| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
| 6 | 6 |
| 7 #include <blapi.h> // Implement CalculateChainFingerprint() with NSS. | 7 #include <blapi.h> // Implement CalculateChainFingerprint() with NSS. |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
| (...skipping 295 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 306 SHA1HashValue sha1; | 306 SHA1HashValue sha1; |
| 307 DWORD sha1_size = sizeof(sha1.data); | 307 DWORD sha1_size = sizeof(sha1.data); |
| 308 rv = CryptHashCertificate(NULL, CALG_SHA1, 0, cert->pbCertEncoded, | 308 rv = CryptHashCertificate(NULL, CALG_SHA1, 0, cert->pbCertEncoded, |
| 309 cert->cbCertEncoded, sha1.data, &sha1_size); | 309 cert->cbCertEncoded, sha1.data, &sha1_size); |
| 310 DCHECK(rv && sha1_size == sizeof(sha1.data)); | 310 DCHECK(rv && sha1_size == sizeof(sha1.data)); |
| 311 if (!rv) | 311 if (!rv) |
| 312 memset(sha1.data, 0, sizeof(sha1.data)); | 312 memset(sha1.data, 0, sizeof(sha1.data)); |
| 313 return sha1; | 313 return sha1; |
| 314 } | 314 } |
| 315 | 315 |
| 316 // static |
| 317 SHA256HashValue X509Certificate::CalculateFingerprint256(OSCertHandle cert) { |
| 318 DCHECK(NULL != cert->pbCertEncoded); |
| 319 DCHECK_NE(static_cast<DWORD>(0), cert->cbCertEncoded); |
| 320 |
| 321 BOOL rv; |
| 322 SHA256HashValue sha256; |
| 323 DWORD sha256_size = sizeof(sha256.data); |
| 324 rv = CryptHashCertificate(NULL, |
| 325 CALG_SHA_256, |
| 326 0, |
| 327 cert->pbCertEncoded, |
| 328 cert->cbCertEncoded, |
| 329 sha256.data, |
| 330 &sha256_size); |
| 331 DCHECK(rv && sha256_size == sizeof(sha256.data)); |
| 332 if (!rv) |
| 333 memset(sha256.data, 0, sizeof(sha256.data)); |
| 334 return sha256; |
| 335 } |
| 336 |
| 316 // TODO(wtc): This function is implemented with NSS low-level hash | 337 // TODO(wtc): This function is implemented with NSS low-level hash |
| 317 // functions to ensure it is fast. Reimplement this function with | 338 // functions to ensure it is fast. Reimplement this function with |
| 318 // CryptoAPI. May need to cache the HCRYPTPROV to reduce the overhead. | 339 // CryptoAPI. May need to cache the HCRYPTPROV to reduce the overhead. |
| 319 // static | 340 // static |
| 320 SHA1HashValue X509Certificate::CalculateCAFingerprint( | 341 SHA1HashValue X509Certificate::CalculateCAFingerprint( |
| 321 const OSCertHandles& intermediates) { | 342 const OSCertHandles& intermediates) { |
| 322 SHA1HashValue sha1; | 343 SHA1HashValue sha1; |
| 323 memset(sha1.data, 0, sizeof(sha1.data)); | 344 memset(sha1.data, 0, sizeof(sha1.data)); |
| 324 | 345 |
| 325 SHA1Context* sha1_ctx = SHA1_NewContext(); | 346 SHA1Context* sha1_ctx = SHA1_NewContext(); |
| (...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 445 if (IsCertNameBlobInIssuerList(&(*it)->pCertInfo->Issuer, | 466 if (IsCertNameBlobInIssuerList(&(*it)->pCertInfo->Issuer, |
| 446 valid_issuers)) { | 467 valid_issuers)) { |
| 447 return true; | 468 return true; |
| 448 } | 469 } |
| 449 } | 470 } |
| 450 | 471 |
| 451 return false; | 472 return false; |
| 452 } | 473 } |
| 453 | 474 |
| 454 } // namespace net | 475 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 462543002:
Certificate Transparency: Code for unpacking EV cert hashes whitelist (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master