Eliminate ScopedOpenSSL in favour of scoped_ptr<> specializations.

chrome/common/net/x509_certificate_model_openssl.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/common/net/x509_certificate_model.h"
 
 #include <openssl/bio.h>
 #include <openssl/obj_mac.h>
 #include <openssl/sha.h>
 #include <openssl/x509v3.h>
 
 #include "base/i18n/number_formatting.h"
 #include "base/lazy_instance.h"
 #include "base/logging.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "crypto/openssl_bio_string.h"
 #include "crypto/openssl_util.h"
+#include "crypto/scoped_openssl_types.h"
 #include "grit/generated_resources.h"
 #include "net/base/net_util.h"
 #include "net/cert/x509_util_openssl.h"
 #include "ui/base/l10n/l10n_util.h"
 
 namespace x509_util = net::x509_util;
 
 namespace x509_certificate_model {
 
 namespace {
@@ skipping 419 matching lines @@
   static const MaskIdPair usage_string_map[] = {
       {NS_SSL_CLIENT, IDS_CERT_USAGE_SSL_CLIENT},
       {NS_SSL_SERVER, IDS_CERT_USAGE_SSL_SERVER},
       {NS_SMIME, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL},
       {NS_OBJSIGN, IDS_CERT_USAGE_OBJECT_SIGNER},
       {NS_SSL_CA, IDS_CERT_USAGE_SSL_CA},
       {NS_SMIME_CA, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL_CA},
       {NS_OBJSIGN_CA, IDS_CERT_USAGE_OBJECT_SIGNER},
   };
 
-  crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free> value(
-      reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex)));
+  scoped_ptr<ASN1_BIT_STRING,
+             crypto::OpenSSLDestroyer<ASN1_BIT_STRING, ASN1_BIT_STRING_free> >

[wtc, 2014/07/09 15:08:15]

I also find the new code less readable because of the nested templates and the
duplicated OpenSSL type. Perhaps typedefs can be used more. Because of the
consistent naming convention of the free functions, a macro can also be used to
simplify this. I remember OpenSSL uses macros to build these free functions, so
the consistent naming convention is guaranteed. On the other hand, OpenSSL's use
of those macros seems to be a common complaint from people who need to delve
into OpenSSL source code.

+      value(reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
   return ProcessBitField(value.get(),
                          usage_string_map,
                          ARRAYSIZE_UNSAFE(usage_string_map),
                          '\n');
 }
 
 std::string ProcessKeyUsageExtension(X509_EXTENSION* ex) {
   static const MaskIdPair key_usage_string_map[] = {
       {KU_DIGITAL_SIGNATURE, IDS_CERT_X509_KEY_USAGE_SIGNING},
       {KU_NON_REPUDIATION, IDS_CERT_X509_KEY_USAGE_NONREP},
       {KU_KEY_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_ENCIPHERMENT},
       {KU_DATA_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_DATA_ENCIPHERMENT},
       {KU_KEY_AGREEMENT, IDS_CERT_X509_KEY_USAGE_KEY_AGREEMENT},
       {KU_KEY_CERT_SIGN, IDS_CERT_X509_KEY_USAGE_CERT_SIGNER},
       {KU_CRL_SIGN, IDS_CERT_X509_KEY_USAGE_CRL_SIGNER},
       {KU_ENCIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_ENCIPHER_ONLY},
       {KU_DECIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_DECIPHER_ONLY},
   };
 
-  crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free> value(
-      reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex)));
+  scoped_ptr<ASN1_BIT_STRING,
+             crypto::OpenSSLDestroyer<ASN1_BIT_STRING, ASN1_BIT_STRING_free> >
+      value(reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
   return ProcessBitField(value.get(),
                          key_usage_string_map,
                          ARRAYSIZE_UNSAFE(key_usage_string_map),
                          '\n');
 }
 
 std::string ProcessBasicConstraints(X509_EXTENSION* ex) {
   std::string rv;
-  crypto::ScopedOpenSSL<BASIC_CONSTRAINTS, BASIC_CONSTRAINTS_free> value(
-      reinterpret_cast<BASIC_CONSTRAINTS*>(X509V3_EXT_d2i(ex)));
+  scoped_ptr<BASIC_CONSTRAINTS,
+             crypto::OpenSSLDestroyer<BASIC_CONSTRAINTS,
+                                      BASIC_CONSTRAINTS_free> >
+      value(reinterpret_cast<BASIC_CONSTRAINTS*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
   if (value.get()->ca)
     rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_CA);
   else
     rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_NOT_CA);
   rv += '\n';
   if (value.get()->ca) {
     base::string16 depth;
     if (!value.get()->pathlen) {
       depth = l10n_util::GetStringUTF16(
           IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN_UNLIMITED);
     } else {
       depth = base::FormatNumber(ASN1_INTEGER_get(value.get()->pathlen));
     }
     rv += l10n_util::GetStringFUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN,
                                     depth);
   }
   return rv;
 }
 
 std::string ProcessExtKeyUsage(X509_EXTENSION* ex) {
   std::string rv;
-  crypto::ScopedOpenSSL<EXTENDED_KEY_USAGE, EXTENDED_KEY_USAGE_free> value(
-      reinterpret_cast<EXTENDED_KEY_USAGE*>(X509V3_EXT_d2i(ex)));
+  scoped_ptr<EXTENDED_KEY_USAGE,
+             crypto::OpenSSLDestroyer<EXTENDED_KEY_USAGE,
+                                      EXTENDED_KEY_USAGE_free> >
+      value(reinterpret_cast<EXTENDED_KEY_USAGE*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
   for (int i = 0; i < sk_ASN1_OBJECT_num(value.get()); i++) {
     ASN1_OBJECT* obj = sk_ASN1_OBJECT_value(value.get(), i);
     std::string oid_dump = Asn1ObjectToOIDString(obj);
     std::string oid_text = Asn1ObjectToString(obj);
 
     // If oid is one we recognize, oid_text will have a text description of the
     // OID, which we display along with the oid_dump.  If we don't recognize the
     // OID, they will be the same, so just display the OID alone.
@@ skipping 127 matching lines @@
 std::string ProcessGeneralNames(GENERAL_NAMES* names) {
   std::string rv;
   for (int i = 0; i < sk_GENERAL_NAME_num(names); ++i) {
     GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i);
     rv += ProcessGeneralName(name);
   }
   return rv;
 }
 
 std::string ProcessAltName(X509_EXTENSION* ex) {
-  crypto::ScopedOpenSSL<GENERAL_NAMES, GENERAL_NAMES_free> alt_names(
-      reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(ex)));
+  scoped_ptr<GENERAL_NAMES,
+             crypto::OpenSSLDestroyer<GENERAL_NAMES, GENERAL_NAMES_free> >
+      alt_names(reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(ex)));
   if (!alt_names.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   return ProcessGeneralNames(alt_names.get());
 }
 
 std::string ProcessSubjectKeyId(X509_EXTENSION* ex) {
-  crypto::ScopedOpenSSL<ASN1_OCTET_STRING, ASN1_OCTET_STRING_free> value(
-      reinterpret_cast<ASN1_OCTET_STRING*>(X509V3_EXT_d2i(ex)));
+  scoped_ptr<ASN1_OCTET_STRING,
+             crypto::OpenSSLDestroyer<ASN1_OCTET_STRING,
+                                      ASN1_OCTET_STRING_free> >
+      value(reinterpret_cast<ASN1_OCTET_STRING*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   return l10n_util::GetStringFUTF8(
       IDS_CERT_KEYID_FORMAT,
       base::ASCIIToUTF16(ProcessRawAsn1String(value.get())));
 }
 
 std::string ProcessAuthKeyId(X509_EXTENSION* ex) {
   std::string rv;
-  crypto::ScopedOpenSSL<AUTHORITY_KEYID, AUTHORITY_KEYID_free> value(
-      reinterpret_cast<AUTHORITY_KEYID*>(X509V3_EXT_d2i(ex)));
+  scoped_ptr<AUTHORITY_KEYID,
+             crypto::OpenSSLDestroyer<AUTHORITY_KEYID, AUTHORITY_KEYID_free> >
+      value(reinterpret_cast<AUTHORITY_KEYID*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   if (value.get()->keyid && ASN1_STRING_length(value.get()->keyid) > 0) {
     rv += l10n_util::GetStringFUTF8(
         IDS_CERT_KEYID_FORMAT,
         base::ASCIIToUTF16(ProcessRawAsn1String(value.get()->keyid)));
     rv += '\n';
   }
 
@@ skipping 34 matching lines @@
   }
   if (notice->exptext && notice->exptext->length != 0) {
     rv += "\n    ";
     rv += Asn1StringToUTF8(notice->exptext);
   }
   return rv;
 }
 
 std::string ProcessCertificatePolicies(X509_EXTENSION* ex) {
   std::string rv;
-  crypto::ScopedOpenSSL<CERTIFICATEPOLICIES, CERTIFICATEPOLICIES_free> policies(
-      reinterpret_cast<CERTIFICATEPOLICIES*>(X509V3_EXT_d2i(ex)));
+  scoped_ptr<CERTIFICATEPOLICIES,
+             crypto::OpenSSLDestroyer<CERTIFICATEPOLICIES,
+                                      CERTIFICATEPOLICIES_free> >
+      policies(reinterpret_cast<CERTIFICATEPOLICIES*>(X509V3_EXT_d2i(ex)));
 
   if (!policies.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   for (int i = 0; i < sk_POLICYINFO_num(policies.get()); ++i) {
     POLICYINFO* info = sk_POLICYINFO_value(policies.get(), i);
     std::string key = Asn1ObjectToString(info->policyid);
     // If we have policy qualifiers, display the oid text
     // with a ':', otherwise just put the oid text and a newline.
     if (info->qualifiers && sk_POLICYQUALINFO_num(info->qualifiers)) {
@@ skipping 49 matching lines @@
       {6, IDS_CERT_REVOCATION_REASON_CERTIFICATE_HOLD},
       {7, IDS_CERT_REVOCATION_REASON_PRIVILEGE_WITHDRAWN},
       {8, IDS_CERT_REVOCATION_REASON_AA_COMPROMISE},
   };
   // OpenSSL doesn't define constants for the DIST_POINT type field. These
   // values are from reading openssl/crypto/x509v3/v3_crld.c
   const int kDistPointFullName = 0;
   const int kDistPointRelativeName = 1;
 
   std::string rv;
-  crypto::ScopedOpenSSL<CRL_DIST_POINTS, CRL_DIST_POINTS_free> dist_points(
-      reinterpret_cast<CRL_DIST_POINTS*>(X509V3_EXT_d2i(ex)));
+  scoped_ptr<CRL_DIST_POINTS,
+             crypto::OpenSSLDestroyer<CRL_DIST_POINTS, CRL_DIST_POINTS_free> >
+      dist_points(reinterpret_cast<CRL_DIST_POINTS*>(X509V3_EXT_d2i(ex)));
 
   if (!dist_points.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   for (int i = 0; i < sk_DIST_POINT_num(dist_points.get()); ++i) {
     DIST_POINT* point = sk_DIST_POINT_value(dist_points.get(), i);
     if (point->distpoint) {
       switch (point->distpoint->type) {
         case kDistPointFullName:
           rv += ProcessGeneralNames(point->distpoint->name.fullname);
@@ skipping 19 matching lines @@
           IDS_CERT_ISSUER_FORMAT,
           base::UTF8ToUTF16(ProcessGeneralNames(point->CRLissuer)));
     }
   }
 
   return rv;
 }
 
 std::string ProcessAuthInfoAccess(X509_EXTENSION* ex) {
   std::string rv;
-  crypto::ScopedOpenSSL<AUTHORITY_INFO_ACCESS, AUTHORITY_INFO_ACCESS_free> aia(
-      reinterpret_cast<AUTHORITY_INFO_ACCESS*>(X509V3_EXT_d2i(ex)));
+  scoped_ptr<AUTHORITY_INFO_ACCESS,
+             crypto::OpenSSLDestroyer<AUTHORITY_INFO_ACCESS,
+                                      AUTHORITY_INFO_ACCESS_free> >
+      aia(reinterpret_cast<AUTHORITY_INFO_ACCESS*>(X509V3_EXT_d2i(ex)));
 
   if (!aia.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   for (int i = 0; i < sk_ACCESS_DESCRIPTION_num(aia.get()); ++i) {
     ACCESS_DESCRIPTION* desc = sk_ACCESS_DESCRIPTION_value(aia.get(), i);
 
     base::string16 location_str =
         base::UTF8ToUTF16(ProcessGeneralName(desc->location));
     switch (OBJ_obj2nid(desc->method)) {
@@ skipping 11 matching lines @@
             base::UTF8ToUTF16(Asn1ObjectToString(desc->method)),
             location_str);
         break;
     }
   }
   return rv;
 }
 
 std::string ProcessIA5StringData(ASN1_OCTET_STRING* asn1_string) {
   const unsigned char* data = ASN1_STRING_data(asn1_string);
-  crypto::ScopedOpenSSL<ASN1_IA5STRING, ASN1_IA5STRING_free> ia5_string(
-      d2i_ASN1_IA5STRING(NULL, &data, ASN1_STRING_length(asn1_string)));
+  scoped_ptr<ASN1_IA5STRING,
+             crypto::OpenSSLDestroyer<ASN1_IA5STRING, ASN1_IA5STRING_free> >
+      ia5_string(
+          d2i_ASN1_IA5STRING(NULL, &data, ASN1_STRING_length(asn1_string)));
 
   if (!ia5_string.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   return std::string(
       reinterpret_cast<char*>(ASN1_STRING_data(ia5_string.get())),
       ASN1_STRING_length(ia5_string.get()));
 }
 
 std::string ProcessBMPStringData(ASN1_OCTET_STRING* asn1_string) {
   const unsigned char* data = ASN1_STRING_data(asn1_string);
-  crypto::ScopedOpenSSL<ASN1_BMPSTRING, ASN1_BMPSTRING_free> bmp_string(
-      d2i_ASN1_BMPSTRING(NULL, &data, ASN1_STRING_length(asn1_string)));
+  scoped_ptr<ASN1_BMPSTRING,
+             crypto::OpenSSLDestroyer<ASN1_BMPSTRING, ASN1_BMPSTRING_free> >
+      bmp_string(
+          d2i_ASN1_BMPSTRING(NULL, &data, ASN1_STRING_length(asn1_string)));
 
   if (!bmp_string.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   return Asn1StringToUTF8(bmp_string.get());
 }
 
 std::string X509ExtensionValueToString(X509_EXTENSION* ex) {
   g_dynamic_oid_registerer.Get();
   int nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
@@ skipping 41 matching lines @@
 }  // namespace
 
 using net::X509Certificate;
 
 std::string GetCertNameOrNickname(X509Certificate::OSCertHandle cert_handle) {
   std::string name =
       ProcessIDN(GetSubjectCommonName(cert_handle, std::string()));
   if (!name.empty())
     return name;
 
-  crypto::ScopedOpenSSL<BIO, BIO_free_all> bio(crypto::BIO_new_string(&name));
+  crypto::ScopedBIO bio(crypto::BIO_new_string(&name));
   if (!bio.get())
     return name;
   X509_NAME_print_ex(bio.get(),
                      X509_get_subject_name(cert_handle),
                      0 /* indent */,
                      XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB);
   return name;
 }
 
 std::string GetTokenName(X509Certificate::OSCertHandle cert_handle) {
@@ skipping 89 matching lines @@
 
 std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle) {
   // TODO(mattm): merge GetTitle and GetCertNameOrNickname?
   // Is there any reason GetCertNameOrNickname calls ProcessIDN and this
   // doesn't?
   std::string title =
       GetSubjectCommonName(cert_handle, std::string());
   if (!title.empty())
     return title;
 
-  crypto::ScopedOpenSSL<BIO, BIO_free_all> bio(crypto::BIO_new_string(&title));
+  crypto::ScopedBIO bio(crypto::BIO_new_string(&title));
   if (!bio.get())
     return title;
   X509_NAME_print_ex(bio.get(),
                      X509_get_subject_name(cert_handle),
                      0 /* indent */,
                      XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB);
   return title;
 }
 
 std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle) {
@@ skipping 83 matching lines @@
   return "";
 }
 
 std::string ProcessRawBitsSignatureWrap(
     net::X509Certificate::OSCertHandle cert_handle) {
   // TODO(bulach): implement me.
   return "";
 }
 
 }  // namespace x509_certificate_model