Clang format slam.

net/cert/x509_certificate_mac.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cert/x509_certificate.h"
 
 #include <CommonCrypto/CommonDigest.h>
 #include <CoreServices/CoreServices.h>
 #include <Security/Security.h>
 
@@ skipping 32 matching lines @@
                                  distinguished_name.field()->Length);
 }
 
 bool IsCertIssuerInEncodedList(X509Certificate::OSCertHandle cert_handle,
                                const std::vector<std::string>& issuers) {
   x509_util::CSSMCachedCertificate cached_cert;
   if (cached_cert.Init(cert_handle) != CSSM_OK)
     return false;
 
   x509_util::CSSMFieldValue distinguished_name;
-  OSStatus status = cached_cert.GetField(&CSSMOID_X509V1IssuerNameStd,
-                                         &distinguished_name);
+  OSStatus status =
+      cached_cert.GetField(&CSSMOID_X509V1IssuerNameStd, &distinguished_name);
   if (status || !distinguished_name.field())
     return false;
 
   base::StringPiece name_piece(
       reinterpret_cast<const char*>(distinguished_name.field()->Data),
       static_cast<size_t>(distinguished_name.field()->Length));
 
   for (std::vector<std::string>::const_iterator it = issuers.begin();
-       it != issuers.end(); ++it) {
+       it != issuers.end();
+       ++it) {
     base::StringPiece issuer_piece(*it);
     if (name_piece == issuer_piece)
       return true;
   }
 
   return false;
 }
 
 void GetCertDateForOID(const x509_util::CSSMCachedCertificate& cached_cert,
                        const CSSM_OID* oid,
                        Time* result) {
   *result = Time::Time();
 
   x509_util::CSSMFieldValue field;
   OSStatus status = cached_cert.GetField(oid, &field);
   if (status)
     return;
 
   const CSSM_X509_TIME* x509_time = field.GetAs<CSSM_X509_TIME>();
   if (x509_time->timeType != BER_TAG_UTC_TIME &&
       x509_time->timeType != BER_TAG_GENERALIZED_TIME) {
-    LOG(ERROR) << "Unsupported date/time format "
-               << x509_time->timeType;
+    LOG(ERROR) << "Unsupported date/time format " << x509_time->timeType;
     return;
   }
 
   base::StringPiece time_string(
       reinterpret_cast<const char*>(x509_time->time.Data),
       x509_time->time.Length);
-  CertDateFormat format = x509_time->timeType == BER_TAG_UTC_TIME ?
-      CERT_DATE_FORMAT_UTC_TIME : CERT_DATE_FORMAT_GENERALIZED_TIME;
+  CertDateFormat format = x509_time->timeType == BER_TAG_UTC_TIME
+                              ? CERT_DATE_FORMAT_UTC_TIME
+                              : CERT_DATE_FORMAT_GENERALIZED_TIME;
   if (!ParseCertificateDate(time_string, format, result))
     LOG(ERROR) << "Invalid certificate date/time " << time_string;
 }
 
 std::string GetCertSerialNumber(
     const x509_util::CSSMCachedCertificate& cached_cert) {
   x509_util::CSSMFieldValue serial_number;
-  OSStatus status = cached_cert.GetField(&CSSMOID_X509V1SerialNumber,
-                                         &serial_number);
+  OSStatus status =
+      cached_cert.GetField(&CSSMOID_X509V1SerialNumber, &serial_number);
   if (status || !serial_number.field())
     return std::string();
 
-  return std::string(
-      reinterpret_cast<const char*>(serial_number.field()->Data),
-      serial_number.field()->Length);
+  return std::string(reinterpret_cast<const char*>(serial_number.field()->Data),
+                     serial_number.field()->Length);
 }
 
 // Returns true if |purpose| is listed as allowed in |usage|. This
 // function also considers the "Any" purpose. If the attribute is
 // present and empty, we return false.
 bool ExtendedKeyUsageAllows(const CE_ExtendedKeyUsage* usage,
                             const CSSM_OID* purpose) {
   for (unsigned p = 0; p < usage->numPurposes; ++p) {
     if (CSSMOIDEqual(&usage->purposes[p], purpose))
       return true;
@@ skipping 16 matching lines @@
 // parsed as a valid X.509 certificate.
 bool IsValidOSCertHandle(SecCertificateRef cert_handle) {
   const CSSM_X509_NAME* sanity_check = NULL;
   OSStatus status = SecCertificateGetSubject(cert_handle, &sanity_check);
   return status == noErr && sanity_check;
 }
 
 // Parses |data| of length |length|, attempting to decode it as the specified
 // |format|. If |data| is in the specified format, any certificates contained
 // within are stored into |output|.
-void AddCertificatesFromBytes(const char* data, size_t length,
+void AddCertificatesFromBytes(const char* data,
+                              size_t length,
                               SecExternalFormat format,
                               X509Certificate::OSCertHandles* output) {
   SecExternalFormat input_format = format;
-  ScopedCFTypeRef<CFDataRef> local_data(CFDataCreateWithBytesNoCopy(
-      kCFAllocatorDefault, reinterpret_cast<const UInt8*>(data), length,
-      kCFAllocatorNull));
+  ScopedCFTypeRef<CFDataRef> local_data(
+      CFDataCreateWithBytesNoCopy(kCFAllocatorDefault,
+                                  reinterpret_cast<const UInt8*>(data),
+                                  length,
+                                  kCFAllocatorNull));
 
   CFArrayRef items = NULL;
   OSStatus status;
   {
     base::AutoLock lock(crypto::GetMacSecurityServicesLock());
-    status = SecKeychainItemImport(local_data, NULL, &input_format,
-                                   NULL, 0, NULL, NULL, &items);
+    status = SecKeychainItemImport(
+        local_data, NULL, &input_format, NULL, 0, NULL, NULL, &items);
   }
 
   if (status) {
     OSSTATUS_DLOG(WARNING, status)
         << "Unable to import items from data of length " << length;
     return;
   }
 
   ScopedCFTypeRef<CFArrayRef> scoped_items(items);
   CFTypeID cert_type_id = SecCertificateGetTypeID();
@@ skipping 24 matching lines @@
       }
     }
   }
 }
 
 }  // namespace
 
 void X509Certificate::Initialize() {
   x509_util::CSSMCachedCertificate cached_cert;
   if (cached_cert.Init(cert_handle_) == CSSM_OK) {
-    GetCertDistinguishedName(cached_cert, &CSSMOID_X509V1SubjectNameStd,
-                             &subject_);
-    GetCertDistinguishedName(cached_cert, &CSSMOID_X509V1IssuerNameStd,
-                             &issuer_);
-    GetCertDateForOID(cached_cert, &CSSMOID_X509V1ValidityNotBefore,
-                      &valid_start_);
-    GetCertDateForOID(cached_cert, &CSSMOID_X509V1ValidityNotAfter,
-                      &valid_expiry_);
+    GetCertDistinguishedName(
+        cached_cert, &CSSMOID_X509V1SubjectNameStd, &subject_);
+    GetCertDistinguishedName(
+        cached_cert, &CSSMOID_X509V1IssuerNameStd, &issuer_);
+    GetCertDateForOID(
+        cached_cert, &CSSMOID_X509V1ValidityNotBefore, &valid_start_);
+    GetCertDateForOID(
+        cached_cert, &CSSMOID_X509V1ValidityNotAfter, &valid_expiry_);
     serial_number_ = GetCertSerialNumber(cached_cert);
   }
 
   fingerprint_ = CalculateFingerprint(cert_handle_);
   ca_fingerprint_ = CalculateCAFingerprint(intermediate_ca_certs_);
 }
 
 bool X509Certificate::IsIssuedByEncoded(
     const std::vector<std::string>& valid_issuers) {
   if (IsCertIssuerInEncodedList(cert_handle_, valid_issuers))
     return true;
 
   for (OSCertHandles::iterator it = intermediate_ca_certs_.begin();
-       it != intermediate_ca_certs_.end(); ++it) {
+       it != intermediate_ca_certs_.end();
+       ++it) {
     if (IsCertIssuerInEncodedList(*it, valid_issuers))
       return true;
   }
   return false;
 }
 
 void X509Certificate::GetSubjectAltName(
     std::vector<std::string>* dns_names,
     std::vector<std::string>* ip_addrs) const {
   if (dns_names)
@@ skipping 17 matching lines @@
       reinterpret_cast<const CE_GeneralNames*>(cssm_ext->value.parsedValue);
 
   for (size_t name = 0; name < alt_name->numNames; ++name) {
     const CE_GeneralName& name_struct = alt_name->generalName[name];
     const CSSM_DATA& name_data = name_struct.name;
     // DNSName and IPAddress are encoded as IA5String and OCTET STRINGs
     // respectively, both of which can be byte copied from
     // CSSM_DATA::data into the appropriate output vector.
     if (dns_names && name_struct.nameType == GNT_DNSName) {
       dns_names->push_back(std::string(
-          reinterpret_cast<const char*>(name_data.Data),
-          name_data.Length));
+          reinterpret_cast<const char*>(name_data.Data), name_data.Length));
     } else if (ip_addrs && name_struct.nameType == GNT_IPAddress) {
       ip_addrs->push_back(std::string(
-          reinterpret_cast<const char*>(name_data.Data),
-          name_data.Length));
+          reinterpret_cast<const char*>(name_data.Data), name_data.Length));
     }
   }
 }
 
 // static
 bool X509Certificate::GetDEREncoded(X509Certificate::OSCertHandle cert_handle,
                                     std::string* encoded) {
   CSSM_DATA der_data;
   if (SecCertificateGetData(cert_handle, &der_data) != noErr)
     return false;
-  encoded->assign(reinterpret_cast<char*>(der_data.Data),
-                  der_data.Length);
+  encoded->assign(reinterpret_cast<char*>(der_data.Data), der_data.Length);
   return true;
 }
 
 // static
 bool X509Certificate::IsSameOSCert(X509Certificate::OSCertHandle a,
                                    X509Certificate::OSCertHandle b) {
   DCHECK(a && b);
   if (a == b)
     return true;
   if (CFEqual(a, b))
     return true;
   CSSM_DATA a_data, b_data;
   return SecCertificateGetData(a, &a_data) == noErr &&
-      SecCertificateGetData(b, &b_data) == noErr &&
-      a_data.Length == b_data.Length &&
-      memcmp(a_data.Data, b_data.Data, a_data.Length) == 0;
+         SecCertificateGetData(b, &b_data) == noErr &&
+         a_data.Length == b_data.Length &&
+         memcmp(a_data.Data, b_data.Data, a_data.Length) == 0;
 }
 
 // static
 X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes(
-    const char* data, int length) {
+    const char* data,
+    int length) {
   CSSM_DATA cert_data;
   cert_data.Data = const_cast<uint8*>(reinterpret_cast<const uint8*>(data));
   cert_data.Length = length;
 
   OSCertHandle cert_handle = NULL;
-  OSStatus status = SecCertificateCreateFromData(&cert_data,
-                                                 CSSM_CERT_X_509v3,
-                                                 CSSM_CERT_ENCODING_DER,
-                                                 &cert_handle);
+  OSStatus status = SecCertificateCreateFromData(
+      &cert_data, CSSM_CERT_X_509v3, CSSM_CERT_ENCODING_DER, &cert_handle);
   if (status != noErr)
     return NULL;
   if (!IsValidOSCertHandle(cert_handle)) {
     CFRelease(cert_handle);
     return NULL;
   }
   return cert_handle;
 }
 
 // static
 X509Certificate::OSCertHandles X509Certificate::CreateOSCertHandlesFromBytes(
-    const char* data, int length, Format format) {
+    const char* data,
+    int length,
+    Format format) {
   OSCertHandles results;
 
   switch (format) {
     case FORMAT_SINGLE_CERTIFICATE: {
       OSCertHandle handle = CreateOSCertHandleFromBytes(data, length);
       if (handle)
         results.push_back(handle);
       break;
     }
     case FORMAT_PKCS7:
@@ skipping 14 matching lines @@
     return NULL;
   return reinterpret_cast<OSCertHandle>(const_cast<void*>(CFRetain(handle)));
 }
 
 // static
 void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) {
   CFRelease(cert_handle);
 }
 
 // static
-SHA1HashValue X509Certificate::CalculateFingerprint(
-    OSCertHandle cert) {
+SHA1HashValue X509Certificate::CalculateFingerprint(OSCertHandle cert) {
   SHA1HashValue sha1;
   memset(sha1.data, 0, sizeof(sha1.data));
 
   CSSM_DATA cert_data;
   OSStatus status = SecCertificateGetData(cert, &cert_data);
   if (status)
     return sha1;
 
   DCHECK(cert_data.Data);
   DCHECK_NE(cert_data.Length, 0U);
@@ skipping 56 matching lines @@
     const CE_ExtendedKeyUsage* ext_key_usage =
         reinterpret_cast<const CE_ExtendedKeyUsage*>(ext->value.parsedValue);
     if (!ExtendedKeyUsageAllows(ext_key_usage, &CSSMOID_ClientAuth))
       return false;
   }
   return true;
 }
 
 CFArrayRef X509Certificate::CreateOSCertChainForCert() const {
   CFMutableArrayRef cert_list =
-      CFArrayCreateMutable(kCFAllocatorDefault, 0,
-                           &kCFTypeArrayCallBacks);
+      CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks);
   if (!cert_list)
     return NULL;
 
   CFArrayAppendValue(cert_list, os_cert_handle());
   for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i)
     CFArrayAppendValue(cert_list, intermediate_ca_certs_[i]);
 
   return cert_list;
 }
 
 // static
-X509Certificate::OSCertHandle
-X509Certificate::ReadOSCertHandleFromPickle(PickleIterator* pickle_iter) {
+X509Certificate::OSCertHandle X509Certificate::ReadOSCertHandleFromPickle(
+    PickleIterator* pickle_iter) {
   const char* data;
   int length;
   if (!pickle_iter->ReadData(&data, &length))
     return NULL;
 
   return CreateOSCertHandleFromBytes(data, length);
 }
 
 // static
 bool X509Certificate::WriteOSCertHandleToPickle(OSCertHandle cert_handle,
@@ skipping 46 matching lines @@
       *type = kPublicKeyTypeDH;
       break;
     default:
       *type = kPublicKeyTypeUnknown;
       *size_bits = 0;
       break;
   }
 }
 
 }  // namespace net