Chromium Code Reviews Chromium Code Reviews
Issue 2694903006:
Restore SSL_SESSION/X509Certificate X509* sharing (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/x509_util_openssl.h" | 5 #include "net/cert/x509_util_openssl.h" |
| 6 | 6 |
| 7 #include <limits.h> | 7 #include <limits.h> |
| 8 | 8 |
| 9 #include <algorithm> | 9 #include <algorithm> |
| 10 #include <memory> | 10 #include <memory> |
| (...skipping 253 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 264 | 264 |
| 265 base::StringPiece str_date(reinterpret_cast<const char*>(x509_time->data), | 265 base::StringPiece str_date(reinterpret_cast<const char*>(x509_time->data), |
| 266 x509_time->length); | 266 x509_time->length); |
| 267 | 267 |
| 268 CertDateFormat format = x509_time->type == V_ASN1_UTCTIME ? | 268 CertDateFormat format = x509_time->type == V_ASN1_UTCTIME ? |
| 269 CERT_DATE_FORMAT_UTC_TIME : CERT_DATE_FORMAT_GENERALIZED_TIME; | 269 CERT_DATE_FORMAT_UTC_TIME : CERT_DATE_FORMAT_GENERALIZED_TIME; |
| 270 return ParseCertificateDate(str_date, format, time); | 270 return ParseCertificateDate(str_date, format, time); |
| 271 } | 271 } |
| 272 | 272 |
| 273 // Returns true if |der_cache| points to valid data, false otherwise. | 273 // Returns true if |der_cache| points to valid data, false otherwise. |
| 274 // (note: the DER-encoded data in |der_cache| is owned by |cert|, callers should | 274 // (note: the DER-encoded data in |der_cache| is owned by |cert|, callers should |
|
xunjieli
2017/02/21 15:54:05
nit: maybe update the comment. "|cert|" isn't pres
davidben
2017/02/28 00:17:42
Done.
| |
| 275 // not free it). | 275 // not free it). |
| 276 bool GetDER(X509* x509, base::StringPiece* der_cache) { | 276 bool GetDER(X509* x509, base::StringPiece* der_cache) { |
| 277 if (x509->buf) { | |
| 278 *der_cache = base::StringPiece( | |
| 279 reinterpret_cast<const char*>(CRYPTO_BUFFER_data(x509->buf)), | |
| 280 CRYPTO_BUFFER_len(x509->buf)); | |
| 281 return true; | |
| 282 } | |
| 283 | |
| 277 int x509_der_cache_index = | 284 int x509_der_cache_index = |
| 278 g_der_cache_singleton.Get().der_cache_ex_index(); | 285 g_der_cache_singleton.Get().der_cache_ex_index(); |
| 279 | 286 |
| 280 // Re-encoding the DER data via i2d_X509 is an expensive operation, | 287 // Re-encoding the DER data via i2d_X509 is an expensive operation, |
| 281 // but it's necessary for comparing two certificates. Re-encode at | 288 // but it's necessary for comparing two certificates. Re-encode at |
| 282 // most once per certificate and cache the data within the X509 cert | 289 // most once per certificate and cache the data within the X509 cert |
| 283 // using X509_set_ex_data. | 290 // using X509_set_ex_data. |
| 284 DERCache* internal_cache = static_cast<DERCache*>( | 291 DERCache* internal_cache = static_cast<DERCache*>( |
| 285 X509_get_ex_data(x509, x509_der_cache_index)); | 292 X509_get_ex_data(x509, x509_der_cache_index)); |
| 286 if (!internal_cache) { | 293 if (!internal_cache) { |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 343 | 350 |
| 344 digest.resize(out_size); | 351 digest.resize(out_size); |
| 345 token->assign(kChannelBindingPrefix); | 352 token->assign(kChannelBindingPrefix); |
| 346 token->append(digest.begin(), digest.end()); | 353 token->append(digest.begin(), digest.end()); |
| 347 return true; | 354 return true; |
| 348 } | 355 } |
| 349 | 356 |
| 350 } // namespace x509_util | 357 } // namespace x509_util |
| 351 | 358 |
| 352 } // namespace net | 359 } // namespace net |
| OLD | NEW |
