| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/api/cast_channel/cast_auth_util.h" | 5 #include "chrome/browser/extensions/api/cast_channel/cast_auth_util.h" |
| 6 | 6 |
| 7 #include <cert.h> | 7 #include <cert.h> |
| 8 #include <cryptohi.h> | 8 #include <cryptohi.h> |
| 9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
| 10 #include <seccomon.h> | 10 #include <seccomon.h> |
| (...skipping 125 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 136 0x26,0x4C,0xD4,0xD3,0xFD,0x50,0xE1,0x34,0xE9,0x4C,0x81,0x58, | 136 0x26,0x4C,0xD4,0xD3,0xFD,0x50,0xE1,0x34,0xE9,0x4C,0x81,0x58, |
| 137 0x30,0xB2,0xC7,0x7A,0xDD,0x81,0x89,0xA6,0xD4,0x3A,0x38,0x84, | 137 0x30,0xB2,0xC7,0x7A,0xDD,0x81,0x89,0xA6,0xD4,0x3A,0x38,0x84, |
| 138 0x03,0xB7,0x34,0x9E,0x77,0x3F,0xFF,0x78,0x07,0x5B,0x99,0xC1, | 138 0x03,0xB7,0x34,0x9E,0x77,0x3F,0xFF,0x78,0x07,0x5B,0x99,0xC1, |
| 139 0xB2,0x1F,0x35,0x56,0x6E,0x3A,0x3C,0x0C,0x25,0xE1,0x57,0xF6, | 139 0xB2,0x1F,0x35,0x56,0x6E,0x3A,0x3C,0x0C,0x25,0xE1,0x57,0xF6, |
| 140 0x8A,0x7E,0x49,0xC0,0xCC,0x83,0x11,0x35,0xE7,0x91,0x6D,0x2E, | 140 0x8A,0x7E,0x49,0xC0,0xCC,0x83,0x11,0x35,0xE7,0x91,0x6D,0x2E, |
| 141 0x65,0x02,0x03,0x01,0x00,0x01 | 141 0x65,0x02,0x03,0x01,0x00,0x01 |
| 142 }; | 142 }; |
| 143 | 143 |
| 144 // Info for trusted ICA certs. | 144 // Info for trusted ICA certs. |
| 145 struct ICACertInfo { | 145 struct ICACertInfo { |
| 146 net::SHA1HashValue fingerprint; | 146 const net::SHA1HashValue* fingerprint; |
| 147 SECItem public_key; | 147 SECItem public_key; |
| 148 }; | 148 }; |
| 149 | 149 |
| 150 // List of allowed / trusted ICAs. | 150 // List of allowed / trusted ICAs. |
| 151 static const ICACertInfo kAllowedICAs[] = { | 151 static const ICACertInfo kAllowedICAs[] = { |
| 152 { kFingerprintICA1, | 152 { &kFingerprintICA1, |
| 153 { siDERCertBuffer, | 153 { siDERCertBuffer, |
| 154 const_cast<unsigned char*>(kPublicKeyICA1), | 154 const_cast<unsigned char*>(kPublicKeyICA1), |
| 155 sizeof(kPublicKeyICA1) } }, | 155 sizeof(kPublicKeyICA1) } }, |
| 156 { kFingerprintICA2, | 156 { &kFingerprintICA2, |
| 157 { siDERCertBuffer, | 157 { siDERCertBuffer, |
| 158 const_cast<unsigned char*>(kPublicKeyICA2), | 158 const_cast<unsigned char*>(kPublicKeyICA2), |
| 159 sizeof(kPublicKeyICA2) } }, | 159 sizeof(kPublicKeyICA2) } }, |
| 160 { kFingerprintICA3, | 160 { &kFingerprintICA3, |
| 161 { siDERCertBuffer, | 161 { siDERCertBuffer, |
| 162 const_cast<unsigned char*>(kPublicKeyICA3), | 162 const_cast<unsigned char*>(kPublicKeyICA3), |
| 163 sizeof(kPublicKeyICA3) } }, | 163 sizeof(kPublicKeyICA3) } }, |
| 164 { kFingerprintICA4, | 164 { &kFingerprintICA4, |
| 165 { siDERCertBuffer, | 165 { siDERCertBuffer, |
| 166 const_cast<unsigned char*>(kPublicKeyICA4), | 166 const_cast<unsigned char*>(kPublicKeyICA4), |
| 167 sizeof(kPublicKeyICA4) } }, | 167 sizeof(kPublicKeyICA4) } }, |
| 168 }; | 168 }; |
| 169 | 169 |
| 170 typedef scoped_ptr< | 170 typedef scoped_ptr< |
| 171 CERTCertificate, | 171 CERTCertificate, |
| 172 crypto::NSSDestroyer<CERTCertificate, CERT_DestroyCertificate> > | 172 crypto::NSSDestroyer<CERTCertificate, CERT_DestroyCertificate> > |
| 173 ScopedCERTCertificate; | 173 ScopedCERTCertificate; |
| 174 | 174 |
| 175 // Returns the index of the ICA whose fingerprint matches |fingerprint|. | 175 // Returns the index of the ICA whose fingerprint matches |fingerprint|. |
| 176 // Returns -1, if no such ICA is found. | 176 // Returns -1, if no such ICA is found. |
| 177 static int GetICAWithFingerprint(const net::SHA1HashValue& fingerprint) { | 177 static int GetICAWithFingerprint(const net::SHA1HashValue& fingerprint) { |
| 178 for (size_t i = 0; i < arraysize(kAllowedICAs); ++i) { | 178 for (size_t i = 0; i < arraysize(kAllowedICAs); ++i) { |
| 179 if (fingerprint.Equals(kAllowedICAs[i].fingerprint)) | 179 if (kAllowedICAs[i].fingerprint->Equals(fingerprint)) |
| 180 return static_cast<int>(i); | 180 return static_cast<int>(i); |
| 181 } | 181 } |
| 182 return -1; | 182 return -1; |
| 183 } | 183 } |
| 184 | 184 |
| 185 // Parses out DeviceAuthMessage from CastMessage | 185 // Parses out DeviceAuthMessage from CastMessage |
| 186 static bool ParseAuthMessage( | 186 static bool ParseAuthMessage( |
| 187 const extensions::api::cast_channel::CastMessage& challenge_reply, | 187 const extensions::api::cast_channel::CastMessage& challenge_reply, |
| 188 extensions::api::cast_channel::DeviceAuthMessage* auth_message) { | 188 extensions::api::cast_channel::DeviceAuthMessage* auth_message) { |
| 189 if (challenge_reply.payload_type() != | 189 if (challenge_reply.payload_type() != |
| (...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 316 if (!ParseAuthMessage(challenge_reply, &auth_message)) | 316 if (!ParseAuthMessage(challenge_reply, &auth_message)) |
| 317 return false; | 317 return false; |
| 318 | 318 |
| 319 const AuthResponse& response = auth_message.response(); | 319 const AuthResponse& response = auth_message.response(); |
| 320 return VerifyCredentials(response, peer_cert); | 320 return VerifyCredentials(response, peer_cert); |
| 321 } | 321 } |
| 322 | 322 |
| 323 } // namespace cast_channel | 323 } // namespace cast_channel |
| 324 } // namespace api | 324 } // namespace api |
| 325 } // namespace extensions | 325 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 287733003:
Avoid invoking copy constructor at chrome startup (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src