net/cert/cert_verify_proc_builtin.cc - Issue 2951343002: Remove residual support for SHA-1 public key pins.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/cert/cert_verify_proc_builtin.cc

Issue 2951343002: Remove residual support for SHA-1 public key pins. (Closed)

Patch Set: Remove the rest of HASH_VALUE_SHA1; respond to comments. Created 3 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2017 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2017 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/cert/cert_verify_proc_builtin.h"	5 #include "net/cert/cert_verify_proc_builtin.h"

6	6

7 #include <string>	7 #include <string>

8 #include <vector>	8 #include <vector>

9	9

10 #include "base/logging.h"	10 #include "base/logging.h"

(...skipping 71 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
82 CertErrors errors;	82 CertErrors errors;

83 for (auto it = cert_handles.begin(); it != cert_handles.end(); ++it) {	83 for (auto it = cert_handles.begin(); it != cert_handles.end(); ++it) {

84 scoped_refptr<ParsedCertificate> cert =	84 scoped_refptr<ParsedCertificate> cert =

85 ParseCertificateFromOSHandle(*it, &errors);	85 ParseCertificateFromOSHandle(*it, &errors);

86 if (cert)	86 if (cert)

87 intermediates->AddCert(std::move(cert));	87 intermediates->AddCert(std::move(cert));

88 // TODO(crbug.com/634443): Surface these parsing errors?	88 // TODO(crbug.com/634443): Surface these parsing errors?

89 }	89 }

90 }	90 }

91	91

92 // Appends the SHA1 and SHA256 hashes of \|spki_bytes\| to \|*hashes\|.	92 // Appends the SHA256 hashes of \|spki_bytes\| to \|*hashes\|.

93 void AppendPublicKeyHashes(const der::Input& spki_bytes,	93 void AppendPublicKeyHashes(const der::Input& spki_bytes,

94 HashValueVector* hashes) {	94 HashValueVector* hashes) {

95 HashValue sha1(HASH_VALUE_SHA1);

96 base::SHA1HashBytes(spki_bytes.UnsafeData(), spki_bytes.Length(),

97 sha1.data());

98 hashes->push_back(sha1);

99

100 HashValue sha256(HASH_VALUE_SHA256);	95 HashValue sha256(HASH_VALUE_SHA256);

101 crypto::SHA256HashString(spki_bytes.AsStringPiece(), sha256.data(),	96 crypto::SHA256HashString(spki_bytes.AsStringPiece(), sha256.data(),

102 crypto::kSHA256Length);	97 crypto::kSHA256Length);

103 hashes->push_back(sha256);	98 hashes->push_back(sha256);

104 }	99 }

105	100

106 // Appends the SubjectPublicKeyInfo hashes for all certificates in	101 // Appends the SubjectPublicKeyInfo hashes for all certificates in

107 // \|partial_path\| to \|*hashes\|.	102 // \|partial_path\| to \|*hashes\|.

108 void AppendPublicKeyHashes(const CertPathBuilder::ResultPath& partial_path,	103 void AppendPublicKeyHashes(const CertPathBuilder::ResultPath& partial_path,

109 HashValueVector* hashes) {	104 HashValueVector* hashes) {

(...skipping 185 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
295 : OK;	290 : OK;

296 }	291 }

297	292

298 } // namespace	293 } // namespace

299	294

300 scoped_refptr<CertVerifyProc> CreateCertVerifyProcBuiltin() {	295 scoped_refptr<CertVerifyProc> CreateCertVerifyProcBuiltin() {

301 return scoped_refptr<CertVerifyProc>(new CertVerifyProcBuiltin());	296 return scoped_refptr<CertVerifyProc>(new CertVerifyProcBuiltin());

302 }	297 }

303	298

304 } // namespace net	299 } // namespace net

OLD	NEW

« no previous file with comments | « net/cert/cert_verify_proc_android.cc ('k') | net/cert/cert_verify_proc_ios.cc » ('j') | net/data/ssl/name_constrained/README.md » ('J')