Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(53)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate_openssl.cc

Issue 6816020: Fix opensll, in follow up to http://src.chromium.org/viewvc/chrome?view=rev&revision=80778 (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #include <openssl/asn1.h> 7 #include <openssl/asn1.h>
8 #include <openssl/crypto.h> 8 #include <openssl/crypto.h>
9 #include <openssl/obj_mac.h> 9 #include <openssl/obj_mac.h>
10 #include <openssl/pem.h> 10 #include <openssl/pem.h>
(...skipping 457 matching lines...) Expand 10 before | Expand all | Expand 10 after
468 << X509_verify_cert_error_string(x509_error) 468 << X509_verify_cert_error_string(x509_error)
469 << " : " << x509_error 469 << " : " << x509_error
470 << " : " << X509_STORE_CTX_get_error_depth(ctx.get()) 470 << " : " << X509_STORE_CTX_get_error_depth(ctx.get())
471 << " : " << cert_status; 471 << " : " << cert_status;
472 verify_result->cert_status |= cert_status; 472 verify_result->cert_status |= cert_status;
473 } 473 }
474 474
475 if (IsCertStatusError(verify_result->cert_status)) 475 if (IsCertStatusError(verify_result->cert_status))
476 return MapCertStatusToNetError(verify_result->cert_status); 476 return MapCertStatusToNetError(verify_result->cert_status);
477 477
478 // Currently we only ues OpenSSL's default root CA paths, so treat all
479 // correctly verified certs as being from a known root. TODO(joth): if the
480 // motivations described in http://src.chromium.org/viewvc/chrome?view=rev&rev ision=80778
481 // become an issue on OpenSSL builds, we will need to embed a hardcoded list
482 // of well known root CAs, as per the _mac and _win versions.
483 verify_result->is_issued_by_known_root = true;
484
478 return OK; 485 return OK;
479 } 486 }
480 487
481 bool X509Certificate::GetDEREncoded(std::string* encoded) { 488 bool X509Certificate::GetDEREncoded(std::string* encoded) {
482 // TODO(port): Implement. 489 // TODO(port): Implement.
483 return false; 490 return false;
484 } 491 }
485 492
486 // static 493 // static
487 bool X509Certificate::IsSameOSCert(X509Certificate::OSCertHandle a, 494 bool X509Certificate::IsSameOSCert(X509Certificate::OSCertHandle a,
488 X509Certificate::OSCertHandle b) { 495 X509Certificate::OSCertHandle b) {
489 DCHECK(a && b); 496 DCHECK(a && b);
490 if (a == b) 497 if (a == b)
491 return true; 498 return true;
492 499
493 // X509_cmp only checks the fingerprint, but we want to compare the whole 500 // X509_cmp only checks the fingerprint, but we want to compare the whole
494 // DER data. Encoding it from OSCertHandle is an expensive operation, so we 501 // DER data. Encoding it from OSCertHandle is an expensive operation, so we
495 // cache the DER (if not already cached via X509_set_ex_data). 502 // cache the DER (if not already cached via X509_set_ex_data).
496 DERCache der_cache_a, der_cache_b; 503 DERCache der_cache_a, der_cache_b;
497 504
498 return GetDERAndCacheIfNeeded(a, &der_cache_a) && 505 return GetDERAndCacheIfNeeded(a, &der_cache_a) &&
499 GetDERAndCacheIfNeeded(b, &der_cache_b) && 506 GetDERAndCacheIfNeeded(b, &der_cache_b) &&
500 der_cache_a.data_length == der_cache_b.data_length && 507 der_cache_a.data_length == der_cache_b.data_length &&
501 memcmp(der_cache_a.data, der_cache_b.data, der_cache_a.data_length) == 0; 508 memcmp(der_cache_a.data, der_cache_b.data, der_cache_a.data_length) == 0;
502 } 509 }
503 510
504 } // namespace net 511 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698