Eliminate ScopedOpenSSL in favour of scoped_ptr<> specializations.

chrome/common/net/x509_certificate_model_openssl.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/common/net/x509_certificate_model.h"
 
 #include <openssl/bio.h>
 #include <openssl/obj_mac.h>
 #include <openssl/sha.h>
 #include <openssl/x509v3.h>
 
 #include "base/i18n/number_formatting.h"
 #include "base/lazy_instance.h"
 #include "base/logging.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "crypto/openssl_bio_string.h"
 #include "crypto/openssl_util.h"
+#include "crypto/scoped_openssl_types.h"
 #include "grit/generated_resources.h"
 #include "net/base/net_util.h"
 #include "net/cert/x509_util_openssl.h"
 #include "ui/base/l10n/l10n_util.h"
 
 namespace x509_util = net::x509_util;
 
 namespace x509_certificate_model {
 
 namespace {
@@ skipping 426 matching lines @@
   static const MaskIdPair usage_string_map[] = {
       {NS_SSL_CLIENT, IDS_CERT_USAGE_SSL_CLIENT},
       {NS_SSL_SERVER, IDS_CERT_USAGE_SSL_SERVER},
       {NS_SMIME, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL},
       {NS_OBJSIGN, IDS_CERT_USAGE_OBJECT_SIGNER},
       {NS_SSL_CA, IDS_CERT_USAGE_SSL_CA},
       {NS_SMIME_CA, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL_CA},
       {NS_OBJSIGN_CA, IDS_CERT_USAGE_OBJECT_SIGNER},
   };
 
-  crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free> value(
+  crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free>::Type value(
       reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
   return ProcessBitField(value.get(),
                          usage_string_map,
                          ARRAYSIZE_UNSAFE(usage_string_map),
                          '\n');
 }
 
 std::string ProcessKeyUsageExtension(X509_EXTENSION* ex) {
   static const MaskIdPair key_usage_string_map[] = {
       {KU_DIGITAL_SIGNATURE, IDS_CERT_X509_KEY_USAGE_SIGNING},
       {KU_NON_REPUDIATION, IDS_CERT_X509_KEY_USAGE_NONREP},
       {KU_KEY_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_ENCIPHERMENT},
       {KU_DATA_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_DATA_ENCIPHERMENT},
       {KU_KEY_AGREEMENT, IDS_CERT_X509_KEY_USAGE_KEY_AGREEMENT},
       {KU_KEY_CERT_SIGN, IDS_CERT_X509_KEY_USAGE_CERT_SIGNER},
       {KU_CRL_SIGN, IDS_CERT_X509_KEY_USAGE_CRL_SIGNER},
       {KU_ENCIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_ENCIPHER_ONLY},
       {KU_DECIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_DECIPHER_ONLY},
   };
 
-  crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free> value(
+  crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free>::Type value(
       reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
   return ProcessBitField(value.get(),
                          key_usage_string_map,
                          ARRAYSIZE_UNSAFE(key_usage_string_map),
                          '\n');
 }
 
 std::string ProcessBasicConstraints(X509_EXTENSION* ex) {
   std::string rv;
-  crypto::ScopedOpenSSL<BASIC_CONSTRAINTS, BASIC_CONSTRAINTS_free> value(
+  crypto::ScopedOpenSSL<BASIC_CONSTRAINTS, BASIC_CONSTRAINTS_free>::Type value(
       reinterpret_cast<BASIC_CONSTRAINTS*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
   if (value.get()->ca)
     rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_CA);
   else
     rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_NOT_CA);
   rv += '\n';
   if (value.get()->ca) {
     base::string16 depth;
     if (!value.get()->pathlen) {
       depth = l10n_util::GetStringUTF16(
           IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN_UNLIMITED);
     } else {
       depth = base::FormatNumber(ASN1_INTEGER_get(value.get()->pathlen));
     }
     rv += l10n_util::GetStringFUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN,
                                     depth);
   }
   return rv;
 }
 
 std::string ProcessExtKeyUsage(X509_EXTENSION* ex) {
   std::string rv;
-  crypto::ScopedOpenSSL<EXTENDED_KEY_USAGE, EXTENDED_KEY_USAGE_free> value(
-      reinterpret_cast<EXTENDED_KEY_USAGE*>(X509V3_EXT_d2i(ex)));
+  crypto::ScopedOpenSSL<EXTENDED_KEY_USAGE, EXTENDED_KEY_USAGE_free>::Type
+      value(reinterpret_cast<EXTENDED_KEY_USAGE*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
   for (int i = 0; i < sk_ASN1_OBJECT_num(value.get()); i++) {
     ASN1_OBJECT* obj = sk_ASN1_OBJECT_value(value.get(), i);
     std::string oid_dump = Asn1ObjectToOIDString(obj);
     std::string oid_text = Asn1ObjectToString(obj);
 
     // If oid is one we recognize, oid_text will have a text description of the
     // OID, which we display along with the oid_dump.  If we don't recognize the
     // OID, they will be the same, so just display the OID alone.
@@ skipping 127 matching lines @@
 std::string ProcessGeneralNames(GENERAL_NAMES* names) {
   std::string rv;
   for (int i = 0; i < sk_GENERAL_NAME_num(names); ++i) {
     GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i);
     rv += ProcessGeneralName(name);
   }
   return rv;
 }
 
 std::string ProcessAltName(X509_EXTENSION* ex) {
-  crypto::ScopedOpenSSL<GENERAL_NAMES, GENERAL_NAMES_free> alt_names(
+  crypto::ScopedOpenSSL<GENERAL_NAMES, GENERAL_NAMES_free>::Type alt_names(
       reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(ex)));
   if (!alt_names.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   return ProcessGeneralNames(alt_names.get());
 }
 
 std::string ProcessSubjectKeyId(X509_EXTENSION* ex) {
-  crypto::ScopedOpenSSL<ASN1_OCTET_STRING, ASN1_OCTET_STRING_free> value(
+  crypto::ScopedOpenSSL<ASN1_OCTET_STRING, ASN1_OCTET_STRING_free>::Type value(
       reinterpret_cast<ASN1_OCTET_STRING*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   return l10n_util::GetStringFUTF8(
       IDS_CERT_KEYID_FORMAT,
       base::ASCIIToUTF16(ProcessRawAsn1String(value.get())));
 }
 
 std::string ProcessAuthKeyId(X509_EXTENSION* ex) {
   std::string rv;
-  crypto::ScopedOpenSSL<AUTHORITY_KEYID, AUTHORITY_KEYID_free> value(
+  crypto::ScopedOpenSSL<AUTHORITY_KEYID, AUTHORITY_KEYID_free>::Type value(
       reinterpret_cast<AUTHORITY_KEYID*>(X509V3_EXT_d2i(ex)));
   if (!value.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   if (value.get()->keyid && ASN1_STRING_length(value.get()->keyid) > 0) {
     rv += l10n_util::GetStringFUTF8(
         IDS_CERT_KEYID_FORMAT,
         base::ASCIIToUTF16(ProcessRawAsn1String(value.get()->keyid)));
     rv += '\n';
   }
@@ skipping 35 matching lines @@
   }
   if (notice->exptext && notice->exptext->length != 0) {
     rv += "\n    ";
     rv += Asn1StringToUTF8(notice->exptext);
   }
   return rv;
 }
 
 std::string ProcessCertificatePolicies(X509_EXTENSION* ex) {
   std::string rv;
-  crypto::ScopedOpenSSL<CERTIFICATEPOLICIES, CERTIFICATEPOLICIES_free> policies(
-      reinterpret_cast<CERTIFICATEPOLICIES*>(X509V3_EXT_d2i(ex)));
+  crypto::ScopedOpenSSL<CERTIFICATEPOLICIES, CERTIFICATEPOLICIES_free>::Type
+      policies(reinterpret_cast<CERTIFICATEPOLICIES*>(X509V3_EXT_d2i(ex)));
 
   if (!policies.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   for (int i = 0; i < sk_POLICYINFO_num(policies.get()); ++i) {
     POLICYINFO* info = sk_POLICYINFO_value(policies.get(), i);
     std::string key = Asn1ObjectToString(info->policyid);
     // If we have policy qualifiers, display the oid text
     // with a ':', otherwise just put the oid text and a newline.
     if (info->qualifiers && sk_POLICYQUALINFO_num(info->qualifiers)) {
@@ skipping 49 matching lines @@
       {6, IDS_CERT_REVOCATION_REASON_CERTIFICATE_HOLD},
       {7, IDS_CERT_REVOCATION_REASON_PRIVILEGE_WITHDRAWN},
       {8, IDS_CERT_REVOCATION_REASON_AA_COMPROMISE},
   };
   // OpenSSL doesn't define constants for the DIST_POINT type field. These
   // values are from reading openssl/crypto/x509v3/v3_crld.c
   const int kDistPointFullName = 0;
   const int kDistPointRelativeName = 1;
 
   std::string rv;
-  crypto::ScopedOpenSSL<CRL_DIST_POINTS, CRL_DIST_POINTS_free> dist_points(
-      reinterpret_cast<CRL_DIST_POINTS*>(X509V3_EXT_d2i(ex)));
+  crypto::ScopedOpenSSL<CRL_DIST_POINTS, CRL_DIST_POINTS_free>::Type
+      dist_points(reinterpret_cast<CRL_DIST_POINTS*>(X509V3_EXT_d2i(ex)));
 
   if (!dist_points.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   for (int i = 0; i < sk_DIST_POINT_num(dist_points.get()); ++i) {
     DIST_POINT* point = sk_DIST_POINT_value(dist_points.get(), i);
     if (point->distpoint) {
       switch (point->distpoint->type) {
         case kDistPointFullName:
           rv += ProcessGeneralNames(point->distpoint->name.fullname);
@@ skipping 19 matching lines @@
           IDS_CERT_ISSUER_FORMAT,
           base::UTF8ToUTF16(ProcessGeneralNames(point->CRLissuer)));
     }
   }
 
   return rv;
 }
 
 std::string ProcessAuthInfoAccess(X509_EXTENSION* ex) {
   std::string rv;
-  crypto::ScopedOpenSSL<AUTHORITY_INFO_ACCESS, AUTHORITY_INFO_ACCESS_free> aia(
-      reinterpret_cast<AUTHORITY_INFO_ACCESS*>(X509V3_EXT_d2i(ex)));
+  crypto::ScopedOpenSSL<AUTHORITY_INFO_ACCESS, AUTHORITY_INFO_ACCESS_free>::Type
+      aia(reinterpret_cast<AUTHORITY_INFO_ACCESS*>(X509V3_EXT_d2i(ex)));
 
   if (!aia.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   for (int i = 0; i < sk_ACCESS_DESCRIPTION_num(aia.get()); ++i) {
     ACCESS_DESCRIPTION* desc = sk_ACCESS_DESCRIPTION_value(aia.get(), i);
 
     base::string16 location_str =
         base::UTF8ToUTF16(ProcessGeneralName(desc->location));
     switch (OBJ_obj2nid(desc->method)) {
@@ skipping 11 matching lines @@
             base::UTF8ToUTF16(Asn1ObjectToString(desc->method)),
             location_str);
         break;
     }
   }
   return rv;
 }
 
 std::string ProcessIA5StringData(ASN1_OCTET_STRING* asn1_string) {
   const unsigned char* data = ASN1_STRING_data(asn1_string);
-  crypto::ScopedOpenSSL<ASN1_IA5STRING, ASN1_IA5STRING_free> ia5_string(
+  crypto::ScopedOpenSSL<ASN1_IA5STRING, ASN1_IA5STRING_free>::Type ia5_string(
       d2i_ASN1_IA5STRING(NULL, &data, ASN1_STRING_length(asn1_string)));
 
   if (!ia5_string.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   return std::string(
       reinterpret_cast<char*>(ASN1_STRING_data(ia5_string.get())),
       ASN1_STRING_length(ia5_string.get()));
 }
 
 std::string ProcessBMPStringData(ASN1_OCTET_STRING* asn1_string) {
   const unsigned char* data = ASN1_STRING_data(asn1_string);
-  crypto::ScopedOpenSSL<ASN1_BMPSTRING, ASN1_BMPSTRING_free> bmp_string(
+  crypto::ScopedOpenSSL<ASN1_BMPSTRING, ASN1_BMPSTRING_free>::Type bmp_string(
       d2i_ASN1_BMPSTRING(NULL, &data, ASN1_STRING_length(asn1_string)));
 
   if (!bmp_string.get())
     return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
 
   return Asn1StringToUTF8(bmp_string.get());
 }
 
 std::string X509ExtensionValueToString(X509_EXTENSION* ex) {
   g_dynamic_oid_registerer.Get();
@@ skipping 42 matching lines @@
 }  // namespace
 
 using net::X509Certificate;
 
 std::string GetCertNameOrNickname(X509Certificate::OSCertHandle cert_handle) {
   std::string name =
       ProcessIDN(GetSubjectCommonName(cert_handle, std::string()));
   if (!name.empty())
     return name;
 
-  crypto::ScopedOpenSSL<BIO, BIO_free_all> bio(crypto::BIO_new_string(&name));
+  crypto::ScopedBIO bio(crypto::BIO_new_string(&name));
   if (!bio.get())
     return name;
   X509_NAME_print_ex(bio.get(),
                      X509_get_subject_name(cert_handle),
                      0 /* indent */,
                      XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB);
   return name;
 }
 
 std::string GetTokenName(X509Certificate::OSCertHandle cert_handle) {
@@ skipping 89 matching lines @@
 
 std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle) {
   // TODO(mattm): merge GetTitle and GetCertNameOrNickname?
   // Is there any reason GetCertNameOrNickname calls ProcessIDN and this
   // doesn't?
   std::string title =
       GetSubjectCommonName(cert_handle, std::string());
   if (!title.empty())
     return title;
 
-  crypto::ScopedOpenSSL<BIO, BIO_free_all> bio(crypto::BIO_new_string(&title));
+  crypto::ScopedBIO bio(crypto::BIO_new_string(&title));
   if (!bio.get())
     return title;
   X509_NAME_print_ex(bio.get(),
                      X509_get_subject_name(cert_handle),
                      0 /* indent */,
                      XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB);
   return title;
 }
 
 std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle) {
@@ skipping 49 matching lines @@
 void DestroyCertChain(net::X509Certificate::OSCertHandles* cert_handles) {
   for (net::X509Certificate::OSCertHandles::iterator i = cert_handles->begin();
        i != cert_handles->end(); ++i)
     X509_free(*i);
   cert_handles->clear();
 }
 
 std::string GetCMSString(const net::X509Certificate::OSCertHandles& cert_chain,
                          size_t start, size_t end) {
   std::string rv;
-  crypto::ScopedOpenSSL<PKCS7, PKCS7_free> p7(PKCS7_new());
+  crypto::ScopedOpenSSL<PKCS7, PKCS7_free>::Type p7(PKCS7_new());
   if (!p7.get())
     return rv;
   if (!PKCS7_set_type(p7.get(), NID_pkcs7_signed))
     return rv;
 
   for (size_t i = start; i < end; ++i) {
     if (!PKCS7_add_certificate(p7.get(), cert_chain[i]))
       return rv;
   }
 
-  crypto::ScopedOpenSSL<BIO, BIO_free_all> bio(crypto::BIO_new_string(&rv));
+  crypto::ScopedOpenSSL<BIO, BIO_free_all>::Type bio(
+      crypto::BIO_new_string(&rv));
   if (!bio.get())
     return rv;
 
   if (!i2d_PKCS7_bio(bio.get(), p7.get())) {
     rv.clear();
     return rv;
   }
 
   return rv;
 }
@@ skipping 10 matching lines @@
 }
 
 std::string ProcessSecAlgorithmSignatureWrap(
     net::X509Certificate::OSCertHandle cert_handle) {
   return Asn1ObjectToString(cert_handle->sig_alg->algorithm);
 }
 
 std::string ProcessSubjectPublicKeyInfo(
     net::X509Certificate::OSCertHandle cert_handle) {
   std::string rv;
-  crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> public_key(
+  crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free>::Type public_key(
       X509_get_pubkey(cert_handle));
   if (!public_key.get())
     return rv;
   switch (EVP_PKEY_type(public_key.get()->type)) {
     case EVP_PKEY_RSA: {
-      crypto::ScopedOpenSSL<RSA, RSA_free> rsa_key(
+      crypto::ScopedOpenSSL<RSA, RSA_free>::Type rsa_key(
           EVP_PKEY_get1_RSA(public_key.get()));
       if (!rsa_key.get())
         return rv;
       rv = l10n_util::GetStringFUTF8(
           IDS_CERT_RSA_PUBLIC_KEY_DUMP_FORMAT,
           base::UintToString16(BN_num_bits(rsa_key.get()->n)),
           base::UTF8ToUTF16(ProcessRawBignum(rsa_key.get()->n)),
           base::UintToString16(BN_num_bits(rsa_key.get()->e)),
           base::UTF8ToUTF16(ProcessRawBignum(rsa_key.get()->e)));
       return rv;
     }
     default:
       rv = ProcessRawAsn1String(X509_get_X509_PUBKEY(cert_handle)->public_key);
       return rv;
   }
 }
 
 std::string ProcessRawBitsSignatureWrap(
     net::X509Certificate::OSCertHandle cert_handle) {
   // TODO(bulach): implement me.
   return "";
 }
 
 }  // namespace x509_certificate_model