| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 1408 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1419 if (os_error == noErr) { | 1419 if (os_error == noErr) { |
| 1420 os_error = SecIdentityCopyPrivateKey(identity, &private_key); | 1420 os_error = SecIdentityCopyPrivateKey(identity, &private_key); |
| 1421 CFRelease(identity); | 1421 CFRelease(identity); |
| 1422 } | 1422 } |
| 1423 | 1423 |
| 1424 if (os_error == noErr) { | 1424 if (os_error == noErr) { |
| 1425 // TODO(rsleevi): Error checking for NSS allocation errors. | 1425 // TODO(rsleevi): Error checking for NSS allocation errors. |
| 1426 *result_certs = CERT_NewCertList(); | 1426 *result_certs = CERT_NewCertList(); |
| 1427 *result_private_key = private_key; | 1427 *result_private_key = private_key; |
| 1428 | 1428 |
| 1429 chain.push_back(core->ssl_config_.client_cert->os_cert_handle()); | 1429 core->ssl_config_.client_cert->GetCertificateChain(&chain); |
| 1430 const X509Certificate::OSCertHandles& intermediates = | |
| 1431 core->ssl_config_.client_cert->GetIntermediateCertificates(); | |
| 1432 if (!intermediates.empty()) | |
| 1433 chain.insert(chain.end(), intermediates.begin(), intermediates.end()); | |
| 1434 | |
| 1435 for (size_t i = 0, chain_count = chain.size(); i < chain_count; ++i) { | 1430 for (size_t i = 0, chain_count = chain.size(); i < chain_count; ++i) { |
| 1436 CSSM_DATA cert_data; | 1431 CSSM_DATA cert_data; |
| 1437 SecCertificateRef cert_ref = chain[i]; | 1432 SecCertificateRef cert_ref = chain[i]; |
| 1438 os_error = SecCertificateGetData(cert_ref, &cert_data); | 1433 os_error = SecCertificateGetData(cert_ref, &cert_data); |
| 1439 if (os_error != noErr) | 1434 if (os_error != noErr) |
| 1440 break; | 1435 break; |
| 1441 | 1436 |
| 1442 SECItem der_cert; | 1437 SECItem der_cert; |
| 1443 der_cert.type = siDERCertBuffer; | 1438 der_cert.type = siDERCertBuffer; |
| 1444 der_cert.data = cert_data.Data; | 1439 der_cert.data = cert_data.Data; |
| (...skipping 2144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3589 scoped_refptr<X509Certificate> | 3584 scoped_refptr<X509Certificate> |
| 3590 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { | 3585 SSLClientSocketNSS::GetUnverifiedServerCertificateChain() const { |
| 3591 return core_->state().server_cert.get(); | 3586 return core_->state().server_cert.get(); |
| 3592 } | 3587 } |
| 3593 | 3588 |
| 3594 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { | 3589 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { |
| 3595 return server_bound_cert_service_; | 3590 return server_bound_cert_service_; |
| 3596 } | 3591 } |
| 3597 | 3592 |
| 3598 } // namespace net | 3593 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 376753002:
Fix webui cert viewer showing wrong cert chain on NSS and no chain on OpenSSL. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src