Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(356)

Unified Diff: net/base/x509_certificate_nss.cc

Issue 2812064: Revert 52799 - Add support for parsing certificate formats other than raw, DE... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 10 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/base/x509_certificate_nss.cc
===================================================================
--- net/base/x509_certificate_nss.cc (revision 52800)
+++ net/base/x509_certificate_nss.cc (working copy)
@@ -16,7 +16,6 @@
#include "base/logging.h"
#include "base/pickle.h"
-#include "base/scoped_ptr.h"
#include "base/time.h"
#include "base/nss_util.h"
#include "net/base/cert_status_flags.h"
@@ -572,22 +571,6 @@
return false;
}
-SECStatus PR_CALLBACK
-CollectCertsCallback(void* arg, SECItem** certs, int num_certs) {
- X509Certificate::OSCertHandles* results =
- reinterpret_cast<X509Certificate::OSCertHandles*>(arg);
-
- for (int i = 0; i < num_certs; ++i) {
- X509Certificate::OSCertHandle handle =
- X509Certificate::CreateOSCertHandleFromBytes(
- reinterpret_cast<char*>(certs[i]->data), certs[i]->len);
- if (handle)
- results->push_back(handle);
- }
-
- return SECSuccess;
-}
-
} // namespace
void X509Certificate::Initialize() {
@@ -738,62 +721,24 @@
// static
X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes(
const char* data, int length) {
- if (length < 0)
- return NULL;
-
base::EnsureNSSInit();
if (!NSS_IsInitialized())
return NULL;
- SECItem der_cert;
- der_cert.data = reinterpret_cast<unsigned char*>(const_cast<char*>(data));
- der_cert.len = length;
- der_cert.type = siDERCertBuffer;
+ // Make a copy of |data| since CERT_DecodeCertPackage might modify it.
+ char* data_copy = new char[length];
+ memcpy(data_copy, data, length);
// Parse into a certificate structure.
- return CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &der_cert, NULL,
- PR_FALSE, PR_TRUE);
+ CERTCertificate* cert = CERT_DecodeCertFromPackage(data_copy, length);
+ delete [] data_copy;
+ if (!cert)
+ LOG(ERROR) << "Couldn't parse a certificate from " << length << " bytes";
+ return cert;
}
// static
-X509Certificate::OSCertHandles X509Certificate::CreateOSCertHandlesFromBytes(
- const char* data, int length, Format format) {
- OSCertHandles results;
- if (length < 0)
- return results;
-
- base::EnsureNSSInit();
-
- if (!NSS_IsInitialized())
- return results;
-
- switch (format) {
- case FORMAT_DER: {
- OSCertHandle handle = CreateOSCertHandleFromBytes(data, length);
- if (handle)
- results.push_back(handle);
- break;
- }
- case FORMAT_PKCS7: {
- // Make a copy since CERT_DecodeCertPackage may modify it
- std::vector<char> data_copy(data, data + length);
-
- SECStatus result = CERT_DecodeCertPackage(&data_copy[0],
- length, CollectCertsCallback, &results);
- if (result != SECSuccess)
- results.clear();
- break;
- }
- default:
- NOTREACHED() << "Certificate format " << format << " unimplemented";
- break;
- }
-
- return results;
-}
-
-// static
X509Certificate::OSCertHandle X509Certificate::DupOSCertHandle(
OSCertHandle cert_handle) {
return CERT_DupCertificate(cert_handle);

Powered by Google App Engine
This is Rietveld 408576698