Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(191)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/x509_certificate.cc

Issue 412263003: Add SHA-256 fingerprint functions to x509 certs. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Add comment to CalculateCAFingerprint256 Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/cert/x509_certificate.h ('K') | « net/cert/x509_certificate.h ('k') | net/cert/x509_certificate_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/x509_certificate.cc
diff --git a/net/cert/x509_certificate.cc b/net/cert/x509_certificate.cc
index 052b7b7ecc166a76f8638584a200c657e8656fc6..5cb2e90a9d846af34e3f8ff6e2fc3163dea3c088 100644
--- a/net/cert/x509_certificate.cc
+++ b/net/cert/x509_certificate.cc
@@ -14,6 +14,7 @@
#include "base/base64.h"
#include "base/lazy_instance.h"
#include "base/logging.h"
+#include "base/memory/scoped_ptr.h"
#include "base/memory/singleton.h"
#include "base/metrics/histogram.h"
#include "base/pickle.h"
@@ -22,6 +23,7 @@
#include "base/strings/string_util.h"
#include "base/synchronization/lock.h"
#include "base/time/time.h"
+#include "crypto/secure_hash.h"
#include "net/base/net_util.h"
#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
#include "net/cert/pem_tokenizer.h"
@@ -705,6 +707,37 @@ bool X509Certificate::GetPEMEncodedChain(
return true;
}
+// static
+SHA256HashValue X509Certificate::CalculateCAFingerprint256(
wtc 2014/07/26 01:25:12 You can move the code of this function to your cod
jww 2014/07/26 01:30:47 sleevi suggested that we want this as a generic wa
+ const OSCertHandles& intermediates) {
+ SHA256HashValue sha256;
+ memset(sha256.data, 0, sizeof(sha256.data));
+
+ scoped_ptr<crypto::SecureHash> hash(
+ crypto::SecureHash::Create(crypto::SecureHash::Algorithm::SHA256));
+
+ for (size_t i = 0; i < intermediates.size(); ++i) {
+ std::string der_encoded;
+ if (!GetDEREncoded(intermediates[i], &der_encoded))
Ryan Sleevi 2014/07/25 00:21:34 The only benefit to the platform implementation (a
+ return sha256;
+ hash->Update(der_encoded.c_str(), der_encoded.length());
+ }
+ hash->Finish(sha256.data, sizeof(sha256.data));
+
+ return sha256;
+}
+
+// static
+SHA256HashValue X509Certificate::CalculateFullChainFingerprint256(
+ const OSCertHandle& leaf,
+ const OSCertHandles& intermediates) {
+ OSCertHandles chain;
+ chain.push_back(leaf);
+ chain.insert(chain.end(), intermediates.begin(), intermediates.end());
+
+ return CalculateCAFingerprint256(chain);
+}
+
X509Certificate::X509Certificate(OSCertHandle cert_handle,
const OSCertHandles& intermediates)
: cert_handle_(DupOSCertHandle(cert_handle)) {
« net/cert/x509_certificate.h ('K') | « net/cert/x509_certificate.h ('k') | net/cert/x509_certificate_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698