Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(360)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate.cc

Issue 6793041: net: add ability to distinguish user-added root CAs. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ... Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/x509_certificate.h ('K') | « net/base/x509_certificate.h ('k') | net/base/x509_certificate_mac.cc » ('j') | net/base/x509_certificate_mac.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #include <stdlib.h>
8
7 #include <map> 9 #include <map>
8 #include <string> 10 #include <string>
9 #include <vector> 11 #include <vector>
10 12
11 #include "base/lazy_instance.h" 13 #include "base/lazy_instance.h"
12 #include "base/logging.h" 14 #include "base/logging.h"
13 #include "base/memory/singleton.h" 15 #include "base/memory/singleton.h"
14 #include "base/metrics/histogram.h" 16 #include "base/metrics/histogram.h"
17 #include "base/sha1.h"
15 #include "base/string_piece.h" 18 #include "base/string_piece.h"
16 #include "base/string_util.h" 19 #include "base/string_util.h"
17 #include "base/time.h" 20 #include "base/time.h"
18 #include "net/base/pem_tokenizer.h" 21 #include "net/base/pem_tokenizer.h"
19 22
20 namespace net { 23 namespace net {
21 24
22 namespace { 25 namespace {
23 26
24 // Returns true if this cert fingerprint is the null (all zero) fingerprint. 27 // Returns true if this cert fingerprint is the null (all zero) fingerprint.
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after
106 const SHA1Fingerprint& fingerprint) { 109 const SHA1Fingerprint& fingerprint) {
107 base::AutoLock lock(lock_); 110 base::AutoLock lock(lock_);
108 111
109 CertMap::iterator pos(cache_.find(fingerprint)); 112 CertMap::iterator pos(cache_.find(fingerprint));
110 if (pos == cache_.end()) 113 if (pos == cache_.end())
111 return NULL; 114 return NULL;
112 115
113 return pos->second; 116 return pos->second;
114 }; 117 };
115 118
119 // CompareSHA1Hashes is a helper function for using bsearch() with an array of
120 // SHA1 hashes.
121 static int CompareSHA1Hashes(const void* a, const void* b) {
122 return memcmp(a, b, base::SHA1_LENGTH);
123 }
124
116 } // namespace 125 } // namespace
117 126
118 bool X509Certificate::LessThan::operator()(X509Certificate* lhs, 127 bool X509Certificate::LessThan::operator()(X509Certificate* lhs,
119 X509Certificate* rhs) const { 128 X509Certificate* rhs) const {
120 if (lhs == rhs) 129 if (lhs == rhs)
121 return false; 130 return false;
122 131
123 SHA1FingerprintLessThan fingerprint_functor; 132 SHA1FingerprintLessThan fingerprint_functor;
124 return fingerprint_functor(lhs->fingerprint_, rhs->fingerprint_); 133 return fingerprint_functor(lhs->fingerprint_, rhs->fingerprint_);
125 } 134 }
(...skipping 395 matching lines...) Expand 10 before | Expand all | Expand 10 after
521 if (memcmp(kSerials[i], serial_number_.data(), kSerialBytes) == 0) { 530 if (memcmp(kSerials[i], serial_number_.data(), kSerialBytes) == 0) {
522 UMA_HISTOGRAM_ENUMERATION("Net.SSLCertBlacklisted", i, kNumSerials); 531 UMA_HISTOGRAM_ENUMERATION("Net.SSLCertBlacklisted", i, kNumSerials);
523 return true; 532 return true;
524 } 533 }
525 } 534 }
526 } 535 }
527 536
528 return false; 537 return false;
529 } 538 }
530 539
540 // static
541 bool X509Certificate::IsSHA1HashInSortedArray(const SHA1Fingerprint& hash,
542 const uint8* array,
543 size_t array_byte_len) {
544 DCHECK_EQ(0u, array_byte_len % base::SHA1_LENGTH);
545 const unsigned arraylen = array_byte_len / base::SHA1_LENGTH;
546 return NULL != bsearch(hash.data, array, arraylen, base::SHA1_LENGTH,
547 CompareSHA1Hashes);
548 }
549
531 } // namespace net 550 } // namespace net
OLDNEW
« net/base/x509_certificate.h ('K') | « net/base/x509_certificate.h ('k') | net/base/x509_certificate_mac.cc » ('j') | net/base/x509_certificate_mac.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698