net/cert/x509_certificate_ios.cc - Issue 547603002: Certificate Transparency: Code for unpacking EV cert hashes whitelist

Side by Side Diff: net/cert/x509_certificate_ios.cc

Issue 547603002: Certificate Transparency: Code for unpacking EV cert hashes whitelist (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Avoiding globals in favour of passing the SSLConfigService around Created 6 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/cert/x509_certificate.h"	5 #include "net/cert/x509_certificate.h"

6	6

7 #include <CommonCrypto/CommonDigest.h>	7 #include <CommonCrypto/CommonDigest.h>

8 #include <Security/Security.h>	8 #include <Security/Security.h>

9	9

10 #include <cert.h>	10 #include <cert.h>

(...skipping 168 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
179 if (!cert_data)	179 if (!cert_data)

180 return sha1;	180 return sha1;

181 DCHECK(CFDataGetBytePtr(cert_data));	181 DCHECK(CFDataGetBytePtr(cert_data));

182 DCHECK_NE(0, CFDataGetLength(cert_data));	182 DCHECK_NE(0, CFDataGetLength(cert_data));

183 CC_SHA1(CFDataGetBytePtr(cert_data), CFDataGetLength(cert_data), sha1.data);	183 CC_SHA1(CFDataGetBytePtr(cert_data), CFDataGetLength(cert_data), sha1.data);

184	184

185 return sha1;	185 return sha1;

186 }	186 }

187	187

188 // static	188 // static

	189 SHA256HashValue X509Certificate::CalculateFingerprint256(OSCertHandle cert) {

	190 SHA256HashValue sha256;

	191 memset(sha256.data, 0, sizeof(sha256.data));

	192

	193 ScopedCFTypeRef<CFDataRef> cert_data(SecCertificateCopyData(cert));

	194 if (!cert_data)

	195 return sha256;

	196 DCHECK(CFDataGetBytePtr(cert_data));

	197 DCHECK_NE(0, CFDataGetLength(cert_data));

	198 CC_SHA256(

	199 CFDataGetBytePtr(cert_data), CFDataGetLength(cert_data), sha256.data);

	200

	201 return sha256;

	202 }

	203

	204 // static

189 SHA1HashValue X509Certificate::CalculateCAFingerprint(	205 SHA1HashValue X509Certificate::CalculateCAFingerprint(

190 const OSCertHandles& intermediates) {	206 const OSCertHandles& intermediates) {

191 SHA1HashValue sha1;	207 SHA1HashValue sha1;

192 memset(sha1.data, 0, sizeof(sha1.data));	208 memset(sha1.data, 0, sizeof(sha1.data));

193	209

194 // The CC_SHA(3cc) man page says all CC_SHA1_xxx routines return 1, so	210 // The CC_SHA(3cc) man page says all CC_SHA1_xxx routines return 1, so

195 // we don't check their return values.	211 // we don't check their return values.

196 CC_SHA1_CTX sha1_ctx;	212 CC_SHA1_CTX sha1_ctx;

197 CC_SHA1_Init(&sha1_ctx);	213 CC_SHA1_Init(&sha1_ctx);

198 for (size_t i = 0; i < intermediates.size(); ++i) {	214 for (size_t i = 0; i < intermediates.size(); ++i) {

(...skipping 29 matching lines...) Expand all Loading...
228	244

229 // static	245 // static

230 void X509Certificate::GetPublicKeyInfo(OSCertHandle cert_handle,	246 void X509Certificate::GetPublicKeyInfo(OSCertHandle cert_handle,

231 size_t* size_bits,	247 size_t* size_bits,

232 PublicKeyType* type) {	248 PublicKeyType* type) {

233 x509_util_ios::NSSCertificate nss_cert(cert_handle);	249 x509_util_ios::NSSCertificate nss_cert(cert_handle);

234 x509_util::GetPublicKeyInfo(nss_cert.cert_handle(), size_bits, type);	250 x509_util::GetPublicKeyInfo(nss_cert.cert_handle(), size_bits, type);

235 }	251 }

236	252

237 } // namespace net	253 } // namespace net

OLD	NEW

« net/cert/ct_ev_whitelist_unittest.cc ('K') | « net/cert/x509_certificate.h ('k') | net/cert/x509_certificate_mac.cc » ('j') | net/cert/x509_certificate_win.cc » ('J')