OLD | NEW |
1 // Copyright (c) 2017 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/known_roots_win.h" | 5 #include "net/cert/known_roots_win.h" |
6 | 6 |
7 #include "base/metrics/histogram_macros.h" | 7 #include "base/metrics/histogram_macros.h" |
8 #include "crypto/sha2.h" | 8 #include "crypto/sha2.h" |
9 #include "net/cert/x509_certificate.h" | 9 #include "net/base/hash_value.h" |
10 #include "net/cert/x509_certificate_known_roots_win.h" | 10 #include "net/cert/x509_certificate_known_roots_win.h" |
| 11 #include "net/cert/x509_util_win.h" |
11 | 12 |
12 namespace net { | 13 namespace net { |
13 | 14 |
14 bool IsKnownRoot(PCCERT_CONTEXT cert) { | 15 bool IsKnownRoot(PCCERT_CONTEXT cert) { |
15 SHA256HashValue hash = X509Certificate::CalculateFingerprint256(cert); | 16 SHA256HashValue hash = x509_util::CalculateFingerprint256(cert); |
16 bool is_builtin = | 17 bool is_builtin = |
17 IsSHA256HashInSortedArray(hash, &kKnownRootCertSHA256Hashes[0][0], | 18 IsSHA256HashInSortedArray(hash, &kKnownRootCertSHA256Hashes[0][0], |
18 sizeof(kKnownRootCertSHA256Hashes)); | 19 sizeof(kKnownRootCertSHA256Hashes)); |
19 | 20 |
20 // Test to see if the use of a built-in set of known roots on Windows can be | 21 // Test to see if the use of a built-in set of known roots on Windows can be |
21 // replaced with using AuthRoot's SHA-256 property. On any system other than | 22 // replaced with using AuthRoot's SHA-256 property. On any system other than |
22 // a fresh RTM with no AuthRoot updates, this property should always exist for | 23 // a fresh RTM with no AuthRoot updates, this property should always exist for |
23 // roots delivered via AuthRoot.stl, but should not exist on any manually or | 24 // roots delivered via AuthRoot.stl, but should not exist on any manually or |
24 // administratively deployed roots. | 25 // administratively deployed roots. |
25 BYTE hash_prop[32] = {0}; | 26 BYTE hash_prop[32] = {0}; |
(...skipping 21 matching lines...) Expand all Loading... |
47 } else { | 48 } else { |
48 status = BUILT_IN_MAX_VALUE; | 49 status = BUILT_IN_MAX_VALUE; |
49 } | 50 } |
50 UMA_HISTOGRAM_ENUMERATION("Net.SSL_AuthRootConsistency", status, | 51 UMA_HISTOGRAM_ENUMERATION("Net.SSL_AuthRootConsistency", status, |
51 BUILT_IN_MAX_VALUE); | 52 BUILT_IN_MAX_VALUE); |
52 | 53 |
53 return is_builtin; | 54 return is_builtin; |
54 } | 55 } |
55 | 56 |
56 } // namespace net | 57 } // namespace net |
OLD | NEW |