Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(180)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/x509_certificate.cc

Issue 412263003: Add SHA-256 fingerprint functions to x509 certs. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Small fix from trybot failures Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/cert/x509_certificate.h ('K') | « net/cert/x509_certificate.h ('k') | net/cert/x509_certificate_unittest.cc » ('j') | net/cert/x509_certificate_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/x509_certificate.cc
diff --git a/net/cert/x509_certificate.cc b/net/cert/x509_certificate.cc
index 052b7b7ecc166a76f8638584a200c657e8656fc6..c9cb758f3881a7b28ed856bcd87d1fce1cac22b4 100644
--- a/net/cert/x509_certificate.cc
+++ b/net/cert/x509_certificate.cc
@@ -14,6 +14,7 @@
#include "base/base64.h"
#include "base/lazy_instance.h"
#include "base/logging.h"
+#include "base/memory/scoped_ptr.h"
#include "base/memory/singleton.h"
#include "base/metrics/histogram.h"
#include "base/pickle.h"
@@ -22,6 +23,7 @@
#include "base/strings/string_util.h"
#include "base/synchronization/lock.h"
#include "base/time/time.h"
+#include "crypto/secure_hash.h"
#include "net/base/net_util.h"
#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
#include "net/cert/pem_tokenizer.h"
@@ -705,6 +707,37 @@ bool X509Certificate::GetPEMEncodedChain(
return true;
}
+// static
+SHA256HashValue X509Certificate::CalculateCAFingerprint256(
+ const OSCertHandles& intermediates) {
+ SHA256HashValue sha256;
+ memset(sha256.data, 0, sizeof(sha256.data));
+
+ scoped_ptr<crypto::SecureHash> hash(
+ crypto::SecureHash::Create(crypto::SecureHash::SHA256));
+
+ for (size_t i = 0; i < intermediates.size(); ++i) {
+ std::string der_encoded;
+ if (!GetDEREncoded(intermediates[i], &der_encoded))
+ return sha256;
+ hash->Update(der_encoded.c_str(), der_encoded.length());
wtc 2014/07/28 17:29:52 Nit: use data() instead of c_str() because we don'
jww 2014/07/28 18:36:13 Done.
+ }
+ hash->Finish(sha256.data, sizeof(sha256.data));
+
+ return sha256;
+}
+
+// static
+SHA256HashValue X509Certificate::CalculateChainFingerprint256(
+ const OSCertHandle& leaf,
+ const OSCertHandles& intermediates) {
+ OSCertHandles chain;
+ chain.push_back(leaf);
+ chain.insert(chain.end(), intermediates.begin(), intermediates.end());
+
+ return CalculateCAFingerprint256(chain);
+}
+
X509Certificate::X509Certificate(OSCertHandle cert_handle,
const OSCertHandles& intermediates)
: cert_handle_(DupOSCertHandle(cert_handle)) {
« net/cert/x509_certificate.h ('K') | « net/cert/x509_certificate.h ('k') | net/cert/x509_certificate_unittest.cc » ('j') | net/cert/x509_certificate_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698