespace { |
| 22 | 23 |
| 23 // RFC 5280 section A.1: | 24 // RFC 5280 section A.1: |
| (...skipping 263 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 287 } | 288 } |
| 288 | 289 |
| 289 } // namespace | 290 } // namespace |
| 290 | 291 |
| 291 bool NormalizeName(const der::Input& name_rdn_sequence, | 292 bool NormalizeName(const der::Input& name_rdn_sequence, |
| 292 std::string* normalized_rdn_sequence) { | 293 std::string* normalized_rdn_sequence) { |
| 293 // RFC 5280 section 4.1.2.4 | 294 // RFC 5280 section 4.1.2.4 |
| 294 // RDNSequence ::= SEQUENCE OF RelativeDistinguishedName | 295 // RDNSequence ::= SEQUENCE OF RelativeDistinguishedName |
| 295 der::Parser rdn_sequence_parser(name_rdn_sequence); | 296 der::Parser rdn_sequence_parser(name_rdn_sequence); |
| 296 | 297 |
| 297 crypto::AutoCBB cbb; | 298 bssl::ScopedCBB cbb; |
| 298 if (!CBB_init(cbb.get(), 0)) | 299 if (!CBB_init(cbb.get(), 0)) |
| 299 return false; | 300 return false; |
| 300 | 301 |
| 301 while (rdn_sequence_parser.HasMore()) { | 302 while (rdn_sequence_parser.HasMore()) { |
| 302 // RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue | 303 // RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue |
| 303 der::Parser rdn_parser; | 304 der::Parser rdn_parser; |
| 304 if (!rdn_sequence_parser.ReadConstructed(der::kSet, &rdn_parser)) | 305 if (!rdn_sequence_parser.ReadConstructed(der::kSet, &rdn_parser)) |
| 305 return false; | 306 return false; |
| 306 RelativeDistinguishedName type_and_values; | 307 RelativeDistinguishedName type_and_values; |
| 307 if (!ReadRdn(&rdn_parser, &type_and_values)) | 308 if (!ReadRdn(&rdn_parser, &type_and_values)) |
| 308 return false; | 309 return false; |
| 309 | 310 |
| 310 // The AttributeTypeAndValue objects in the SET OF need to be sorted on | 311 // The AttributeTypeAndValue objects in the SET OF need to be sorted on |
| 311 // their DER encodings. Encode each individually and save the encoded values | 312 // their DER encodings. Encode each individually and save the encoded values |
| 312 // in |encoded_attribute_type_and_values| so that it can be sorted before | 313 // in |encoded_attribute_type_and_values| so that it can be sorted before |
| 313 // being added to |rdn_cbb|. |scoped_encoded_attribute_type_and_values| | 314 // being added to |rdn_cbb|. |scoped_encoded_attribute_type_and_values| |
| 314 // owns the |OPENSSL_malloc|ed memory referred to by | 315 // owns the |OPENSSL_malloc|ed memory referred to by |
| 315 // |encoded_attribute_type_and_values|. | 316 // |encoded_attribute_type_and_values|. |
| 316 CBB rdn_cbb; | 317 CBB rdn_cbb; |
| 317 if (!CBB_add_asn1(cbb.get(), &rdn_cbb, CBS_ASN1_SET)) | 318 if (!CBB_add_asn1(cbb.get(), &rdn_cbb, CBS_ASN1_SET)) |
| 318 return false; | 319 return false; |
| 319 std::vector<crypto::ScopedOpenSSLBytes> | 320 std::vector<bssl::UniquePtr<uint8_t>> |
| 320 scoped_encoded_attribute_type_and_values; | 321 scoped_encoded_attribute_type_and_values; |
| 321 std::vector<der::Input> encoded_attribute_type_and_values; | 322 std::vector<der::Input> encoded_attribute_type_and_values; |
| 322 | 323 |
| 323 for (const auto& type_and_value : type_and_values) { | 324 for (const auto& type_and_value : type_and_values) { |
| 324 // A top-level CBB for encoding each individual AttributeTypeAndValue. | 325 // A top-level CBB for encoding each individual AttributeTypeAndValue. |
| 325 crypto::AutoCBB type_and_value_encoder_cbb; | 326 bssl::ScopedCBB type_and_value_encoder_cbb; |
| 326 if (!CBB_init(type_and_value_encoder_cbb.get(), 0)) | 327 if (!CBB_init(type_and_value_encoder_cbb.get(), 0)) |
| 327 return false; | 328 return false; |
| 328 | 329 |
| 329 // AttributeTypeAndValue ::= SEQUENCE { | 330 // AttributeTypeAndValue ::= SEQUENCE { |
| 330 // type AttributeType, | 331 // type AttributeType, |
| 331 // value AttributeValue } | 332 // value AttributeValue } |
| 332 CBB attribute_type_and_value_cbb, type_cbb, value_cbb; | 333 CBB attribute_type_and_value_cbb, type_cbb, value_cbb; |
| 333 if (!CBB_add_asn1(type_and_value_encoder_cbb.get(), | 334 if (!CBB_add_asn1(type_and_value_encoder_cbb.get(), |
| 334 &attribute_type_and_value_cbb, CBS_ASN1_SEQUENCE)) { | 335 &attribute_type_and_value_cbb, CBS_ASN1_SEQUENCE)) { |
| 335 return false; | 336 return false; |
| (...skipping 24 matching lines...) Expand all Loading... |
| 360 !CBB_add_bytes(&value_cbb, type_and_value.value.UnsafeData(), | 361 !CBB_add_bytes(&value_cbb, type_and_value.value.UnsafeData(), |
| 361 type_and_value.value.Length())) | 362 type_and_value.value.Length())) |
| 362 return false; | 363 return false; |
| 363 } | 364 } |
| 364 | 365 |
| 365 uint8_t* bytes; | 366 uint8_t* bytes; |
| 366 size_t len; | 367 size_t len; |
| 367 if (!CBB_finish(type_and_value_encoder_cbb.get(), &bytes, &len)) | 368 if (!CBB_finish(type_and_value_encoder_cbb.get(), &bytes, &len)) |
| 368 return false; | 369 return false; |
| 369 scoped_encoded_attribute_type_and_values.push_back( | 370 scoped_encoded_attribute_type_and_values.push_back( |
| 370 crypto::ScopedOpenSSLBytes(bytes)); | 371 bssl::UniquePtr<uint8_t>(bytes)); |
| 371 encoded_attribute_type_and_values.push_back(der::Input(bytes, len)); | 372 encoded_attribute_type_and_values.push_back(der::Input(bytes, len)); |
| 372 } | 373 } |
| 373 | 374 |
| 374 std::sort(encoded_attribute_type_and_values.begin(), | 375 std::sort(encoded_attribute_type_and_values.begin(), |
| 375 encoded_attribute_type_and_values.end()); | 376 encoded_attribute_type_and_values.end()); |
| 376 for (const auto& encoded_attribute_type_and_value : | 377 for (const auto& encoded_attribute_type_and_value : |
| 377 encoded_attribute_type_and_values) { | 378 encoded_attribute_type_and_values) { |
| 378 if (!CBB_add_bytes(&rdn_cbb, | 379 if (!CBB_add_bytes(&rdn_cbb, |
| 379 encoded_attribute_type_and_value.UnsafeData(), | 380 encoded_attribute_type_and_value.UnsafeData(), |
| 380 encoded_attribute_type_and_value.Length())) { | 381 encoded_attribute_type_and_value.Length())) { |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 425 return true; | 426 return true; |
| 426 } | 427 } |
| 427 } | 428 } |
| 428 } | 429 } |
| 429 | 430 |
| 430 *contained_email_address = false; | 431 *contained_email_address = false; |
| 431 return true; | 432 return true; |
| 432 } | 433 } |
| 433 | 434 |
| 434 } // namespace net | 435 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2400033005:
Use BoringSSL scopers in //net. (Closed)
