Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(59)

Side by Side Diff: chrome/common/net/x509_certificate_model_openssl.cc

Issue 361193003: Eliminate ScopedOpenSSL in favour of scoped_ptr<> specializations. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | content/child/webcrypto/platform_crypto_openssl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/common/net/x509_certificate_model.h" 5 #include "chrome/common/net/x509_certificate_model.h"
6 6
7 #include <openssl/bio.h> 7 #include <openssl/bio.h>
8 #include <openssl/obj_mac.h> 8 #include <openssl/obj_mac.h>
9 #include <openssl/sha.h> 9 #include <openssl/sha.h>
10 #include <openssl/x509v3.h> 10 #include <openssl/x509v3.h>
11 11
12 #include "base/i18n/number_formatting.h" 12 #include "base/i18n/number_formatting.h"
13 #include "base/lazy_instance.h" 13 #include "base/lazy_instance.h"
14 #include "base/logging.h" 14 #include "base/logging.h"
15 #include "base/strings/string_number_conversions.h" 15 #include "base/strings/string_number_conversions.h"
16 #include "base/strings/stringprintf.h" 16 #include "base/strings/stringprintf.h"
17 #include "base/strings/utf_string_conversions.h" 17 #include "base/strings/utf_string_conversions.h"
18 #include "crypto/openssl_bio_string.h" 18 #include "crypto/openssl_bio_string.h"
19 #include "crypto/openssl_util.h" 19 #include "crypto/openssl_util.h"
20 #include "crypto/scoped_openssl_types.h"
20 #include "grit/generated_resources.h" 21 #include "grit/generated_resources.h"
21 #include "net/base/net_util.h" 22 #include "net/base/net_util.h"
22 #include "net/cert/x509_util_openssl.h" 23 #include "net/cert/x509_util_openssl.h"
23 #include "ui/base/l10n/l10n_util.h" 24 #include "ui/base/l10n/l10n_util.h"
24 25
25 namespace x509_util = net::x509_util; 26 namespace x509_util = net::x509_util;
26 27
27 namespace x509_certificate_model { 28 namespace x509_certificate_model {
28 29
29 namespace { 30 namespace {
(...skipping 426 matching lines...) Expand 10 before | Expand all | Expand 10 after
456 static const MaskIdPair usage_string_map[] = { 457 static const MaskIdPair usage_string_map[] = {
457 {NS_SSL_CLIENT, IDS_CERT_USAGE_SSL_CLIENT}, 458 {NS_SSL_CLIENT, IDS_CERT_USAGE_SSL_CLIENT},
458 {NS_SSL_SERVER, IDS_CERT_USAGE_SSL_SERVER}, 459 {NS_SSL_SERVER, IDS_CERT_USAGE_SSL_SERVER},
459 {NS_SMIME, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL}, 460 {NS_SMIME, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL},
460 {NS_OBJSIGN, IDS_CERT_USAGE_OBJECT_SIGNER}, 461 {NS_OBJSIGN, IDS_CERT_USAGE_OBJECT_SIGNER},
461 {NS_SSL_CA, IDS_CERT_USAGE_SSL_CA}, 462 {NS_SSL_CA, IDS_CERT_USAGE_SSL_CA},
462 {NS_SMIME_CA, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL_CA}, 463 {NS_SMIME_CA, IDS_CERT_EXT_NS_CERT_TYPE_EMAIL_CA},
463 {NS_OBJSIGN_CA, IDS_CERT_USAGE_OBJECT_SIGNER}, 464 {NS_OBJSIGN_CA, IDS_CERT_USAGE_OBJECT_SIGNER},
464 }; 465 };
465 466
466 crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free> value( 467 crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free>::Type value(
467 reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex))); 468 reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex)));
468 if (!value.get()) 469 if (!value.get())
469 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 470 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
470 return ProcessBitField(value.get(), 471 return ProcessBitField(value.get(),
471 usage_string_map, 472 usage_string_map,
472 ARRAYSIZE_UNSAFE(usage_string_map), 473 ARRAYSIZE_UNSAFE(usage_string_map),
473 '\n'); 474 '\n');
474 } 475 }
475 476
476 std::string ProcessKeyUsageExtension(X509_EXTENSION* ex) { 477 std::string ProcessKeyUsageExtension(X509_EXTENSION* ex) {
477 static const MaskIdPair key_usage_string_map[] = { 478 static const MaskIdPair key_usage_string_map[] = {
478 {KU_DIGITAL_SIGNATURE, IDS_CERT_X509_KEY_USAGE_SIGNING}, 479 {KU_DIGITAL_SIGNATURE, IDS_CERT_X509_KEY_USAGE_SIGNING},
479 {KU_NON_REPUDIATION, IDS_CERT_X509_KEY_USAGE_NONREP}, 480 {KU_NON_REPUDIATION, IDS_CERT_X509_KEY_USAGE_NONREP},
480 {KU_KEY_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_ENCIPHERMENT}, 481 {KU_KEY_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_ENCIPHERMENT},
481 {KU_DATA_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_DATA_ENCIPHERMENT}, 482 {KU_DATA_ENCIPHERMENT, IDS_CERT_X509_KEY_USAGE_DATA_ENCIPHERMENT},
482 {KU_KEY_AGREEMENT, IDS_CERT_X509_KEY_USAGE_KEY_AGREEMENT}, 483 {KU_KEY_AGREEMENT, IDS_CERT_X509_KEY_USAGE_KEY_AGREEMENT},
483 {KU_KEY_CERT_SIGN, IDS_CERT_X509_KEY_USAGE_CERT_SIGNER}, 484 {KU_KEY_CERT_SIGN, IDS_CERT_X509_KEY_USAGE_CERT_SIGNER},
484 {KU_CRL_SIGN, IDS_CERT_X509_KEY_USAGE_CRL_SIGNER}, 485 {KU_CRL_SIGN, IDS_CERT_X509_KEY_USAGE_CRL_SIGNER},
485 {KU_ENCIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_ENCIPHER_ONLY}, 486 {KU_ENCIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_ENCIPHER_ONLY},
486 {KU_DECIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_DECIPHER_ONLY}, 487 {KU_DECIPHER_ONLY, IDS_CERT_X509_KEY_USAGE_DECIPHER_ONLY},
487 }; 488 };
488 489
489 crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free> value( 490 crypto::ScopedOpenSSL<ASN1_BIT_STRING, ASN1_BIT_STRING_free>::Type value(
490 reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex))); 491 reinterpret_cast<ASN1_BIT_STRING*>(X509V3_EXT_d2i(ex)));
491 if (!value.get()) 492 if (!value.get())
492 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 493 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
493 return ProcessBitField(value.get(), 494 return ProcessBitField(value.get(),
494 key_usage_string_map, 495 key_usage_string_map,
495 ARRAYSIZE_UNSAFE(key_usage_string_map), 496 ARRAYSIZE_UNSAFE(key_usage_string_map),
496 '\n'); 497 '\n');
497 } 498 }
498 499
499 std::string ProcessBasicConstraints(X509_EXTENSION* ex) { 500 std::string ProcessBasicConstraints(X509_EXTENSION* ex) {
500 std::string rv; 501 std::string rv;
501 crypto::ScopedOpenSSL<BASIC_CONSTRAINTS, BASIC_CONSTRAINTS_free> value( 502 crypto::ScopedOpenSSL<BASIC_CONSTRAINTS, BASIC_CONSTRAINTS_free>::Type value(
502 reinterpret_cast<BASIC_CONSTRAINTS*>(X509V3_EXT_d2i(ex))); 503 reinterpret_cast<BASIC_CONSTRAINTS*>(X509V3_EXT_d2i(ex)));
503 if (!value.get()) 504 if (!value.get())
504 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 505 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
505 if (value.get()->ca) 506 if (value.get()->ca)
506 rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_CA); 507 rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_CA);
507 else 508 else
508 rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_NOT_CA); 509 rv = l10n_util::GetStringUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_IS_NOT_CA);
509 rv += '\n'; 510 rv += '\n';
510 if (value.get()->ca) { 511 if (value.get()->ca) {
511 base::string16 depth; 512 base::string16 depth;
512 if (!value.get()->pathlen) { 513 if (!value.get()->pathlen) {
513 depth = l10n_util::GetStringUTF16( 514 depth = l10n_util::GetStringUTF16(
514 IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN_UNLIMITED); 515 IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN_UNLIMITED);
515 } else { 516 } else {
516 depth = base::FormatNumber(ASN1_INTEGER_get(value.get()->pathlen)); 517 depth = base::FormatNumber(ASN1_INTEGER_get(value.get()->pathlen));
517 } 518 }
518 rv += l10n_util::GetStringFUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN, 519 rv += l10n_util::GetStringFUTF8(IDS_CERT_X509_BASIC_CONSTRAINT_PATH_LEN,
519 depth); 520 depth);
520 } 521 }
521 return rv; 522 return rv;
522 } 523 }
523 524
524 std::string ProcessExtKeyUsage(X509_EXTENSION* ex) { 525 std::string ProcessExtKeyUsage(X509_EXTENSION* ex) {
525 std::string rv; 526 std::string rv;
526 crypto::ScopedOpenSSL<EXTENDED_KEY_USAGE, EXTENDED_KEY_USAGE_free> value( 527 crypto::ScopedOpenSSL<EXTENDED_KEY_USAGE, EXTENDED_KEY_USAGE_free>::Type
527 reinterpret_cast<EXTENDED_KEY_USAGE*>(X509V3_EXT_d2i(ex))); 528 value(reinterpret_cast<EXTENDED_KEY_USAGE*>(X509V3_EXT_d2i(ex)));
528 if (!value.get()) 529 if (!value.get())
529 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 530 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
530 for (int i = 0; i < sk_ASN1_OBJECT_num(value.get()); i++) { 531 for (int i = 0; i < sk_ASN1_OBJECT_num(value.get()); i++) {
531 ASN1_OBJECT* obj = sk_ASN1_OBJECT_value(value.get(), i); 532 ASN1_OBJECT* obj = sk_ASN1_OBJECT_value(value.get(), i);
532 std::string oid_dump = Asn1ObjectToOIDString(obj); 533 std::string oid_dump = Asn1ObjectToOIDString(obj);
533 std::string oid_text = Asn1ObjectToString(obj); 534 std::string oid_text = Asn1ObjectToString(obj);
534 535
535 // If oid is one we recognize, oid_text will have a text description of the 536 // If oid is one we recognize, oid_text will have a text description of the
536 // OID, which we display along with the oid_dump. If we don't recognize the 537 // OID, which we display along with the oid_dump. If we don't recognize the
537 // OID, they will be the same, so just display the OID alone. 538 // OID, they will be the same, so just display the OID alone.
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after
665 std::string ProcessGeneralNames(GENERAL_NAMES* names) { 666 std::string ProcessGeneralNames(GENERAL_NAMES* names) {
666 std::string rv; 667 std::string rv;
667 for (int i = 0; i < sk_GENERAL_NAME_num(names); ++i) { 668 for (int i = 0; i < sk_GENERAL_NAME_num(names); ++i) {
668 GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i); 669 GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i);
669 rv += ProcessGeneralName(name); 670 rv += ProcessGeneralName(name);
670 } 671 }
671 return rv; 672 return rv;
672 } 673 }
673 674
674 std::string ProcessAltName(X509_EXTENSION* ex) { 675 std::string ProcessAltName(X509_EXTENSION* ex) {
675 crypto::ScopedOpenSSL<GENERAL_NAMES, GENERAL_NAMES_free> alt_names( 676 crypto::ScopedOpenSSL<GENERAL_NAMES, GENERAL_NAMES_free>::Type alt_names(
676 reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(ex))); 677 reinterpret_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(ex)));
677 if (!alt_names.get()) 678 if (!alt_names.get())
678 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 679 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
679 680
680 return ProcessGeneralNames(alt_names.get()); 681 return ProcessGeneralNames(alt_names.get());
681 } 682 }
682 683
683 std::string ProcessSubjectKeyId(X509_EXTENSION* ex) { 684 std::string ProcessSubjectKeyId(X509_EXTENSION* ex) {
684 crypto::ScopedOpenSSL<ASN1_OCTET_STRING, ASN1_OCTET_STRING_free> value( 685 crypto::ScopedOpenSSL<ASN1_OCTET_STRING, ASN1_OCTET_STRING_free>::Type value(
685 reinterpret_cast<ASN1_OCTET_STRING*>(X509V3_EXT_d2i(ex))); 686 reinterpret_cast<ASN1_OCTET_STRING*>(X509V3_EXT_d2i(ex)));
686 if (!value.get()) 687 if (!value.get())
687 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 688 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
688 689
689 return l10n_util::GetStringFUTF8( 690 return l10n_util::GetStringFUTF8(
690 IDS_CERT_KEYID_FORMAT, 691 IDS_CERT_KEYID_FORMAT,
691 base::ASCIIToUTF16(ProcessRawAsn1String(value.get()))); 692 base::ASCIIToUTF16(ProcessRawAsn1String(value.get())));
692 } 693 }
693 694
694 std::string ProcessAuthKeyId(X509_EXTENSION* ex) { 695 std::string ProcessAuthKeyId(X509_EXTENSION* ex) {
695 std::string rv; 696 std::string rv;
696 crypto::ScopedOpenSSL<AUTHORITY_KEYID, AUTHORITY_KEYID_free> value( 697 crypto::ScopedOpenSSL<AUTHORITY_KEYID, AUTHORITY_KEYID_free>::Type value(
697 reinterpret_cast<AUTHORITY_KEYID*>(X509V3_EXT_d2i(ex))); 698 reinterpret_cast<AUTHORITY_KEYID*>(X509V3_EXT_d2i(ex)));
698 if (!value.get()) 699 if (!value.get())
699 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 700 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
700 701
701 if (value.get()->keyid && ASN1_STRING_length(value.get()->keyid) > 0) { 702 if (value.get()->keyid && ASN1_STRING_length(value.get()->keyid) > 0) {
702 rv += l10n_util::GetStringFUTF8( 703 rv += l10n_util::GetStringFUTF8(
703 IDS_CERT_KEYID_FORMAT, 704 IDS_CERT_KEYID_FORMAT,
704 base::ASCIIToUTF16(ProcessRawAsn1String(value.get()->keyid))); 705 base::ASCIIToUTF16(ProcessRawAsn1String(value.get()->keyid)));
705 rv += '\n'; 706 rv += '\n';
706 } 707 }
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after
742 } 743 }
743 if (notice->exptext && notice->exptext->length != 0) { 744 if (notice->exptext && notice->exptext->length != 0) {
744 rv += "\n "; 745 rv += "\n ";
745 rv += Asn1StringToUTF8(notice->exptext); 746 rv += Asn1StringToUTF8(notice->exptext);
746 } 747 }
747 return rv; 748 return rv;
748 } 749 }
749 750
750 std::string ProcessCertificatePolicies(X509_EXTENSION* ex) { 751 std::string ProcessCertificatePolicies(X509_EXTENSION* ex) {
751 std::string rv; 752 std::string rv;
752 crypto::ScopedOpenSSL<CERTIFICATEPOLICIES, CERTIFICATEPOLICIES_free> policies( 753 crypto::ScopedOpenSSL<CERTIFICATEPOLICIES, CERTIFICATEPOLICIES_free>::Type
753 reinterpret_cast<CERTIFICATEPOLICIES*>(X509V3_EXT_d2i(ex))); 754 policies(reinterpret_cast<CERTIFICATEPOLICIES*>(X509V3_EXT_d2i(ex)));
754 755
755 if (!policies.get()) 756 if (!policies.get())
756 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 757 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
757 758
758 for (int i = 0; i < sk_POLICYINFO_num(policies.get()); ++i) { 759 for (int i = 0; i < sk_POLICYINFO_num(policies.get()); ++i) {
759 POLICYINFO* info = sk_POLICYINFO_value(policies.get(), i); 760 POLICYINFO* info = sk_POLICYINFO_value(policies.get(), i);
760 std::string key = Asn1ObjectToString(info->policyid); 761 std::string key = Asn1ObjectToString(info->policyid);
761 // If we have policy qualifiers, display the oid text 762 // If we have policy qualifiers, display the oid text
762 // with a ':', otherwise just put the oid text and a newline. 763 // with a ':', otherwise just put the oid text and a newline.
763 if (info->qualifiers && sk_POLICYQUALINFO_num(info->qualifiers)) { 764 if (info->qualifiers && sk_POLICYQUALINFO_num(info->qualifiers)) {
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
813 {6, IDS_CERT_REVOCATION_REASON_CERTIFICATE_HOLD}, 814 {6, IDS_CERT_REVOCATION_REASON_CERTIFICATE_HOLD},
814 {7, IDS_CERT_REVOCATION_REASON_PRIVILEGE_WITHDRAWN}, 815 {7, IDS_CERT_REVOCATION_REASON_PRIVILEGE_WITHDRAWN},
815 {8, IDS_CERT_REVOCATION_REASON_AA_COMPROMISE}, 816 {8, IDS_CERT_REVOCATION_REASON_AA_COMPROMISE},
816 }; 817 };
817 // OpenSSL doesn't define constants for the DIST_POINT type field. These 818 // OpenSSL doesn't define constants for the DIST_POINT type field. These
818 // values are from reading openssl/crypto/x509v3/v3_crld.c 819 // values are from reading openssl/crypto/x509v3/v3_crld.c
819 const int kDistPointFullName = 0; 820 const int kDistPointFullName = 0;
820 const int kDistPointRelativeName = 1; 821 const int kDistPointRelativeName = 1;
821 822
822 std::string rv; 823 std::string rv;
823 crypto::ScopedOpenSSL<CRL_DIST_POINTS, CRL_DIST_POINTS_free> dist_points( 824 crypto::ScopedOpenSSL<CRL_DIST_POINTS, CRL_DIST_POINTS_free>::Type
824 reinterpret_cast<CRL_DIST_POINTS*>(X509V3_EXT_d2i(ex))); 825 dist_points(reinterpret_cast<CRL_DIST_POINTS*>(X509V3_EXT_d2i(ex)));
825 826
826 if (!dist_points.get()) 827 if (!dist_points.get())
827 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 828 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
828 829
829 for (int i = 0; i < sk_DIST_POINT_num(dist_points.get()); ++i) { 830 for (int i = 0; i < sk_DIST_POINT_num(dist_points.get()); ++i) {
830 DIST_POINT* point = sk_DIST_POINT_value(dist_points.get(), i); 831 DIST_POINT* point = sk_DIST_POINT_value(dist_points.get(), i);
831 if (point->distpoint) { 832 if (point->distpoint) {
832 switch (point->distpoint->type) { 833 switch (point->distpoint->type) {
833 case kDistPointFullName: 834 case kDistPointFullName:
834 rv += ProcessGeneralNames(point->distpoint->name.fullname); 835 rv += ProcessGeneralNames(point->distpoint->name.fullname);
(...skipping 19 matching lines...) Expand all
854 IDS_CERT_ISSUER_FORMAT, 855 IDS_CERT_ISSUER_FORMAT,
855 base::UTF8ToUTF16(ProcessGeneralNames(point->CRLissuer))); 856 base::UTF8ToUTF16(ProcessGeneralNames(point->CRLissuer)));
856 } 857 }
857 } 858 }
858 859
859 return rv; 860 return rv;
860 } 861 }
861 862
862 std::string ProcessAuthInfoAccess(X509_EXTENSION* ex) { 863 std::string ProcessAuthInfoAccess(X509_EXTENSION* ex) {
863 std::string rv; 864 std::string rv;
864 crypto::ScopedOpenSSL<AUTHORITY_INFO_ACCESS, AUTHORITY_INFO_ACCESS_free> aia( 865 crypto::ScopedOpenSSL<AUTHORITY_INFO_ACCESS, AUTHORITY_INFO_ACCESS_free>::Type
865 reinterpret_cast<AUTHORITY_INFO_ACCESS*>(X509V3_EXT_d2i(ex))); 866 aia(reinterpret_cast<AUTHORITY_INFO_ACCESS*>(X509V3_EXT_d2i(ex)));
866 867
867 if (!aia.get()) 868 if (!aia.get())
868 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 869 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
869 870
870 for (int i = 0; i < sk_ACCESS_DESCRIPTION_num(aia.get()); ++i) { 871 for (int i = 0; i < sk_ACCESS_DESCRIPTION_num(aia.get()); ++i) {
871 ACCESS_DESCRIPTION* desc = sk_ACCESS_DESCRIPTION_value(aia.get(), i); 872 ACCESS_DESCRIPTION* desc = sk_ACCESS_DESCRIPTION_value(aia.get(), i);
872 873
873 base::string16 location_str = 874 base::string16 location_str =
874 base::UTF8ToUTF16(ProcessGeneralName(desc->location)); 875 base::UTF8ToUTF16(ProcessGeneralName(desc->location));
875 switch (OBJ_obj2nid(desc->method)) { 876 switch (OBJ_obj2nid(desc->method)) {
(...skipping 11 matching lines...) Expand all
887 base::UTF8ToUTF16(Asn1ObjectToString(desc->method)), 888 base::UTF8ToUTF16(Asn1ObjectToString(desc->method)),
888 location_str); 889 location_str);
889 break; 890 break;
890 } 891 }
891 } 892 }
892 return rv; 893 return rv;
893 } 894 }
894 895
895 std::string ProcessIA5StringData(ASN1_OCTET_STRING* asn1_string) { 896 std::string ProcessIA5StringData(ASN1_OCTET_STRING* asn1_string) {
896 const unsigned char* data = ASN1_STRING_data(asn1_string); 897 const unsigned char* data = ASN1_STRING_data(asn1_string);
897 crypto::ScopedOpenSSL<ASN1_IA5STRING, ASN1_IA5STRING_free> ia5_string( 898 crypto::ScopedOpenSSL<ASN1_IA5STRING, ASN1_IA5STRING_free>::Type ia5_string(
898 d2i_ASN1_IA5STRING(NULL, &data, ASN1_STRING_length(asn1_string))); 899 d2i_ASN1_IA5STRING(NULL, &data, ASN1_STRING_length(asn1_string)));
899 900
900 if (!ia5_string.get()) 901 if (!ia5_string.get())
901 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 902 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
902 903
903 return std::string( 904 return std::string(
904 reinterpret_cast<char*>(ASN1_STRING_data(ia5_string.get())), 905 reinterpret_cast<char*>(ASN1_STRING_data(ia5_string.get())),
905 ASN1_STRING_length(ia5_string.get())); 906 ASN1_STRING_length(ia5_string.get()));
906 } 907 }
907 908
908 std::string ProcessBMPStringData(ASN1_OCTET_STRING* asn1_string) { 909 std::string ProcessBMPStringData(ASN1_OCTET_STRING* asn1_string) {
909 const unsigned char* data = ASN1_STRING_data(asn1_string); 910 const unsigned char* data = ASN1_STRING_data(asn1_string);
910 crypto::ScopedOpenSSL<ASN1_BMPSTRING, ASN1_BMPSTRING_free> bmp_string( 911 crypto::ScopedOpenSSL<ASN1_BMPSTRING, ASN1_BMPSTRING_free>::Type bmp_string(
911 d2i_ASN1_BMPSTRING(NULL, &data, ASN1_STRING_length(asn1_string))); 912 d2i_ASN1_BMPSTRING(NULL, &data, ASN1_STRING_length(asn1_string)));
912 913
913 if (!bmp_string.get()) 914 if (!bmp_string.get())
914 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR); 915 return l10n_util::GetStringUTF8(IDS_CERT_EXTENSION_DUMP_ERROR);
915 916
916 return Asn1StringToUTF8(bmp_string.get()); 917 return Asn1StringToUTF8(bmp_string.get());
917 } 918 }
918 919
919 std::string X509ExtensionValueToString(X509_EXTENSION* ex) { 920 std::string X509ExtensionValueToString(X509_EXTENSION* ex) {
920 g_dynamic_oid_registerer.Get(); 921 g_dynamic_oid_registerer.Get();
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after
963 } // namespace 964 } // namespace
964 965
965 using net::X509Certificate; 966 using net::X509Certificate;
966 967
967 std::string GetCertNameOrNickname(X509Certificate::OSCertHandle cert_handle) { 968 std::string GetCertNameOrNickname(X509Certificate::OSCertHandle cert_handle) {
968 std::string name = 969 std::string name =
969 ProcessIDN(GetSubjectCommonName(cert_handle, std::string())); 970 ProcessIDN(GetSubjectCommonName(cert_handle, std::string()));
970 if (!name.empty()) 971 if (!name.empty())
971 return name; 972 return name;
972 973
973 crypto::ScopedOpenSSL<BIO, BIO_free_all> bio(crypto::BIO_new_string(&name)); 974 crypto::ScopedBIO bio(crypto::BIO_new_string(&name));
974 if (!bio.get()) 975 if (!bio.get())
975 return name; 976 return name;
976 X509_NAME_print_ex(bio.get(), 977 X509_NAME_print_ex(bio.get(),
977 X509_get_subject_name(cert_handle), 978 X509_get_subject_name(cert_handle),
978 0 /* indent */, 979 0 /* indent */,
979 XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB); 980 XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB);
980 return name; 981 return name;
981 } 982 }
982 983
983 std::string GetTokenName(X509Certificate::OSCertHandle cert_handle) { 984 std::string GetTokenName(X509Certificate::OSCertHandle cert_handle) {
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after
1073 1074
1074 std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle) { 1075 std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle) {
1075 // TODO(mattm): merge GetTitle and GetCertNameOrNickname? 1076 // TODO(mattm): merge GetTitle and GetCertNameOrNickname?
1076 // Is there any reason GetCertNameOrNickname calls ProcessIDN and this 1077 // Is there any reason GetCertNameOrNickname calls ProcessIDN and this
1077 // doesn't? 1078 // doesn't?
1078 std::string title = 1079 std::string title =
1079 GetSubjectCommonName(cert_handle, std::string()); 1080 GetSubjectCommonName(cert_handle, std::string());
1080 if (!title.empty()) 1081 if (!title.empty())
1081 return title; 1082 return title;
1082 1083
1083 crypto::ScopedOpenSSL<BIO, BIO_free_all> bio(crypto::BIO_new_string(&title)); 1084 crypto::ScopedBIO bio(crypto::BIO_new_string(&title));
1084 if (!bio.get()) 1085 if (!bio.get())
1085 return title; 1086 return title;
1086 X509_NAME_print_ex(bio.get(), 1087 X509_NAME_print_ex(bio.get(),
1087 X509_get_subject_name(cert_handle), 1088 X509_get_subject_name(cert_handle),
1088 0 /* indent */, 1089 0 /* indent */,
1089 XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB); 1090 XN_FLAG_RFC2253 & ~ASN1_STRFLGS_ESC_MSB);
1090 return title; 1091 return title;
1091 } 1092 }
1092 1093
1093 std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle) { 1094 std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle) {
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
1143 void DestroyCertChain(net::X509Certificate::OSCertHandles* cert_handles) { 1144 void DestroyCertChain(net::X509Certificate::OSCertHandles* cert_handles) {
1144 for (net::X509Certificate::OSCertHandles::iterator i = cert_handles->begin(); 1145 for (net::X509Certificate::OSCertHandles::iterator i = cert_handles->begin();
1145 i != cert_handles->end(); ++i) 1146 i != cert_handles->end(); ++i)
1146 X509_free(*i); 1147 X509_free(*i);
1147 cert_handles->clear(); 1148 cert_handles->clear();
1148 } 1149 }
1149 1150
1150 std::string GetCMSString(const net::X509Certificate::OSCertHandles& cert_chain, 1151 std::string GetCMSString(const net::X509Certificate::OSCertHandles& cert_chain,
1151 size_t start, size_t end) { 1152 size_t start, size_t end) {
1152 std::string rv; 1153 std::string rv;
1153 crypto::ScopedOpenSSL<PKCS7, PKCS7_free> p7(PKCS7_new()); 1154 crypto::ScopedOpenSSL<PKCS7, PKCS7_free>::Type p7(PKCS7_new());
1154 if (!p7.get()) 1155 if (!p7.get())
1155 return rv; 1156 return rv;
1156 if (!PKCS7_set_type(p7.get(), NID_pkcs7_signed)) 1157 if (!PKCS7_set_type(p7.get(), NID_pkcs7_signed))
1157 return rv; 1158 return rv;
1158 1159
1159 for (size_t i = start; i < end; ++i) { 1160 for (size_t i = start; i < end; ++i) {
1160 if (!PKCS7_add_certificate(p7.get(), cert_chain[i])) 1161 if (!PKCS7_add_certificate(p7.get(), cert_chain[i]))
1161 return rv; 1162 return rv;
1162 } 1163 }
1163 1164
1164 crypto::ScopedOpenSSL<BIO, BIO_free_all> bio(crypto::BIO_new_string(&rv)); 1165 crypto::ScopedOpenSSL<BIO, BIO_free_all>::Type bio(
1166 crypto::BIO_new_string(&rv));
1165 if (!bio.get()) 1167 if (!bio.get())
1166 return rv; 1168 return rv;
1167 1169
1168 if (!i2d_PKCS7_bio(bio.get(), p7.get())) { 1170 if (!i2d_PKCS7_bio(bio.get(), p7.get())) {
1169 rv.clear(); 1171 rv.clear();
1170 return rv; 1172 return rv;
1171 } 1173 }
1172 1174
1173 return rv; 1175 return rv;
1174 } 1176 }
(...skipping 10 matching lines...) Expand all
1185 } 1187 }
1186 1188
1187 std::string ProcessSecAlgorithmSignatureWrap( 1189 std::string ProcessSecAlgorithmSignatureWrap(
1188 net::X509Certificate::OSCertHandle cert_handle) { 1190 net::X509Certificate::OSCertHandle cert_handle) {
1189 return Asn1ObjectToString(cert_handle->sig_alg->algorithm); 1191 return Asn1ObjectToString(cert_handle->sig_alg->algorithm);
1190 } 1192 }
1191 1193
1192 std::string ProcessSubjectPublicKeyInfo( 1194 std::string ProcessSubjectPublicKeyInfo(
1193 net::X509Certificate::OSCertHandle cert_handle) { 1195 net::X509Certificate::OSCertHandle cert_handle) {
1194 std::string rv; 1196 std::string rv;
1195 crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> public_key( 1197 crypto::ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free>::Type public_key(
1196 X509_get_pubkey(cert_handle)); 1198 X509_get_pubkey(cert_handle));
1197 if (!public_key.get()) 1199 if (!public_key.get())
1198 return rv; 1200 return rv;
1199 switch (EVP_PKEY_type(public_key.get()->type)) { 1201 switch (EVP_PKEY_type(public_key.get()->type)) {
1200 case EVP_PKEY_RSA: { 1202 case EVP_PKEY_RSA: {
1201 crypto::ScopedOpenSSL<RSA, RSA_free> rsa_key( 1203 crypto::ScopedOpenSSL<RSA, RSA_free>::Type rsa_key(
1202 EVP_PKEY_get1_RSA(public_key.get())); 1204 EVP_PKEY_get1_RSA(public_key.get()));
1203 if (!rsa_key.get()) 1205 if (!rsa_key.get())
1204 return rv; 1206 return rv;
1205 rv = l10n_util::GetStringFUTF8( 1207 rv = l10n_util::GetStringFUTF8(
1206 IDS_CERT_RSA_PUBLIC_KEY_DUMP_FORMAT, 1208 IDS_CERT_RSA_PUBLIC_KEY_DUMP_FORMAT,
1207 base::UintToString16(BN_num_bits(rsa_key.get()->n)), 1209 base::UintToString16(BN_num_bits(rsa_key.get()->n)),
1208 base::UTF8ToUTF16(ProcessRawBignum(rsa_key.get()->n)), 1210 base::UTF8ToUTF16(ProcessRawBignum(rsa_key.get()->n)),
1209 base::UintToString16(BN_num_bits(rsa_key.get()->e)), 1211 base::UintToString16(BN_num_bits(rsa_key.get()->e)),
1210 base::UTF8ToUTF16(ProcessRawBignum(rsa_key.get()->e))); 1212 base::UTF8ToUTF16(ProcessRawBignum(rsa_key.get()->e)));
1211 return rv; 1213 return rv;
1212 } 1214 }
1213 default: 1215 default:
1214 rv = ProcessRawAsn1String(X509_get_X509_PUBKEY(cert_handle)->public_key); 1216 rv = ProcessRawAsn1String(X509_get_X509_PUBKEY(cert_handle)->public_key);
1215 return rv; 1217 return rv;
1216 } 1218 }
1217 } 1219 }
1218 1220
1219 std::string ProcessRawBitsSignatureWrap( 1221 std::string ProcessRawBitsSignatureWrap(
1220 net::X509Certificate::OSCertHandle cert_handle) { 1222 net::X509Certificate::OSCertHandle cert_handle) {
1221 // TODO(bulach): implement me. 1223 // TODO(bulach): implement me.
1222 return ""; 1224 return "";
1223 } 1225 }
1224 1226
1225 } // namespace x509_certificate_model 1227 } // namespace x509_certificate_model
OLDNEW
« no previous file with comments | « no previous file | content/child/webcrypto/platform_crypto_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698