net/tools/cert_verify_tool/verify_using_path_builder.cc - Issue 2535733003: pki library: Add CertIssuerSourceNSS that retrieves intermediate certs from NSS.

Side by Side Diff: net/tools/cert_verify_tool/verify_using_path_builder.cc

Issue 2535733003: pki library: Add CertIssuerSourceNSS that retrieves intermediate certs from NSS. (Closed)

Patch Set: review changes Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2016 The Chromium Authors. All rights reserved.	1 // Copyright 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/tools/cert_verify_tool/verify_using_path_builder.h"	5 #include "net/tools/cert_verify_tool/verify_using_path_builder.h"

6	6

7 #include <iostream>	7 #include <iostream>

8	8

9 #include "base/memory/ptr_util.h"	9 #include "base/memory/ptr_util.h"

10 #include "base/strings/string_number_conversions.h"	10 #include "base/strings/string_number_conversions.h"

(...skipping 10 matching lines...) Expand all Loading...
21 #include "net/cert/internal/trust_store_collection.h"	21 #include "net/cert/internal/trust_store_collection.h"

22 #include "net/cert/internal/trust_store_in_memory.h"	22 #include "net/cert/internal/trust_store_in_memory.h"

23 #include "net/cert_net/cert_net_fetcher_impl.h"	23 #include "net/cert_net/cert_net_fetcher_impl.h"

24 #include "net/tools/cert_verify_tool/cert_verify_tool_util.h"	24 #include "net/tools/cert_verify_tool/cert_verify_tool_util.h"

25 #include "net/url_request/url_request_context.h"	25 #include "net/url_request/url_request_context.h"

26 #include "net/url_request/url_request_context_builder.h"	26 #include "net/url_request/url_request_context_builder.h"

27 #include "net/url_request/url_request_context_getter.h"	27 #include "net/url_request/url_request_context_getter.h"

28	28

29 #if defined(USE_NSS_CERTS)	29 #if defined(USE_NSS_CERTS)

30 #include "base/threading/thread_task_runner_handle.h"	30 #include "base/threading/thread_task_runner_handle.h"

	31 #include "net/cert/internal/cert_issuer_source_nss.h"

31 #include "net/cert/internal/trust_store_nss.h"	32 #include "net/cert/internal/trust_store_nss.h"

32 #endif	33 #endif

33	34

34 #if defined(OS_LINUX)	35 #if defined(OS_LINUX)

35 #include "net/proxy/proxy_config.h"	36 #include "net/proxy/proxy_config.h"

36 #include "net/proxy/proxy_config_service_fixed.h"	37 #include "net/proxy/proxy_config_service_fixed.h"

37 #endif	38 #endif

38	39

39 namespace {	40 namespace {

40	41

(...skipping 225 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
266 ParseCertificate(target_der_cert);	267 ParseCertificate(target_der_cert);

267 if (!target_cert)	268 if (!target_cert)

268 return false;	269 return false;

269	270

270 // Verify the chain.	271 // Verify the chain.

271 net::SimpleSignaturePolicy signature_policy(2048);	272 net::SimpleSignaturePolicy signature_policy(2048);

272 net::CertPathBuilder::Result result;	273 net::CertPathBuilder::Result result;

273 net::CertPathBuilder path_builder(target_cert, &trust_store,	274 net::CertPathBuilder path_builder(target_cert, &trust_store,

274 &signature_policy, time, &result);	275 &signature_policy, time, &result);

275 path_builder.AddCertIssuerSource(&intermediate_cert_issuer_source);	276 path_builder.AddCertIssuerSource(&intermediate_cert_issuer_source);

	277 #if defined(USE_NSS_CERTS)

	278 net::CertIssuerSourceNSS cert_issuer_source_nss;

	279 path_builder.AddCertIssuerSource(&cert_issuer_source_nss);

	280 #endif

276	281

277 // Initialize an AIA fetcher, that uses a separate thread for running the	282 // Initialize an AIA fetcher, that uses a separate thread for running the

278 // networking message loop.	283 // networking message loop.

279 base::Thread::Options options(base::MessageLoop::TYPE_IO, 0);	284 base::Thread::Options options(base::MessageLoop::TYPE_IO, 0);

280 base::Thread thread("network_thread");	285 base::Thread thread("network_thread");

281 CHECK(thread.StartWithOptions(options));	286 CHECK(thread.StartWithOptions(options));

282 scoped_refptr<URLRequestContextGetterForAia> url_request_context_getter(	287 scoped_refptr<URLRequestContextGetterForAia> url_request_context_getter(

283 new URLRequestContextGetterForAia(thread.task_runner()));	288 new URLRequestContextGetterForAia(thread.task_runner()));

284 auto cert_net_fetcher =	289 auto cert_net_fetcher =

285 CreateCertNetFetcher(url_request_context_getter.get());	290 CreateCertNetFetcher(url_request_context_getter.get());

(...skipping 22 matching lines...) Expand all Loading...
308 if (!DumpParsedCertificateChain(	313 if (!DumpParsedCertificateChain(

309 dump_prefix_path.AddExtension(	314 dump_prefix_path.AddExtension(

310 FILE_PATH_LITERAL(".CertPathBuilder.pem")),	315 FILE_PATH_LITERAL(".CertPathBuilder.pem")),

311 result.paths[result.best_result_index]->path)) {	316 result.paths[result.best_result_index]->path)) {

312 return false;	317 return false;

313 }	318 }

314 }	319 }

315	320

316 return result.HasValidPath();	321 return result.HasValidPath();

317 }	322 }

OLD	NEW

« no previous file with comments | « net/net.gypi ('k') | no next file » | no next file with comments »