OLD | NEW |
1 // Copyright (c) 2016 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
6 | 6 |
7 #include <CommonCrypto/CommonDigest.h> | 7 #include <CommonCrypto/CommonDigest.h> |
8 #include <Security/Security.h> | 8 #include <Security/Security.h> |
9 | 9 |
10 #include "base/mac/scoped_cftyperef.h" | 10 #include "base/mac/scoped_cftyperef.h" |
(...skipping 340 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
351 case EVP_PKEY_EC: | 351 case EVP_PKEY_EC: |
352 *type = kPublicKeyTypeECDSA; | 352 *type = kPublicKeyTypeECDSA; |
353 break; | 353 break; |
354 case EVP_PKEY_DH: | 354 case EVP_PKEY_DH: |
355 *type = kPublicKeyTypeDH; | 355 *type = kPublicKeyTypeDH; |
356 break; | 356 break; |
357 } | 357 } |
358 *size_bits = EVP_PKEY_bits(key); | 358 *size_bits = EVP_PKEY_bits(key); |
359 } | 359 } |
360 | 360 |
361 // static | |
362 X509Certificate::SignatureHashAlgorithm | |
363 X509Certificate::GetSignatureHashAlgorithm(OSCertHandle cert_handle) { | |
364 bssl::UniquePtr<X509> cert = OSCertHandleToOpenSSL(cert_handle); | |
365 if (!cert) | |
366 return kSignatureHashAlgorithmOther; | |
367 | |
368 // TODO(eroman): This duplicates code with x509_certificate_openssl.cc | |
369 int sig_alg = OBJ_obj2nid(cert->sig_alg->algorithm); | |
370 if (sig_alg == NID_md2WithRSAEncryption) | |
371 return kSignatureHashAlgorithmMd2; | |
372 if (sig_alg == NID_md4WithRSAEncryption) | |
373 return kSignatureHashAlgorithmMd4; | |
374 if (sig_alg == NID_md5WithRSAEncryption || sig_alg == NID_md5WithRSA) | |
375 return kSignatureHashAlgorithmMd5; | |
376 if (sig_alg == NID_sha1WithRSAEncryption || sig_alg == NID_dsaWithSHA || | |
377 sig_alg == NID_dsaWithSHA1 || sig_alg == NID_dsaWithSHA1_2 || | |
378 sig_alg == NID_sha1WithRSA || sig_alg == NID_ecdsa_with_SHA1) { | |
379 return kSignatureHashAlgorithmSha1; | |
380 } | |
381 return kSignatureHashAlgorithmOther; | |
382 } | |
383 | |
384 bool X509Certificate::SupportsSSLClientAuth() const { | 361 bool X509Certificate::SupportsSSLClientAuth() const { |
385 return false; | 362 return false; |
386 } | 363 } |
387 | 364 |
388 CFMutableArrayRef X509Certificate::CreateOSCertChainForCert() const { | 365 CFMutableArrayRef X509Certificate::CreateOSCertChainForCert() const { |
389 CFMutableArrayRef cert_list = | 366 CFMutableArrayRef cert_list = |
390 CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks); | 367 CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks); |
391 if (!cert_list) | 368 if (!cert_list) |
392 return nullptr; | 369 return nullptr; |
393 | 370 |
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
460 return false; | 437 return false; |
461 bssl::UniquePtr<EVP_PKEY> scoped_key(X509_get_pubkey(cert.get())); | 438 bssl::UniquePtr<EVP_PKEY> scoped_key(X509_get_pubkey(cert.get())); |
462 if (!scoped_key) | 439 if (!scoped_key) |
463 return false; | 440 return false; |
464 if (!X509_verify(cert.get(), scoped_key.get())) | 441 if (!X509_verify(cert.get(), scoped_key.get())) |
465 return false; | 442 return false; |
466 return X509_check_issued(cert.get(), cert.get()) == X509_V_OK; | 443 return X509_check_issued(cert.get(), cert.get()) == X509_V_OK; |
467 } | 444 } |
468 | 445 |
469 } // namespace net | 446 } // namespace net |
OLD | NEW |