Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(110)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/x509_util.cc

Issue 356713005: Rename ServerBoundCert => ChannelID to reflect the current name (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/cert/x509_util.h ('k') | net/cert/x509_util_nss.cc » ('j') | tools/metrics/actions/actions.xml » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/x509_util.h" 5 #include "net/cert/x509_util.h"
6 6
7 #include "base/basictypes.h" 7 #include "base/basictypes.h"
8 #include "base/memory/scoped_ptr.h" 8 #include "base/memory/scoped_ptr.h"
9 #include "base/time/time.h" 9 #include "base/time/time.h"
10 #include "crypto/ec_private_key.h" 10 #include "crypto/ec_private_key.h"
11 #include "crypto/rsa_private_key.h" 11 #include "crypto/rsa_private_key.h"
12 #include "net/cert/x509_certificate.h" 12 #include "net/cert/x509_certificate.h"
13 13
14 namespace net { 14 namespace net {
15 15
16 namespace x509_util { 16 namespace x509_util {
17 17
18 // RSA keys created by CreateKeyAndSelfSignedCert will be of this length. 18 // RSA keys created by CreateKeyAndSelfSignedCert will be of this length.
19 static const uint16 kRSAKeyLength = 1024; 19 static const uint16 kRSAKeyLength = 1024;
20 20
21 // Certificates made by CreateKeyAndSelfSignedCert and 21 // Certificates made by CreateKeyAndSelfSignedCert and
22 // CreateKeyAndDomainBoundCertEC will be signed using this digest algorithm. 22 // CreateKeyAndChannelIDEC will be signed using this digest algorithm.
23 static const DigestAlgorithm kSignatureDigestAlgorithm = DIGEST_SHA256; 23 static const DigestAlgorithm kSignatureDigestAlgorithm = DIGEST_SHA256;
24 24
25 ClientCertSorter::ClientCertSorter() : now_(base::Time::Now()) {} 25 ClientCertSorter::ClientCertSorter() : now_(base::Time::Now()) {}
26 26
27 bool ClientCertSorter::operator()( 27 bool ClientCertSorter::operator()(
28 const scoped_refptr<X509Certificate>& a, 28 const scoped_refptr<X509Certificate>& a,
29 const scoped_refptr<X509Certificate>& b) const { 29 const scoped_refptr<X509Certificate>& b) const {
30 // Certificates that are null are sorted last. 30 // Certificates that are null are sorted last.
31 if (!a.get() || !b.get()) 31 if (!a.get() || !b.get())
32 return a.get() && !b.get(); 32 return a.get() && !b.get();
(...skipping 15 matching lines...) Expand all
48 return a->valid_start() > b->valid_start(); 48 return a->valid_start() > b->valid_start();
49 49
50 // Otherwise, prefer client certificates with shorter chains. 50 // Otherwise, prefer client certificates with shorter chains.
51 const X509Certificate::OSCertHandles& a_intermediates = 51 const X509Certificate::OSCertHandles& a_intermediates =
52 a->GetIntermediateCertificates(); 52 a->GetIntermediateCertificates();
53 const X509Certificate::OSCertHandles& b_intermediates = 53 const X509Certificate::OSCertHandles& b_intermediates =
54 b->GetIntermediateCertificates(); 54 b->GetIntermediateCertificates();
55 return a_intermediates.size() < b_intermediates.size(); 55 return a_intermediates.size() < b_intermediates.size();
56 } 56 }
57 57
58 bool CreateKeyAndDomainBoundCertEC(const std::string& domain, 58 bool CreateKeyAndChannelIDEC(const std::string& domain,
59 uint32 serial_number, 59 uint32 serial_number,
60 base::Time not_valid_before, 60 base::Time not_valid_before,
61 base::Time not_valid_after, 61 base::Time not_valid_after,
62 scoped_ptr<crypto::ECPrivateKey>* key, 62 scoped_ptr<crypto::ECPrivateKey>* key,
63 std::string* der_cert) { 63 std::string* der_cert) {
64 scoped_ptr<crypto::ECPrivateKey> new_key(crypto::ECPrivateKey::Create()); 64 scoped_ptr<crypto::ECPrivateKey> new_key(crypto::ECPrivateKey::Create());
65 if (!new_key.get()) 65 if (!new_key.get())
66 return false; 66 return false;
67 67
68 bool success = CreateDomainBoundCertEC(new_key.get(), 68 bool success = CreateChannelIDEC(new_key.get(),
69 kSignatureDigestAlgorithm, 69 kSignatureDigestAlgorithm,
70 domain, 70 domain,
71 serial_number, 71 serial_number,
72 not_valid_before, 72 not_valid_before,
73 not_valid_after, 73 not_valid_after,
74 der_cert); 74 der_cert);
75 if (success) 75 if (success)
76 key->reset(new_key.release()); 76 key->reset(new_key.release());
77 77
78 return success; 78 return success;
79 } 79 }
80 80
81 bool CreateKeyAndSelfSignedCert(const std::string& subject, 81 bool CreateKeyAndSelfSignedCert(const std::string& subject,
82 uint32 serial_number, 82 uint32 serial_number,
83 base::Time not_valid_before, 83 base::Time not_valid_before,
84 base::Time not_valid_after, 84 base::Time not_valid_after,
(...skipping 13 matching lines...) Expand all
98 der_cert); 98 der_cert);
99 if (success) 99 if (success)
100 key->reset(new_key.release()); 100 key->reset(new_key.release());
101 101
102 return success; 102 return success;
103 } 103 }
104 104
105 } // namespace x509_util 105 } // namespace x509_util
106 106
107 } // namespace net 107 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/x509_util.h ('k') | net/cert/x509_util_nss.cc » ('j') | tools/metrics/actions/actions.xml » ('J')

Powered by Google App Engine
This is Rietveld 408576698