Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(57)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/tools/cert_verify_tool/verify_using_path_builder.cc

Issue 2759023002: Improvements to the net/cert/internal error handling. (Closed)
Patch Set: fix comment Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/data/verify_certificate_chain_unittest/violates-pathlen-1-constrained-root.pem ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/tools/cert_verify_tool/verify_using_path_builder.h" 5 #include "net/tools/cert_verify_tool/verify_using_path_builder.h"
6 6
7 #include <iostream> 7 #include <iostream>
8 8
9 #include "base/memory/ptr_util.h" 9 #include "base/memory/ptr_util.h"
10 #include "base/strings/string_number_conversions.h" 10 #include "base/strings/string_number_conversions.h"
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after
127 if (!net::ParseNameValue(trust_anchor->normalized_subject(), &parsed_subject)) 127 if (!net::ParseNameValue(trust_anchor->normalized_subject(), &parsed_subject))
128 return std::string(); 128 return std::string();
129 return SubjectToString(parsed_subject); 129 return SubjectToString(parsed_subject);
130 } 130 }
131 131
132 // Dumps a ResultPath to std::cout. 132 // Dumps a ResultPath to std::cout.
133 void PrintResultPath(const net::CertPathBuilder::ResultPath* result_path, 133 void PrintResultPath(const net::CertPathBuilder::ResultPath* result_path,
134 size_t index, 134 size_t index,
135 bool is_best) { 135 bool is_best) {
136 std::cout << "path " << index << " " 136 std::cout << "path " << index << " "
137 << (result_path->valid ? "valid" : "invalid") 137 << (result_path->IsValid() ? "valid" : "invalid")
138 << (is_best ? " (best)" : "") << "\n"; 138 << (is_best ? " (best)" : "") << "\n";
139 139
140 // Print the certificate chain. 140 // Print the certificate chain.
141 for (const auto& cert : result_path->path.certs) { 141 for (const auto& cert : result_path->path.certs) {
142 std::cout << " " << FingerPrintParsedCertificate(cert.get()) << " " 142 std::cout << " " << FingerPrintParsedCertificate(cert.get()) << " "
143 << SubjectFromParsedCertificate(cert.get()) << "\n"; 143 << SubjectFromParsedCertificate(cert.get()) << "\n";
144 } 144 }
145 145
146 // Print the trust anchor (if there was one). 146 // Print the trust anchor (if there was one).
147 const auto& trust_anchor = result_path->path.trust_anchor; 147 const auto& trust_anchor = result_path->path.trust_anchor;
148 if (trust_anchor) { 148 if (trust_anchor) {
149 std::string trust_anchor_cert_fingerprint = "<no cert>"; 149 std::string trust_anchor_cert_fingerprint = "<no cert>";
150 if (trust_anchor->cert()) { 150 if (trust_anchor->cert()) {
151 trust_anchor_cert_fingerprint = 151 trust_anchor_cert_fingerprint =
152 FingerPrintParsedCertificate(trust_anchor->cert().get()); 152 FingerPrintParsedCertificate(trust_anchor->cert().get());
153 } 153 }
154 std::cout << " " << trust_anchor_cert_fingerprint << " " 154 std::cout << " " << trust_anchor_cert_fingerprint << " "
155 << SubjectFromTrustAnchor(trust_anchor.get()) << "\n"; 155 << SubjectFromTrustAnchor(trust_anchor.get()) << "\n";
156 } 156 }
157 157
158 // Print the errors. 158 // Print the errors/warnings if there were any.
159 if (!result_path->errors.empty()) { 159 std::string errors_str =
160 result_path->errors.ToDebugString(result_path->path.certs);
161 if (!errors_str.empty()) {
160 std::cout << "Errors:\n"; 162 std::cout << "Errors:\n";
161 std::cout << result_path->errors.ToDebugString() << "\n"; 163 std::cout << errors_str << "\n";
162 } 164 }
163 } 165 }
164 166
165 scoped_refptr<net::ParsedCertificate> ParseCertificate(const CertInput& input) { 167 scoped_refptr<net::ParsedCertificate> ParseCertificate(const CertInput& input) {
166 net::CertErrors errors; 168 net::CertErrors errors;
167 scoped_refptr<net::ParsedCertificate> cert = net::ParsedCertificate::Create( 169 scoped_refptr<net::ParsedCertificate> cert = net::ParsedCertificate::Create(
168 net::x509_util::CreateCryptoBuffer(input.der_cert), {}, &errors); 170 net::x509_util::CreateCryptoBuffer(input.der_cert), {}, &errors);
169 if (!cert) { 171 if (!cert) {
170 PrintCertError("ERROR: ParsedCertificate failed:", input); 172 PrintCertError("ERROR: ParsedCertificate failed:", input);
171 std::cout << errors.ToDebugString() << "\n"; 173 std::cout << errors.ToDebugString() << "\n";
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after
314 if (!DumpParsedCertificateChain( 316 if (!DumpParsedCertificateChain(
315 dump_prefix_path.AddExtension( 317 dump_prefix_path.AddExtension(
316 FILE_PATH_LITERAL(".CertPathBuilder.pem")), 318 FILE_PATH_LITERAL(".CertPathBuilder.pem")),
317 result.paths[result.best_result_index]->path)) { 319 result.paths[result.best_result_index]->path)) {
318 return false; 320 return false;
319 } 321 }
320 } 322 }
321 323
322 return result.HasValidPath(); 324 return result.HasValidPath();
323 } 325 }
OLDNEW
« no previous file with comments | « net/data/verify_certificate_chain_unittest/violates-pathlen-1-constrained-root.pem ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698