| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/cert_verify_proc.h" | 5 #include "net/cert/cert_verify_proc.h" |
| 6 | 6 |
| 7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
| 8 #include "base/metrics/histogram.h" | 8 #include "base/metrics/histogram.h" |
| 9 #include "base/sha1.h" | 9 #include "base/sha1.h" |
| 10 #include "base/strings/stringprintf.h" | 10 #include "base/strings/stringprintf.h" |
| (...skipping 563 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 574 // C=IN, O=India PKI, CN=CCA India 2014 | 574 // C=IN, O=India PKI, CN=CCA India 2014 |
| 575 // Expires: March 5 2024. | 575 // Expires: March 5 2024. |
| 576 { | 576 { |
| 577 {0x36, 0x8c, 0x4a, 0x1e, 0x2d, 0xb7, 0x81, 0xe8, 0x6b, 0xed, | 577 {0x36, 0x8c, 0x4a, 0x1e, 0x2d, 0xb7, 0x81, 0xe8, 0x6b, 0xed, |
| 578 0x5a, 0x0a, 0x42, 0xb8, 0xc5, 0xcf, 0x6d, 0xb3, 0x57, 0xe1}, | 578 0x5a, 0x0a, 0x42, 0xb8, 0xc5, 0xcf, 0x6d, 0xb3, 0x57, 0xe1}, |
| 579 kDomainsIndiaCCA, | 579 kDomainsIndiaCCA, |
| 580 }, | 580 }, |
| 581 // Not a real certificate - just for testing. This is the SPKI hash of | 581 // Not a real certificate - just for testing. This is the SPKI hash of |
| 582 // the keys used in net/data/ssl/certificates/name_constraint_*.crt. | 582 // the keys used in net/data/ssl/certificates/name_constraint_*.crt. |
| 583 { | 583 { |
| 584 {0x15, 0x45, 0xd7, 0x3b, 0x58, 0x6b, 0x47, 0xcf, 0xc1, 0x44, | 584 {0x61, 0xec, 0x82, 0x8b, 0xdb, 0x5c, 0x78, 0x2a, 0x8f, 0xcc, |
| 585 0xa2, 0xc9, 0xaa, 0xab, 0x98, 0x3d, 0x21, 0xcc, 0x42, 0xde}, | 585 0x4f, 0x0f, 0x14, 0xbb, 0x85, 0x31, 0x93, 0x9f, 0xf7, 0x3d}, |
| 586 kDomainsTest, | 586 kDomainsTest, |
| 587 }, | 587 }, |
| 588 }; | 588 }; |
| 589 | 589 |
| 590 for (unsigned i = 0; i < arraysize(kLimits); ++i) { | 590 for (unsigned i = 0; i < arraysize(kLimits); ++i) { |
| 591 for (HashValueVector::const_iterator j = public_key_hashes.begin(); | 591 for (HashValueVector::const_iterator j = public_key_hashes.begin(); |
| 592 j != public_key_hashes.end(); ++j) { | 592 j != public_key_hashes.end(); ++j) { |
| 593 if (j->tag == HASH_VALUE_SHA1 && | 593 if (j->tag == HASH_VALUE_SHA1 && |
| 594 memcmp(j->data(), kLimits[i].public_key, base::kSHA1Length) == 0) { | 594 memcmp(j->data(), kLimits[i].public_key, base::kSHA1Length) == 0) { |
| 595 if (dns_names.empty() && ip_addrs.empty()) { | 595 if (dns_names.empty() && ip_addrs.empty()) { |
| 596 std::vector<std::string> dns_names; | 596 std::vector<std::string> dns_names; |
| 597 dns_names.push_back(common_name); | 597 dns_names.push_back(common_name); |
| 598 if (!CheckNameConstraints(dns_names, kLimits[i].domains)) | 598 if (!CheckNameConstraints(dns_names, kLimits[i].domains)) |
| 599 return true; | 599 return true; |
| 600 } else { | 600 } else { |
| 601 if (!CheckNameConstraints(dns_names, kLimits[i].domains)) | 601 if (!CheckNameConstraints(dns_names, kLimits[i].domains)) |
| 602 return true; | 602 return true; |
| 603 } | 603 } |
| 604 } | 604 } |
| 605 } | 605 } |
| 606 } | 606 } |
| 607 | 607 |
| 608 return false; | 608 return false; |
| 609 } | 609 } |
| 610 | 610 |
| 611 } // namespace net | 611 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 621833005:
Regenerate the long-lived test certificates to use SHA-256 (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@2171