Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(413)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/x509_certificate.h

Issue 421243003: Fixes to the SHA256 X509 Certificate fingerprint API. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/cert/x509_certificate.cc » ('j') | net/cert/x509_certificate_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_CERT_X509_CERTIFICATE_H_ 5 #ifndef NET_CERT_X509_CERTIFICATE_H_
6 #define NET_CERT_X509_CERTIFICATE_H_ 6 #define NET_CERT_X509_CERTIFICATE_H_
7 7
8 #include <string.h> 8 #include <string.h>
9 9
10 #include <string> 10 #include <string>
(...skipping 387 matching lines...) Expand 10 before | Expand all | Expand 10 after
398 // Calculates the SHA-1 fingerprint of the intermediate CA certificates. 398 // Calculates the SHA-1 fingerprint of the intermediate CA certificates.
399 // Returns an empty (all zero) fingerprint on failure. 399 // Returns an empty (all zero) fingerprint on failure.
400 // 400 //
401 // See SHA-1 caveat on CalculateFingerprint(). 401 // See SHA-1 caveat on CalculateFingerprint().
402 static SHA1HashValue CalculateCAFingerprint( 402 static SHA1HashValue CalculateCAFingerprint(
403 const OSCertHandles& intermediates); 403 const OSCertHandles& intermediates);
404 404
405 // Calculates the SHA-256 fingerprint of the intermediate CA certificates. 405 // Calculates the SHA-256 fingerprint of the intermediate CA certificates.
406 // Returns an empty (all zero) fingerprint on failure. 406 // Returns an empty (all zero) fingerprint on failure.
407 // 407 //
408 // The implementation currently relies on the crypto::SecureHash utilities, 408 // As part of the cross-platform implementation of this function, it currently
409 // which are not as fast as implementing this directly for each platform since 409 // copies the certificate bytes into local variables which makes it
410 // the consumers are not expected to be performance critical. If performance 410 // potentially slower than implementing it directly for each platform. For
411 // is a concern going forward, it may be warranted to implement this on a 411 // now, the expected consumers are not performance critical, but if
412 // per-platform basis. 412 // performance is a concern going forward, it may warrant implementing this on
413 // a per-platform basis.
413 static SHA256HashValue CalculateCAFingerprint256( 414 static SHA256HashValue CalculateCAFingerprint256(
414 const OSCertHandles& intermediates); 415 const OSCertHandles& intermediates);
415 416
416 // Calculates the SHA-256 fingerprint for the complete chain, including the 417 // Calculates the SHA-256 fingerprint for the complete chain, including the
417 // leaf certificate and all intermediate CA certificates. Returns an empty 418 // leaf certificate and all intermediate CA certificates. Returns an empty
418 // (all zero) fingerprint on failure. 419 // (all zero) fingerprint on failure.
419 static SHA256HashValue CalculateChainFingerprint256( 420 static SHA256HashValue CalculateChainFingerprint256(
420 const OSCertHandle& leaf, 421 OSCertHandle leaf,
421 const OSCertHandles& intermediates); 422 const OSCertHandles& intermediates);
422 423
423 private: 424 private:
424 friend class base::RefCountedThreadSafe<X509Certificate>; 425 friend class base::RefCountedThreadSafe<X509Certificate>;
425 friend class TestRootCerts; // For unit tests 426 friend class TestRootCerts; // For unit tests
426 427
427 FRIEND_TEST_ALL_PREFIXES(X509CertificateNameVerifyTest, VerifyHostname); 428 FRIEND_TEST_ALL_PREFIXES(X509CertificateNameVerifyTest, VerifyHostname);
428 FRIEND_TEST_ALL_PREFIXES(X509CertificateTest, SerialNumbers); 429 FRIEND_TEST_ALL_PREFIXES(X509CertificateTest, SerialNumbers);
429 430
430 // Construct an X509Certificate from a handle to the certificate object 431 // Construct an X509Certificate from a handle to the certificate object
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after
509 // based on the type of the certificate. 510 // based on the type of the certificate.
510 std::string default_nickname_; 511 std::string default_nickname_;
511 #endif 512 #endif
512 513
513 DISALLOW_COPY_AND_ASSIGN(X509Certificate); 514 DISALLOW_COPY_AND_ASSIGN(X509Certificate);
514 }; 515 };
515 516
516 } // namespace net 517 } // namespace net
517 518
518 #endif // NET_CERT_X509_CERTIFICATE_H_ 519 #endif // NET_CERT_X509_CERTIFICATE_H_
OLDNEW
« no previous file with comments | « no previous file | net/cert/x509_certificate.cc » ('j') | net/cert/x509_certificate_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698