net/cert/x509_certificate_ios.cc - Issue 2610903003: [refactor] Extract the CertVerifyResult assignment of has_md2, has_md4,

Side by Side Diff: net/cert/x509_certificate_ios.cc

Issue 2610903003: [refactor] Extract the CertVerifyResult assignment of has_md2, has_md4, (Closed)

Patch Set: moar Created 3 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright (c) 2016 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/cert/x509_certificate.h"	5 #include "net/cert/x509_certificate.h"

6	6

7 #include <CommonCrypto/CommonDigest.h>	7 #include <CommonCrypto/CommonDigest.h>

8 #include <Security/Security.h>	8 #include <Security/Security.h>

9	9

10 #include "base/mac/scoped_cftyperef.h"	10 #include "base/mac/scoped_cftyperef.h"

(...skipping 340 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
351 case EVP_PKEY_EC:	351 case EVP_PKEY_EC:

352 *type = kPublicKeyTypeECDSA;	352 *type = kPublicKeyTypeECDSA;

353 break;	353 break;

354 case EVP_PKEY_DH:	354 case EVP_PKEY_DH:

355 *type = kPublicKeyTypeDH;	355 *type = kPublicKeyTypeDH;

356 break;	356 break;

357 }	357 }

358 *size_bits = EVP_PKEY_bits(key);	358 *size_bits = EVP_PKEY_bits(key);

359 }	359 }

360	360

	361 // static

	362 X509Certificate::SignatureHashAlgorithm

	363 X509Certificate::GetSignatureHashAlgorithm(OSCertHandle cert_handle) {

	364 bssl::UniquePtr<X509> cert = OSCertHandleToOpenSSL(cert_handle);

	365 if (!cert)

	366 return kSignatureHashAlgorithmOther;

	367

	368 // TODO(eroman): This duplicates code with x509_certificate_openssl.cc
	Ryan Sleevi 2017/01/05 22:48:24 x509_util_openssl is where we move the dupe code b x509_util_openssl is where we move the dupe code between these two (like the name & date parsing) eroman 2017/01/05 23:21:53 Want me to extract as part of this CL or a follow- Show quoted text On 2017/01/05 22:48:24, Ryan Sleevi wrote: > x509_util_openssl is where we move the dupe code between these two (like the > name & date parsing) Want me to extract as part of this CL or a follow-up? (The code is duplicated today, I preserved that duplication in this refactor). eroman 2017/01/05 23:36:31 Thanks for the heads up, I will leave that to a fo Show quoted text On 2017/01/05 23:21:53, eroman (slow) wrote: > On 2017/01/05 22:48:24, Ryan Sleevi wrote: > > x509_util_openssl is where we move the dupe code between these two (like the > > name & date parsing) > > Want me to extract as part of this CL or a follow-up? > (The code is duplicated today, I preserved that duplication in this refactor). Thanks for the heads up, I will leave that to a follow-up.
	369 int sig_alg = OBJ_obj2nid(cert->sig_alg->algorithm);

	370 if (sig_alg == NID_md2WithRSAEncryption)

	371 return kSignatureHashAlgorithmMd2;

	372 if (sig_alg == NID_md4WithRSAEncryption)

	373 return kSignatureHashAlgorithmMd4;

	374 if (sig_alg == NID_md5WithRSAEncryption \|\| sig_alg == NID_md5WithRSA)

	375 return kSignatureHashAlgorithmMd5;

	376 if (sig_alg == NID_sha1WithRSAEncryption \|\| sig_alg == NID_dsaWithSHA \|\|

	377 sig_alg == NID_dsaWithSHA1 \|\| sig_alg == NID_dsaWithSHA1_2 \|\|

	378 sig_alg == NID_sha1WithRSA \|\| sig_alg == NID_ecdsa_with_SHA1) {

	379 return kSignatureHashAlgorithmSha1;

	380 }

	381 return kSignatureHashAlgorithmOther;

	382 }

	383

361 bool X509Certificate::SupportsSSLClientAuth() const {	384 bool X509Certificate::SupportsSSLClientAuth() const {

362 return false;	385 return false;

363 }	386 }

364	387

365 CFMutableArrayRef X509Certificate::CreateOSCertChainForCert() const {	388 CFMutableArrayRef X509Certificate::CreateOSCertChainForCert() const {

366 CFMutableArrayRef cert_list =	389 CFMutableArrayRef cert_list =

367 CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks);	390 CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks);

368 if (!cert_list)	391 if (!cert_list)

369 return nullptr;	392 return nullptr;

370	393

(...skipping 66 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
437 return false;	460 return false;

438 bssl::UniquePtr<EVP_PKEY> scoped_key(X509_get_pubkey(cert.get()));	461 bssl::UniquePtr<EVP_PKEY> scoped_key(X509_get_pubkey(cert.get()));

439 if (!scoped_key)	462 if (!scoped_key)

440 return false;	463 return false;

441 if (!X509_verify(cert.get(), scoped_key.get()))	464 if (!X509_verify(cert.get(), scoped_key.get()))

442 return false;	465 return false;

443 return X509_check_issued(cert.get(), cert.get()) == X509_V_OK;	466 return X509_check_issued(cert.get(), cert.get()) == X509_V_OK;

444 }	467 }

445	468

446 } // namespace net	469 } // namespace net

OLD	NEW

« net/cert/x509_certificate.h ('K') | « net/cert/x509_certificate.h ('k') | net/cert/x509_certificate_mac.cc » ('j') | net/cert/x509_certificate_mac.cc » ('J')