| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
| 6 | 6 |
| 7 #include <blapi.h> // Implement CalculateChainFingerprint() with NSS. | 7 #include <blapi.h> // Implement CalculateChainFingerprint() with NSS. |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
| (...skipping 295 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 306 SHA1HashValue sha1; | 306 SHA1HashValue sha1; |
| 307 DWORD sha1_size = sizeof(sha1.data); | 307 DWORD sha1_size = sizeof(sha1.data); |
| 308 rv = CryptHashCertificate(NULL, CALG_SHA1, 0, cert->pbCertEncoded, | 308 rv = CryptHashCertificate(NULL, CALG_SHA1, 0, cert->pbCertEncoded, |
| 309 cert->cbCertEncoded, sha1.data, &sha1_size); | 309 cert->cbCertEncoded, sha1.data, &sha1_size); |
| 310 DCHECK(rv && sha1_size == sizeof(sha1.data)); | 310 DCHECK(rv && sha1_size == sizeof(sha1.data)); |
| 311 if (!rv) | 311 if (!rv) |
| 312 memset(sha1.data, 0, sizeof(sha1.data)); | 312 memset(sha1.data, 0, sizeof(sha1.data)); |
| 313 return sha1; | 313 return sha1; |
| 314 } | 314 } |
| 315 | 315 |
| 316 // static | |
| 317 SHA256HashValue X509Certificate::CalculateFingerprint256(OSCertHandle cert) { | |
| 318 DCHECK(NULL != cert->pbCertEncoded); | |
| 319 DCHECK_NE(static_cast<DWORD>(0), cert->cbCertEncoded); | |
| 320 | |
| 321 BOOL rv; | |
| 322 SHA256HashValue sha256; | |
| 323 DWORD sha256_size = sizeof(sha256.data); | |
| 324 rv = CryptHashCertificate(NULL, | |
| 325 CALG_SHA_256, | |
| 326 0, | |
| 327 cert->pbCertEncoded, | |
| 328 cert->cbCertEncoded, | |
| 329 sha256.data, | |
| 330 &sha256_size); | |
| 331 DCHECK(rv && sha256_size == sizeof(sha256.data)); | |
| 332 if (!rv) | |
| 333 memset(sha256.data, 0, sizeof(sha256.data)); | |
| 334 return sha256; | |
| 335 } | |
| 336 | |
| 337 // TODO(wtc): This function is implemented with NSS low-level hash | 316 // TODO(wtc): This function is implemented with NSS low-level hash |
| 338 // functions to ensure it is fast. Reimplement this function with | 317 // functions to ensure it is fast. Reimplement this function with |
| 339 // CryptoAPI. May need to cache the HCRYPTPROV to reduce the overhead. | 318 // CryptoAPI. May need to cache the HCRYPTPROV to reduce the overhead. |
| 340 // static | 319 // static |
| 341 SHA1HashValue X509Certificate::CalculateCAFingerprint( | 320 SHA1HashValue X509Certificate::CalculateCAFingerprint( |
| 342 const OSCertHandles& intermediates) { | 321 const OSCertHandles& intermediates) { |
| 343 SHA1HashValue sha1; | 322 SHA1HashValue sha1; |
| 344 memset(sha1.data, 0, sizeof(sha1.data)); | 323 memset(sha1.data, 0, sizeof(sha1.data)); |
| 345 | 324 |
| 346 SHA1Context* sha1_ctx = SHA1_NewContext(); | 325 SHA1Context* sha1_ctx = SHA1_NewContext(); |
| (...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 466 if (IsCertNameBlobInIssuerList(&(*it)->pCertInfo->Issuer, | 445 if (IsCertNameBlobInIssuerList(&(*it)->pCertInfo->Issuer, |
| 467 valid_issuers)) { | 446 valid_issuers)) { |
| 468 return true; | 447 return true; |
| 469 } | 448 } |
| 470 } | 449 } |
| 471 | 450 |
| 472 return false; | 451 return false; |
| 473 } | 452 } |
| 474 | 453 |
| 475 } // namespace net | 454 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 542673002:
Revert "Certificate Transparency: Code for unpacking EV cert hashes whitelist" (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master