OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/common/net/x509_certificate_model.h" | 5 #include "chrome/common/net/x509_certificate_model.h" |
6 | 6 |
7 #include <openssl/bio.h> | 7 #include <openssl/bio.h> |
8 #include <openssl/obj_mac.h> | 8 #include <openssl/obj_mac.h> |
9 #include <openssl/sha.h> | 9 #include <openssl/sha.h> |
10 #include <openssl/x509v3.h> | 10 #include <openssl/x509v3.h> |
11 | 11 |
12 #include "base/i18n/number_formatting.h" | 12 #include "base/i18n/number_formatting.h" |
13 #include "base/lazy_instance.h" | 13 #include "base/lazy_instance.h" |
14 #include "base/logging.h" | 14 #include "base/logging.h" |
15 #include "base/strings/string_number_conversions.h" | 15 #include "base/strings/string_number_conversions.h" |
16 #include "base/strings/stringprintf.h" | 16 #include "base/strings/stringprintf.h" |
17 #include "base/strings/utf_string_conversions.h" | 17 #include "base/strings/utf_string_conversions.h" |
18 #include "crypto/openssl_bio_string.h" | 18 #include "crypto/openssl_bio_string.h" |
19 #include "crypto/openssl_util.h" | 19 #include "crypto/openssl_util.h" |
20 #include "crypto/scoped_openssl_types.h" | |
20 #include "grit/generated_resources.h" | 21 #include "grit/generated_resources.h" |
21 #include "net/base/net_util.h" | 22 #include "net/base/net_util.h" |
22 #include "net/cert/x509_util_openssl.h" | 23 #include "net/cert/x509_util_openssl.h" |
23 #include "ui/base/l10n/l10n_util.h" | 24 #include "ui/base/l10n/l10n_util.h" |
24 | 25 |
25 namespace x509_util = net::x509_util; | 26 namespace x509_util = net::x509_util; |
26 | 27 |
27 namespace x509_certificate_model { | 28 namespace x509_certificate_model { |
28 | 29 |
29 namespace { | 30 namespace { |
(...skipping 419 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
449 static const MaskIdPair usage_string_map[] = { | 450 static const MaskIdPair usage_string_map[] = { |
450 {NS_SSL_CLIENT, IDS_CERT_USAGE_SSL_CLIENT}, | 451 {NS_SSL_CLIENT, IDS_CERT_USAGE_SSL_CLIENT}, |
451 {NS_SSL_SERVER, IDS_CERT_USAGE_SSL_SERVER}, | 452 {NS_SSL_SERVER, IDS_CERT_USAGE_SSL_SERVER}, |
452 {NS_SMIME, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL}, | 453 {NS_SMIME, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL}, |
453 {NS_OBJSIGN, IDS_CERT_USAGE_OBJECT_SIGNER}, | 454 {NS_OBJSIGN, IDS_CERT_USAGE_OBJECT_SIGNER}, |
454 {NS_SSL_CA, IDS_CERT_USAGE_SSL_CA}, | 455 {NS_SSL_CA, IDS_CERT_USAGE_SSL_CA}, |
455 {NS_SMIME_CA, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL_CA}, | 456 {NS_SMIME_CA, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL_CA}, |
456 {NS_OBJSIGN_CA, IDS_CERT_USAGE_OBJECT_SIGNER}, | 457 {NS_OBJSIGN_CA, IDS_CERT_USAGE_OBJECT_SIGNER}, |
457 }; | 458 }; |
458 | 459 |
459 crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free> value( | 460 scoped_ptr<ASN1_BIT_STRING, |
460 reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex))); | 461 crypto::OpenSSLDestroyer<ASN1_BIT_STRING, ASN1_BIT_STRING_free> > |
wtc
2014/07/09 15:08:15
I also find the new code less readable because of
| |
462 value(reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex))); | |
461 if (!value.get()) | 463 if (!value.get()) |
462 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 464 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
463 return ProcessBitField(value.get(), | 465 return ProcessBitField(value.get(), |
464 usage_string_map, | 466 usage_string_map, |
465 ARRAYSIZE_UNSAFE(usage_string_map), | 467 ARRAYSIZE_UNSAFE(usage_string_map), |
466 '\n'); | 468 '\n'); |
467 } | 469 } |
468 | 470 |
469 std::string ProcessKeyUsageExtension(X509_EXTENSION* ex) { | 471 std::string ProcessKeyUsageExtension(X509_EXTENSION* ex) { |
470 static const MaskIdPair key_usage_string_map[] = { | 472 static const MaskIdPair key_usage_string_map[] = { |
471 {KU_DIGITAL_SIGNATURE, IDS_CERT_X509_KEY_USAGE_SIGNING}, | 473 {KU_DIGITAL_SIGNATURE, IDS_CERT_X509_KEY_USAGE_SIGNING}, |
472 {KU_NON_REPUDIATION, IDS_CERT_X509_KEY_USAGE_NONREP}, | 474 {KU_NON_REPUDIATION, IDS_CERT_X509_KEY_USAGE_NONREP}, |
473 {KU_KEY_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_ENCIPHERMENT}, | 475 {KU_KEY_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_ENCIPHERMENT}, |
474 {KU_DATA_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_DATA_ENCIPHERMENT}, | 476 {KU_DATA_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_DATA_ENCIPHERMENT}, |
475 {KU_KEY_AGREEMENT, IDS_CERT_X509_KEY_USAGE_KEY_AGREEMENT}, | 477 {KU_KEY_AGREEMENT, IDS_CERT_X509_KEY_USAGE_KEY_AGREEMENT}, |
476 {KU_KEY_CERT_SIGN, IDS_CERT_X509_KEY_USAGE_CERT_SIGNER}, | 478 {KU_KEY_CERT_SIGN, IDS_CERT_X509_KEY_USAGE_CERT_SIGNER}, |
477 {KU_CRL_SIGN, IDS_CERT_X509_KEY_USAGE_CRL_SIGNER}, | 479 {KU_CRL_SIGN, IDS_CERT_X509_KEY_USAGE_CRL_SIGNER}, |
478 {KU_ENCIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_ENCIPHER_ONLY}, | 480 {KU_ENCIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_ENCIPHER_ONLY}, |
479 {KU_DECIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_DECIPHER_ONLY}, | 481 {KU_DECIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_DECIPHER_ONLY}, |
480 }; | 482 }; |
481 | 483 |
482 crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free> value( | 484 scoped_ptr<ASN1_BIT_STRING, |
483 reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex))); | 485 crypto::OpenSSLDestroyer<ASN1_BIT_STRING, ASN1_BIT_STRING_free> > |
486 value(reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex))); | |
484 if (!value.get()) | 487 if (!value.get()) |
485 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 488 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
486 return ProcessBitField(value.get(), | 489 return ProcessBitField(value.get(), |
487 key_usage_string_map, | 490 key_usage_string_map, |
488 ARRAYSIZE_UNSAFE(key_usage_string_map), | 491 ARRAYSIZE_UNSAFE(key_usage_string_map), |
489 '\n'); | 492 '\n'); |
490 } | 493 } |
491 | 494 |
492 std::string ProcessBasicConstraints(X509_EXTENSION* ex) { | 495 std::string ProcessBasicConstraints(X509_EXTENSION* ex) { |
493 std::string rv; | 496 std::string rv; |
494 crypto::ScopedOpenSSL<BASIC_CONSTRAINTS, BASIC_CONSTRAINTS_free> value( | 497 scoped_ptr<BASIC_CONSTRAINTS, |
495 reinterpret_cast<BASIC_CONSTRAINTS*>(X509V3_EXT_d2i(ex))); | 498 crypto::OpenSSLDestroyer<BASIC_CONSTRAINTS, |
499 BASIC_CONSTRAINTS_free> > | |
500 value(reinterpret_cast<BASIC_CONSTRAINTS*>(X509V3_EXT_d2i(ex))); | |
496 if (!value.get()) | 501 if (!value.get()) |
497 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 502 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
498 if (value.get()->ca) | 503 if (value.get()->ca) |
499 rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_CA); | 504 rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_CA); |
500 else | 505 else |
501 rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_NOT_CA); | 506 rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_NOT_CA); |
502 rv += '\n'; | 507 rv += '\n'; |
503 if (value.get()->ca) { | 508 if (value.get()->ca) { |
504 base::string16 depth; | 509 base::string16 depth; |
505 if (!value.get()->pathlen) { | 510 if (!value.get()->pathlen) { |
506 depth = l10n_util::GetStringUTF16( | 511 depth = l10n_util::GetStringUTF16( |
507 IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN_UNLIMITED); | 512 IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN_UNLIMITED); |
508 } else { | 513 } else { |
509 depth = base::FormatNumber(ASN1_INTEGER_get(value.get()->pathlen)); | 514 depth = base::FormatNumber(ASN1_INTEGER_get(value.get()->pathlen)); |
510 } | 515 } |
511 rv += l10n_util::GetStringFUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN, | 516 rv += l10n_util::GetStringFUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN, |
512 depth); | 517 depth); |
513 } | 518 } |
514 return rv; | 519 return rv; |
515 } | 520 } |
516 | 521 |
517 std::string ProcessExtKeyUsage(X509_EXTENSION* ex) { | 522 std::string ProcessExtKeyUsage(X509_EXTENSION* ex) { |
518 std::string rv; | 523 std::string rv; |
519 crypto::ScopedOpenSSL<EXTENDED_KEY_USAGE, EXTENDED_KEY_USAGE_free> value( | 524 scoped_ptr<EXTENDED_KEY_USAGE, |
520 reinterpret_cast<EXTENDED_KEY_USAGE*>(X509V3_EXT_d2i(ex))); | 525 crypto::OpenSSLDestroyer<EXTENDED_KEY_USAGE, |
526 EXTENDED_KEY_USAGE_free> > | |
527 value(reinterpret_cast<EXTENDED_KEY_USAGE*>(X509V3_EXT_d2i(ex))); | |
521 if (!value.get()) | 528 if (!value.get()) |
522 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 529 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
523 for (int i = 0; i < sk_ASN1_OBJECT_num(value.get()); i++) { | 530 for (int i = 0; i < sk_ASN1_OBJECT_num(value.get()); i++) { |
524 ASN1_OBJECT* obj = sk_ASN1_OBJECT_value(value.get(), i); | 531 ASN1_OBJECT* obj = sk_ASN1_OBJECT_value(value.get(), i); |
525 std::string oid_dump = Asn1ObjectToOIDString(obj); | 532 std::string oid_dump = Asn1ObjectToOIDString(obj); |
526 std::string oid_text = Asn1ObjectToString(obj); | 533 std::string oid_text = Asn1ObjectToString(obj); |
527 | 534 |
528 // If oid is one we recognize, oid_text will have a text description of the | 535 // If oid is one we recognize, oid_text will have a text description of the |
529 // OID, which we display along with the oid_dump. If we don't recognize the | 536 // OID, which we display along with the oid_dump. If we don't recognize the |
530 // OID, they will be the same, so just display the OID alone. | 537 // OID, they will be the same, so just display the OID alone. |
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
658 std::string ProcessGeneralNames(GENERAL_NAMES* names) { | 665 std::string ProcessGeneralNames(GENERAL_NAMES* names) { |
659 std::string rv; | 666 std::string rv; |
660 for (int i = 0; i < sk_GENERAL_NAME_num(names); ++i) { | 667 for (int i = 0; i < sk_GENERAL_NAME_num(names); ++i) { |
661 GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i); | 668 GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i); |
662 rv += ProcessGeneralName(name); | 669 rv += ProcessGeneralName(name); |
663 } | 670 } |
664 return rv; | 671 return rv; |
665 } | 672 } |
666 | 673 |
667 std::string ProcessAltName(X509_EXTENSION* ex) { | 674 std::string ProcessAltName(X509_EXTENSION* ex) { |
668 crypto::ScopedOpenSSL<GENERAL_NAMES, GENERAL_NAMES_free> alt_names( | 675 scoped_ptr<GENERAL_NAMES, |
669 reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(ex))); | 676 crypto::OpenSSLDestroyer<GENERAL_NAMES, GENERAL_NAMES_free> > |
677 alt_names(reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(ex))); | |
670 if (!alt_names.get()) | 678 if (!alt_names.get()) |
671 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 679 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
672 | 680 |
673 return ProcessGeneralNames(alt_names.get()); | 681 return ProcessGeneralNames(alt_names.get()); |
674 } | 682 } |
675 | 683 |
676 std::string ProcessSubjectKeyId(X509_EXTENSION* ex) { | 684 std::string ProcessSubjectKeyId(X509_EXTENSION* ex) { |
677 crypto::ScopedOpenSSL<ASN1_OCTET_STRING, ASN1_OCTET_STRING_free> value( | 685 scoped_ptr<ASN1_OCTET_STRING, |
678 reinterpret_cast<ASN1_OCTET_STRING*>(X509V3_EXT_d2i(ex))); | 686 crypto::OpenSSLDestroyer<ASN1_OCTET_STRING, |
687 ASN1_OCTET_STRING_free> > | |
688 value(reinterpret_cast<ASN1_OCTET_STRING*>(X509V3_EXT_d2i(ex))); | |
679 if (!value.get()) | 689 if (!value.get()) |
680 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 690 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
681 | 691 |
682 return l10n_util::GetStringFUTF8( | 692 return l10n_util::GetStringFUTF8( |
683 IDS_CERT_KEYID_FORMAT, | 693 IDS_CERT_KEYID_FORMAT, |
684 base::ASCIIToUTF16(ProcessRawAsn1String(value.get()))); | 694 base::ASCIIToUTF16(ProcessRawAsn1String(value.get()))); |
685 } | 695 } |
686 | 696 |
687 std::string ProcessAuthKeyId(X509_EXTENSION* ex) { | 697 std::string ProcessAuthKeyId(X509_EXTENSION* ex) { |
688 std::string rv; | 698 std::string rv; |
689 crypto::ScopedOpenSSL<AUTHORITY_KEYID, AUTHORITY_KEYID_free> value( | 699 scoped_ptr<AUTHORITY_KEYID, |
690 reinterpret_cast<AUTHORITY_KEYID*>(X509V3_EXT_d2i(ex))); | 700 crypto::OpenSSLDestroyer<AUTHORITY_KEYID, AUTHORITY_KEYID_free> > |
701 value(reinterpret_cast<AUTHORITY_KEYID*>(X509V3_EXT_d2i(ex))); | |
691 if (!value.get()) | 702 if (!value.get()) |
692 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 703 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
693 | 704 |
694 if (value.get()->keyid && ASN1_STRING_length(value.get()->keyid) > 0) { | 705 if (value.get()->keyid && ASN1_STRING_length(value.get()->keyid) > 0) { |
695 rv += l10n_util::GetStringFUTF8( | 706 rv += l10n_util::GetStringFUTF8( |
696 IDS_CERT_KEYID_FORMAT, | 707 IDS_CERT_KEYID_FORMAT, |
697 base::ASCIIToUTF16(ProcessRawAsn1String(value.get()->keyid))); | 708 base::ASCIIToUTF16(ProcessRawAsn1String(value.get()->keyid))); |
698 rv += '\n'; | 709 rv += '\n'; |
699 } | 710 } |
700 | 711 |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
735 } | 746 } |
736 if (notice->exptext && notice->exptext->length != 0) { | 747 if (notice->exptext && notice->exptext->length != 0) { |
737 rv += "\n "; | 748 rv += "\n "; |
738 rv += Asn1StringToUTF8(notice->exptext); | 749 rv += Asn1StringToUTF8(notice->exptext); |
739 } | 750 } |
740 return rv; | 751 return rv; |
741 } | 752 } |
742 | 753 |
743 std::string ProcessCertificatePolicies(X509_EXTENSION* ex) { | 754 std::string ProcessCertificatePolicies(X509_EXTENSION* ex) { |
744 std::string rv; | 755 std::string rv; |
745 crypto::ScopedOpenSSL<CERTIFICATEPOLICIES, CERTIFICATEPOLICIES_free> policies( | 756 scoped_ptr<CERTIFICATEPOLICIES, |
746 reinterpret_cast<CERTIFICATEPOLICIES*>(X509V3_EXT_d2i(ex))); | 757 crypto::OpenSSLDestroyer<CERTIFICATEPOLICIES, |
758 CERTIFICATEPOLICIES_free> > | |
759 policies(reinterpret_cast<CERTIFICATEPOLICIES*>(X509V3_EXT_d2i(ex))); | |
747 | 760 |
748 if (!policies.get()) | 761 if (!policies.get()) |
749 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 762 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
750 | 763 |
751 for (int i = 0; i < sk_POLICYINFO_num(policies.get()); ++i) { | 764 for (int i = 0; i < sk_POLICYINFO_num(policies.get()); ++i) { |
752 POLICYINFO* info = sk_POLICYINFO_value(policies.get(), i); | 765 POLICYINFO* info = sk_POLICYINFO_value(policies.get(), i); |
753 std::string key = Asn1ObjectToString(info->policyid); | 766 std::string key = Asn1ObjectToString(info->policyid); |
754 // If we have policy qualifiers, display the oid text | 767 // If we have policy qualifiers, display the oid text |
755 // with a ':', otherwise just put the oid text and a newline. | 768 // with a ':', otherwise just put the oid text and a newline. |
756 if (info->qualifiers && sk_POLICYQUALINFO_num(info->qualifiers)) { | 769 if (info->qualifiers && sk_POLICYQUALINFO_num(info->qualifiers)) { |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
806 {6, IDS_CERT_REVOCATION_REASON_CERTIFICATE_HOLD}, | 819 {6, IDS_CERT_REVOCATION_REASON_CERTIFICATE_HOLD}, |
807 {7, IDS_CERT_REVOCATION_REASON_PRIVILEGE_WITHDRAWN}, | 820 {7, IDS_CERT_REVOCATION_REASON_PRIVILEGE_WITHDRAWN}, |
808 {8, IDS_CERT_REVOCATION_REASON_AA_COMPROMISE}, | 821 {8, IDS_CERT_REVOCATION_REASON_AA_COMPROMISE}, |
809 }; | 822 }; |
810 // OpenSSL doesn't define constants for the DIST_POINT type field. These | 823 // OpenSSL doesn't define constants for the DIST_POINT type field. These |
811 // values are from reading openssl/crypto/x509v3/v3_crld.c | 824 // values are from reading openssl/crypto/x509v3/v3_crld.c |
812 const int kDistPointFullName = 0; | 825 const int kDistPointFullName = 0; |
813 const int kDistPointRelativeName = 1; | 826 const int kDistPointRelativeName = 1; |
814 | 827 |
815 std::string rv; | 828 std::string rv; |
816 crypto::ScopedOpenSSL<CRL_DIST_POINTS, CRL_DIST_POINTS_free> dist_points( | 829 scoped_ptr<CRL_DIST_POINTS, |
817 reinterpret_cast<CRL_DIST_POINTS*>(X509V3_EXT_d2i(ex))); | 830 crypto::OpenSSLDestroyer<CRL_DIST_POINTS, CRL_DIST_POINTS_free> > |
831 dist_points(reinterpret_cast<CRL_DIST_POINTS*>(X509V3_EXT_d2i(ex))); | |
818 | 832 |
819 if (!dist_points.get()) | 833 if (!dist_points.get()) |
820 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 834 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
821 | 835 |
822 for (int i = 0; i < sk_DIST_POINT_num(dist_points.get()); ++i) { | 836 for (int i = 0; i < sk_DIST_POINT_num(dist_points.get()); ++i) { |
823 DIST_POINT* point = sk_DIST_POINT_value(dist_points.get(), i); | 837 DIST_POINT* point = sk_DIST_POINT_value(dist_points.get(), i); |
824 if (point->distpoint) { | 838 if (point->distpoint) { |
825 switch (point->distpoint->type) { | 839 switch (point->distpoint->type) { |
826 case kDistPointFullName: | 840 case kDistPointFullName: |
827 rv += ProcessGeneralNames(point->distpoint->name.fullname); | 841 rv += ProcessGeneralNames(point->distpoint->name.fullname); |
(...skipping 19 matching lines...) Expand all Loading... | |
847 IDS_CERT_ISSUER_FORMAT, | 861 IDS_CERT_ISSUER_FORMAT, |
848 base::UTF8ToUTF16(ProcessGeneralNames(point->CRLissuer))); | 862 base::UTF8ToUTF16(ProcessGeneralNames(point->CRLissuer))); |
849 } | 863 } |
850 } | 864 } |
851 | 865 |
852 return rv; | 866 return rv; |
853 } | 867 } |
854 | 868 |
855 std::string ProcessAuthInfoAccess(X509_EXTENSION* ex) { | 869 std::string ProcessAuthInfoAccess(X509_EXTENSION* ex) { |
856 std::string rv; | 870 std::string rv; |
857 crypto::ScopedOpenSSL<AUTHORITY_INFO_ACCESS, AUTHORITY_INFO_ACCESS_free> aia( | 871 scoped_ptr<AUTHORITY_INFO_ACCESS, |
858 reinterpret_cast<AUTHORITY_INFO_ACCESS*>(X509V3_EXT_d2i(ex))); | 872 crypto::OpenSSLDestroyer<AUTHORITY_INFO_ACCESS, |
873 AUTHORITY_INFO_ACCESS_free> > | |
874 aia(reinterpret_cast<AUTHORITY_INFO_ACCESS*>(X509V3_EXT_d2i(ex))); | |
859 | 875 |
860 if (!aia.get()) | 876 if (!aia.get()) |
861 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 877 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
862 | 878 |
863 for (int i = 0; i < sk_ACCESS_DESCRIPTION_num(aia.get()); ++i) { | 879 for (int i = 0; i < sk_ACCESS_DESCRIPTION_num(aia.get()); ++i) { |
864 ACCESS_DESCRIPTION* desc = sk_ACCESS_DESCRIPTION_value(aia.get(), i); | 880 ACCESS_DESCRIPTION* desc = sk_ACCESS_DESCRIPTION_value(aia.get(), i); |
865 | 881 |
866 base::string16 location_str = | 882 base::string16 location_str = |
867 base::UTF8ToUTF16(ProcessGeneralName(desc->location)); | 883 base::UTF8ToUTF16(ProcessGeneralName(desc->location)); |
868 switch (OBJ_obj2nid(desc->method)) { | 884 switch (OBJ_obj2nid(desc->method)) { |
(...skipping 11 matching lines...) Expand all Loading... | |
880 base::UTF8ToUTF16(Asn1ObjectToString(desc->method)), | 896 base::UTF8ToUTF16(Asn1ObjectToString(desc->method)), |
881 location_str); | 897 location_str); |
882 break; | 898 break; |
883 } | 899 } |
884 } | 900 } |
885 return rv; | 901 return rv; |
886 } | 902 } |
887 | 903 |
888 std::string ProcessIA5StringData(ASN1_OCTET_STRING* asn1_string) { | 904 std::string ProcessIA5StringData(ASN1_OCTET_STRING* asn1_string) { |
889 const unsigned char* data = ASN1_STRING_data(asn1_string); | 905 const unsigned char* data = ASN1_STRING_data(asn1_string); |
890 crypto::ScopedOpenSSL<ASN1_IA5STRING, ASN1_IA5STRING_free> ia5_string( | 906 scoped_ptr<ASN1_IA5STRING, |
891 d2i_ASN1_IA5STRING(NULL, &data, ASN1_STRING_length(asn1_string))); | 907 crypto::OpenSSLDestroyer<ASN1_IA5STRING, ASN1_IA5STRING_free> > |
908 ia5_string( | |
909 d2i_ASN1_IA5STRING(NULL, &data, ASN1_STRING_length(asn1_string))); | |
892 | 910 |
893 if (!ia5_string.get()) | 911 if (!ia5_string.get()) |
894 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 912 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
895 | 913 |
896 return std::string( | 914 return std::string( |
897 reinterpret_cast<char*>(ASN1_STRING_data(ia5_string.get())), | 915 reinterpret_cast<char*>(ASN1_STRING_data(ia5_string.get())), |
898 ASN1_STRING_length(ia5_string.get())); | 916 ASN1_STRING_length(ia5_string.get())); |
899 } | 917 } |
900 | 918 |
901 std::string ProcessBMPStringData(ASN1_OCTET_STRING* asn1_string) { | 919 std::string ProcessBMPStringData(ASN1_OCTET_STRING* asn1_string) { |
902 const unsigned char* data = ASN1_STRING_data(asn1_string); | 920 const unsigned char* data = ASN1_STRING_data(asn1_string); |
903 crypto::ScopedOpenSSL<ASN1_BMPSTRING, ASN1_BMPSTRING_free> bmp_string( | 921 scoped_ptr<ASN1_BMPSTRING, |
904 d2i_ASN1_BMPSTRING(NULL, &data, ASN1_STRING_length(asn1_string))); | 922 crypto::OpenSSLDestroyer<ASN1_BMPSTRING, ASN1_BMPSTRING_free> > |
923 bmp_string( | |
924 d2i_ASN1_BMPSTRING(NULL, &data, ASN1_STRING_length(asn1_string))); | |
905 | 925 |
906 if (!bmp_string.get()) | 926 if (!bmp_string.get()) |
907 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); | 927 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); |
908 | 928 |
909 return Asn1StringToUTF8(bmp_string.get()); | 929 return Asn1StringToUTF8(bmp_string.get()); |
910 } | 930 } |
911 | 931 |
912 std::string X509ExtensionValueToString(X509_EXTENSION* ex) { | 932 std::string X509ExtensionValueToString(X509_EXTENSION* ex) { |
913 g_dynamic_oid_registerer.Get(); | 933 g_dynamic_oid_registerer.Get(); |
914 int nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex)); | 934 int nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex)); |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
956 } // namespace | 976 } // namespace |
957 | 977 |
958 using net::X509Certificate; | 978 using net::X509Certificate; |
959 | 979 |
960 std::string GetCertNameOrNickname(X509Certificate::OSCertHandle cert_handle) { | 980 std::string GetCertNameOrNickname(X509Certificate::OSCertHandle cert_handle) { |
961 std::string name = | 981 std::string name = |
962 ProcessIDN(GetSubjectCommonName(cert_handle, std::string())); | 982 ProcessIDN(GetSubjectCommonName(cert_handle, std::string())); |
963 if (!name.empty()) | 983 if (!name.empty()) |
964 return name; | 984 return name; |
965 | 985 |
966 crypto::ScopedOpenSSL<BIO, BIO_free_all> bio(crypto::BIO_new_string(&name)); | 986 crypto::ScopedBIO bio(crypto::BIO_new_string(&name)); |
967 if (!bio.get()) | 987 if (!bio.get()) |
968 return name; | 988 return name; |
969 X509_NAME_print_ex(bio.get(), | 989 X509_NAME_print_ex(bio.get(), |
970 X509_get_subject_name(cert_handle), | 990 X509_get_subject_name(cert_handle), |
971 0 /* indent */, | 991 0 /* indent */, |
972 XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB); | 992 XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB); |
973 return name; | 993 return name; |
974 } | 994 } |
975 | 995 |
976 std::string GetTokenName(X509Certificate::OSCertHandle cert_handle) { | 996 std::string GetTokenName(X509Certificate::OSCertHandle cert_handle) { |
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1066 | 1086 |
1067 std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle) { | 1087 std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle) { |
1068 // TODO(mattm): merge GetTitle and GetCertNameOrNickname? | 1088 // TODO(mattm): merge GetTitle and GetCertNameOrNickname? |
1069 // Is there any reason GetCertNameOrNickname calls ProcessIDN and this | 1089 // Is there any reason GetCertNameOrNickname calls ProcessIDN and this |
1070 // doesn't? | 1090 // doesn't? |
1071 std::string title = | 1091 std::string title = |
1072 GetSubjectCommonName(cert_handle, std::string()); | 1092 GetSubjectCommonName(cert_handle, std::string()); |
1073 if (!title.empty()) | 1093 if (!title.empty()) |
1074 return title; | 1094 return title; |
1075 | 1095 |
1076 crypto::ScopedOpenSSL<BIO, BIO_free_all> bio(crypto::BIO_new_string(&title)); | 1096 crypto::ScopedBIO bio(crypto::BIO_new_string(&title)); |
1077 if (!bio.get()) | 1097 if (!bio.get()) |
1078 return title; | 1098 return title; |
1079 X509_NAME_print_ex(bio.get(), | 1099 X509_NAME_print_ex(bio.get(), |
1080 X509_get_subject_name(cert_handle), | 1100 X509_get_subject_name(cert_handle), |
1081 0 /* indent */, | 1101 0 /* indent */, |
1082 XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB); | 1102 XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB); |
1083 return title; | 1103 return title; |
1084 } | 1104 } |
1085 | 1105 |
1086 std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle) { | 1106 std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle) { |
(...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1170 return ""; | 1190 return ""; |
1171 } | 1191 } |
1172 | 1192 |
1173 std::string ProcessRawBitsSignatureWrap( | 1193 std::string ProcessRawBitsSignatureWrap( |
1174 net::X509Certificate::OSCertHandle cert_handle) { | 1194 net::X509Certificate::OSCertHandle cert_handle) { |
1175 // TODO(bulach): implement me. | 1195 // TODO(bulach): implement me. |
1176 return ""; | 1196 return ""; |
1177 } | 1197 } |
1178 | 1198 |
1179 } // namespace x509_certificate_model | 1199 } // namespace x509_certificate_model |
OLD | NEW |