Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(343)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/ct_objects_extractor_nss.cc

Issue 266243004: Clang format slam. Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/base/mime_util_unittest.cc ('K') | « net/cert/ct_log_verifier_openssl.cc ('k') | net/cert/ct_objects_extractor_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/ct_objects_extractor_nss.cc
diff --git a/net/cert/ct_objects_extractor_nss.cc b/net/cert/ct_objects_extractor_nss.cc
index c29b34c10c63aba50acc8850d754412947fc7c76..bbc8ba4637761ab9a20b085bab6cde609a4c07d8 100644
--- a/net/cert/ct_objects_extractor_nss.cc
+++ b/net/cert/ct_objects_extractor_nss.cc
@@ -76,19 +76,16 @@ const unsigned char kOCSPExtensionOid[] = {0x2B, 0x06, 0x01, 0x04, 0x01,
0xD6, 0x79, 0x02, 0x04, 0x05};
const SECItem kOCSPExtensionOidItem = {
- siBuffer, const_cast<unsigned char*>(kOCSPExtensionOid),
- sizeof(kOCSPExtensionOid)
-};
+ siBuffer, const_cast<unsigned char*>(kOCSPExtensionOid),
+ sizeof(kOCSPExtensionOid)};
// id-ad-ocsp: 1.3.6.1.5.5.7.48.1.1
const unsigned char kBasicOCSPResponseOid[] = {0x2B, 0x06, 0x01, 0x05, 0x05,
0x07, 0x30, 0x01, 0x01};
const SECItem kBasicOCSPResponseOidItem = {
- siBuffer, const_cast<unsigned char*>(kBasicOCSPResponseOid),
- sizeof(kBasicOCSPResponseOid)
-};
-
+ siBuffer, const_cast<unsigned char*>(kBasicOCSPResponseOid),
+ sizeof(kBasicOCSPResponseOid)};
// Initializes the necessary NSS internals for use with Certificate
// Transparency.
@@ -151,7 +148,7 @@ bool GetCertOctetStringExtension(CERTCertificate* cert,
extension.len);
base::StringPiece parsed_data;
if (!asn1::GetElement(&raw_data, asn1::kOCTETSTRING, &parsed_data) ||
- raw_data.size() > 0) { // Decoding failure or raw data left
+ raw_data.size() > 0) { // Decoding failure or raw data left
rv = SECFailure;
} else {
parsed_data.CopyToString(extension_data);
@@ -191,9 +188,8 @@ bool GetSCTListFromOCSPExtension(PLArenaPool* arena,
SECItem contents;
// SEC_QuickDERDecodeItem sets |contents| to point to |match|, so it is not
// necessary to free the contents of |contents|.
- SECStatus rv = SEC_QuickDERDecodeItem(arena, &contents,
- SEC_ASN1_GET(SEC_OctetStringTemplate),
- &match->value);
+ SECStatus rv = SEC_QuickDERDecodeItem(
+ arena, &contents, SEC_ASN1_GET(SEC_OctetStringTemplate), &match->value);
if (rv != SECSuccess)
return false;
@@ -262,11 +258,10 @@ struct ResponseBytes {
};
const SEC_ASN1Template kResponseBytesTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(ResponseBytes) },
- { SEC_ASN1_OBJECT_ID, offsetof(ResponseBytes, response_type) },
- { SEC_ASN1_OCTET_STRING, offsetof(ResponseBytes, der_response) },
- { 0 }
-};
+ {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(ResponseBytes)},
+ {SEC_ASN1_OBJECT_ID, offsetof(ResponseBytes, response_type)},
+ {SEC_ASN1_OCTET_STRING, offsetof(ResponseBytes, der_response)},
+ {0}};
// OCSPResponse ::= SEQUENCE {
// responseStatus OCSPResponseStatus,
@@ -279,17 +274,15 @@ struct OCSPResponse {
};
const SEC_ASN1Template kPointerToResponseBytesTemplate[] = {
- { SEC_ASN1_POINTER, 0, kResponseBytesTemplate }
-};
+ {SEC_ASN1_POINTER, 0, kResponseBytesTemplate}};
const SEC_ASN1Template kOCSPResponseTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(OCSPResponse) },
- { SEC_ASN1_ENUMERATED, offsetof(OCSPResponse, response_status) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(OCSPResponse, response_bytes),
- kPointerToResponseBytesTemplate },
- { 0 }
-};
+ {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(OCSPResponse)},
+ {SEC_ASN1_ENUMERATED, offsetof(OCSPResponse, response_status)},
+ {SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | 0,
+ offsetof(OCSPResponse, response_bytes), kPointerToResponseBytesTemplate},
+ {0}};
// CertID ::= SEQUENCE {
// hashAlgorithm AlgorithmIdentifier,
@@ -304,14 +297,13 @@ struct CertID {
};
const SEC_ASN1Template kCertIDTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CertID) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(CertID, hash_algorithm),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING, offsetof(CertID, issuer_name_hash) },
- { SEC_ASN1_OCTET_STRING, offsetof(CertID, issuer_key_hash) },
- { SEC_ASN1_INTEGER, offsetof(CertID, serial_number) },
- { 0 }
-};
+ {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CertID)},
+ {SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(CertID, hash_algorithm),
+ SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate)},
+ {SEC_ASN1_OCTET_STRING, offsetof(CertID, issuer_name_hash)},
+ {SEC_ASN1_OCTET_STRING, offsetof(CertID, issuer_key_hash)},
+ {SEC_ASN1_INTEGER, offsetof(CertID, serial_number)},
+ {0}};
// SingleResponse ::= SEQUENCE {
// certID CertID,
@@ -329,23 +321,22 @@ struct SingleResponse {
};
const SEC_ASN1Template kSingleResponseTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SingleResponse) },
- { SEC_ASN1_INLINE, offsetof(SingleResponse, cert_id), kCertIDTemplate },
- // Really a CHOICE but we make it an ANY because we don't care about the
- // contents of this field.
- // TODO(ekasper): use SEC_ASN1_CHOICE.
- { SEC_ASN1_ANY, offsetof(SingleResponse, der_cert_status) },
- { SEC_ASN1_GENERALIZED_TIME, offsetof(SingleResponse, this_update) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(SingleResponse, next_update),
- SEC_ASN1_SUB(SEC_GeneralizedTimeTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
- offsetof(SingleResponse, single_extensions),
- SEC_ASN1_SUB(CERT_SequenceOfCertExtensionTemplate) },
- { 0 }
-};
+ {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SingleResponse)},
+ {SEC_ASN1_INLINE, offsetof(SingleResponse, cert_id), kCertIDTemplate},
+ // Really a CHOICE but we make it an ANY because we don't care about the
+ // contents of this field.
+ // TODO(ekasper): use SEC_ASN1_CHOICE.
+ {SEC_ASN1_ANY, offsetof(SingleResponse, der_cert_status)},
+ {SEC_ASN1_GENERALIZED_TIME, offsetof(SingleResponse, this_update)},
+ {SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(SingleResponse, next_update),
+ SEC_ASN1_SUB(SEC_GeneralizedTimeTemplate)},
+ {SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
+ offsetof(SingleResponse, single_extensions),
+ SEC_ASN1_SUB(CERT_SequenceOfCertExtensionTemplate)},
+ {0}};
// ResponseData ::= SEQUENCE {
// version [0] EXPLICIT Version DEFAULT v1,
@@ -363,20 +354,19 @@ struct ResponseData {
};
const SEC_ASN1Template kResponseDataTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(ResponseData) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(ResponseData, version), SEC_ASN1_SUB(SEC_IntegerTemplate) },
- // Really a CHOICE but we make it an ANY because we don't care about the
- // contents of this field.
- // TODO(ekasper): use SEC_ASN1_CHOICE.
- { SEC_ASN1_ANY, offsetof(ResponseData, der_responder_id) },
- { SEC_ASN1_GENERALIZED_TIME, offsetof(ResponseData, produced_at) },
- { SEC_ASN1_SEQUENCE_OF, offsetof(ResponseData, single_responses),
- kSingleResponseTemplate },
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
+ {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(ResponseData)},
+ {SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
+ SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
+ offsetof(ResponseData, version), SEC_ASN1_SUB(SEC_IntegerTemplate)},
+ // Really a CHOICE but we make it an ANY because we don't care about the
+ // contents of this field.
+ // TODO(ekasper): use SEC_ASN1_CHOICE.
+ {SEC_ASN1_ANY, offsetof(ResponseData, der_responder_id)},
+ {SEC_ASN1_GENERALIZED_TIME, offsetof(ResponseData, produced_at)},
+ {SEC_ASN1_SEQUENCE_OF, offsetof(ResponseData, single_responses),
+ kSingleResponseTemplate},
+ {SEC_ASN1_SKIP_REST},
+ {0}};
// BasicOCSPResponse ::= SEQUENCE {
// tbsResponseData ResponseData,
@@ -389,12 +379,11 @@ struct BasicOCSPResponse {
};
const SEC_ASN1Template kBasicOCSPResponseTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(BasicOCSPResponse) },
- { SEC_ASN1_INLINE, offsetof(BasicOCSPResponse, tbs_response_data),
- kResponseDataTemplate },
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
+ {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(BasicOCSPResponse)},
+ {SEC_ASN1_INLINE, offsetof(BasicOCSPResponse, tbs_response_data),
+ kResponseDataTemplate},
+ {SEC_ASN1_SKIP_REST},
+ {0}};
bool StringEqualToSECItem(const std::string& value1, const SECItem& value2) {
if (value1.size() != value2.len)
@@ -433,9 +422,8 @@ bool ExtractEmbeddedSCTList(X509Certificate::OSCertHandle cert,
if (!leaf_cert.cert)
return false;
- return GetCertOctetStringExtension(leaf_cert.cert.get(),
- g_ct_singleton.Get().embedded_oid(),
- sct_list);
+ return GetCertOctetStringExtension(
+ leaf_cert.cert.get(), g_ct_singleton.Get().embedded_oid(), sct_list);
}
bool GetPrecertLogEntry(X509Certificate::OSCertHandle leaf,
@@ -530,16 +518,15 @@ bool ExtractSCTListFromOCSPResponse(X509Certificate::OSCertHandle issuer,
OCSPResponse response;
memset(&response, 0, sizeof(response));
- SECItem src = { siBuffer,
- reinterpret_cast<unsigned char*>(const_cast<char*>(
- ocsp_response.data())),
- static_cast<unsigned int>(ocsp_response.size()) };
+ SECItem src = {siBuffer, reinterpret_cast<unsigned char*>(
+ const_cast<char*>(ocsp_response.data())),
+ static_cast<unsigned int>(ocsp_response.size())};
// |response| will point directly into |src|, so it's not necessary to
// free the |response| contents, but they may only be used while |src|
// is valid (i.e., in this method).
- SECStatus rv = SEC_QuickDERDecodeItem(arena.get(), &response,
- kOCSPResponseTemplate, &src);
+ SECStatus rv = SEC_QuickDERDecodeItem(
+ arena.get(), &response, kOCSPResponseTemplate, &src);
if (rv != SECSuccess)
return false;
@@ -554,7 +541,8 @@ bool ExtractSCTListFromOCSPResponse(X509Certificate::OSCertHandle issuer,
BasicOCSPResponse basic_response;
memset(&basic_response, 0, sizeof(basic_response));
- rv = SEC_QuickDERDecodeItem(arena.get(), &basic_response,
+ rv = SEC_QuickDERDecodeItem(arena.get(),
+ &basic_response,
kBasicOCSPResponseTemplate,
&response.response_bytes->der_response);
if (rv != SECSuccess)
@@ -592,14 +580,16 @@ bool ExtractSCTListFromOCSPResponse(X509Certificate::OSCertHandle issuer,
// necessary.
// TODO(ekasper): only compute the hashes on demand.
std::string issuer_key_sha256_hash = crypto::SHA256HashString(issuer_spk);
- std::string issuer_key_sha1_hash = base::SHA1HashString(
- issuer_spk.as_string());
+ std::string issuer_key_sha1_hash =
+ base::SHA1HashString(issuer_spk.as_string());
const SingleResponse* match = NULL;
for (const SingleResponse* const* resps = responses; *resps; ++resps) {
const SingleResponse* resp = *resps;
- if (CertIDMatches(resp->cert_id, cert_serial_number,
- issuer_key_sha1_hash, issuer_key_sha256_hash)) {
+ if (CertIDMatches(resp->cert_id,
+ cert_serial_number,
+ issuer_key_sha1_hash,
+ issuer_key_sha256_hash)) {
match = resp;
break;
}
@@ -608,8 +598,8 @@ bool ExtractSCTListFromOCSPResponse(X509Certificate::OSCertHandle issuer,
if (!match)
return false;
- return GetSCTListFromOCSPExtension(arena.get(), match->single_extensions,
- sct_list);
+ return GetSCTListFromOCSPExtension(
+ arena.get(), match->single_extensions, sct_list);
}
} // namespace ct
« net/base/mime_util_unittest.cc ('K') | « net/cert/ct_log_verifier_openssl.cc ('k') | net/cert/ct_objects_extractor_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698