Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(86)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/x509_certificate_openssl.cc

Issue 2728303005: Don't use crypto/x509 in SSLClientSocketImpl. (Closed)
Patch Set: fix ios Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_impl.h » ('j') | net/socket/ssl_client_socket_impl.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/x509_certificate.h" 5 #include "net/cert/x509_certificate.h"
6 6
7 #include "base/macros.h" 7 #include "base/macros.h"
8 #include "base/memory/singleton.h" 8 #include "base/memory/singleton.h"
9 #include "base/numerics/safe_conversions.h" 9 #include "base/numerics/safe_conversions.h"
10 #include "base/pickle.h" 10 #include "base/pickle.h"
11 #include "base/sha1.h" 11 #include "base/sha1.h"
12 #include "base/strings/string_number_conversions.h" 12 #include "base/strings/string_number_conversions.h"
13 #include "base/strings/string_piece.h" 13 #include "base/strings/string_piece.h"
14 #include "base/strings/string_util.h" 14 #include "base/strings/string_util.h"
15 #include "crypto/openssl_util.h" 15 #include "crypto/openssl_util.h"
16 #include "net/base/ip_address.h" 16 #include "net/base/ip_address.h"
17 #include "net/base/net_errors.h" 17 #include "net/base/net_errors.h"
18 #include "net/cert/x509_util.h"
18 #include "net/cert/x509_util_openssl.h" 19 #include "net/cert/x509_util_openssl.h"
19 #include "third_party/boringssl/src/include/openssl/asn1.h" 20 #include "third_party/boringssl/src/include/openssl/asn1.h"
20 #include "third_party/boringssl/src/include/openssl/bytestring.h" 21 #include "third_party/boringssl/src/include/openssl/bytestring.h"
21 #include "third_party/boringssl/src/include/openssl/crypto.h" 22 #include "third_party/boringssl/src/include/openssl/crypto.h"
22 #include "third_party/boringssl/src/include/openssl/obj_mac.h" 23 #include "third_party/boringssl/src/include/openssl/obj_mac.h"
23 #include "third_party/boringssl/src/include/openssl/pem.h" 24 #include "third_party/boringssl/src/include/openssl/pem.h"
24 #include "third_party/boringssl/src/include/openssl/sha.h" 25 #include "third_party/boringssl/src/include/openssl/sha.h"
25 #include "third_party/boringssl/src/include/openssl/ssl.h" 26 #include "third_party/boringssl/src/include/openssl/ssl.h"
26 #include "third_party/boringssl/src/include/openssl/x509v3.h" 27 #include "third_party/boringssl/src/include/openssl/x509v3.h"
27 28
(...skipping 210 matching lines...) Expand 10 before | Expand all | Expand 10 after
238 SHA256_Final(sha256.data, &sha256_ctx); 239 SHA256_Final(sha256.data, &sha256_ctx);
239 240
240 return sha256; 241 return sha256;
241 } 242 }
242 243
243 // static 244 // static
244 X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes( 245 X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes(
245 const char* data, 246 const char* data,
246 size_t length) { 247 size_t length) {
247 crypto::EnsureOpenSSLInit(); 248 crypto::EnsureOpenSSLInit();
248 const unsigned char* d2i_data = 249 bssl::UniquePtr<CRYPTO_BUFFER> buffer = x509_util::CreateCryptoBuffer(
249 reinterpret_cast<const unsigned char*>(data); 250 reinterpret_cast<const uint8_t*>(data), length);
250 // Don't cache this data for x509_util::GetDER as this wire format 251 return X509_parse_from_buffer(buffer.get());
251 // may be not be identical from the i2d_X509 roundtrip.
252 X509* cert = d2i_X509(NULL, &d2i_data, base::checked_cast<long>(length));
253 return cert;
254 } 252 }
255 253
256 // static 254 // static
257 X509Certificate::OSCertHandles X509Certificate::CreateOSCertHandlesFromBytes( 255 X509Certificate::OSCertHandles X509Certificate::CreateOSCertHandlesFromBytes(
258 const char* data, 256 const char* data,
259 size_t length, 257 size_t length,
260 Format format) { 258 Format format) {
261 OSCertHandles results; 259 OSCertHandles results;
262 260
263 switch (format) { 261 switch (format) {
(...skipping 186 matching lines...) Expand 10 before | Expand all | Expand 10 after
450 bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) { 448 bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) {
451 bssl::UniquePtr<EVP_PKEY> scoped_key(X509_get_pubkey(cert_handle)); 449 bssl::UniquePtr<EVP_PKEY> scoped_key(X509_get_pubkey(cert_handle));
452 if (!scoped_key) 450 if (!scoped_key)
453 return false; 451 return false;
454 if (!X509_verify(cert_handle, scoped_key.get())) 452 if (!X509_verify(cert_handle, scoped_key.get()))
455 return false; 453 return false;
456 return X509_check_issued(cert_handle, cert_handle) == X509_V_OK; 454 return X509_check_issued(cert_handle, cert_handle) == X509_V_OK;
457 } 455 }
458 456
459 } // namespace net 457 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/socket/ssl_client_socket_impl.h » ('j') | net/socket/ssl_client_socket_impl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698