OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
6 | 6 |
7 #include <CommonCrypto/CommonDigest.h> | 7 #include <CommonCrypto/CommonDigest.h> |
8 #include <CoreServices/CoreServices.h> | 8 #include <CoreServices/CoreServices.h> |
9 #include <Security/Security.h> | 9 #include <Security/Security.h> |
10 #include <time.h> | 10 #include <time.h> |
(...skipping 830 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
841 if (status) | 841 if (status) |
842 return NetErrorFromOSStatus(status); | 842 return NetErrorFromOSStatus(status); |
843 CFArrayRef completed_chain = NULL; | 843 CFArrayRef completed_chain = NULL; |
844 CSSM_TP_APPLE_EVIDENCE_INFO* chain_info; | 844 CSSM_TP_APPLE_EVIDENCE_INFO* chain_info; |
845 status = SecTrustGetResult(trust_ref, &trust_result, &completed_chain, | 845 status = SecTrustGetResult(trust_ref, &trust_result, &completed_chain, |
846 &chain_info); | 846 &chain_info); |
847 if (status) | 847 if (status) |
848 return NetErrorFromOSStatus(status); | 848 return NetErrorFromOSStatus(status); |
849 ScopedCFTypeRef<CFArrayRef> scoped_completed_chain(completed_chain); | 849 ScopedCFTypeRef<CFArrayRef> scoped_completed_chain(completed_chain); |
850 | 850 |
| 851 SecCertificateRef verified_cert = NULL; |
| 852 std::vector<SecCertificateRef> verified_chain; |
| 853 for (CFIndex i = 0, count = CFArrayGetCount(completed_chain); |
| 854 i < count; ++i) { |
| 855 SecCertificateRef chain_cert = reinterpret_cast<SecCertificateRef>( |
| 856 const_cast<void*>(CFArrayGetValueAtIndex(completed_chain, i))); |
| 857 if (i == 0) { |
| 858 verified_cert = chain_cert; |
| 859 } else { |
| 860 verified_chain.push_back(chain_cert); |
| 861 } |
| 862 } |
| 863 if (verified_cert) { |
| 864 verify_result->verified_cert = CreateFromHandle(verified_cert, |
| 865 verified_chain); |
| 866 } |
| 867 |
851 // Evaluate the results | 868 // Evaluate the results |
852 OSStatus cssm_result; | 869 OSStatus cssm_result; |
853 bool got_certificate_error = false; | 870 bool got_certificate_error = false; |
854 switch (trust_result) { | 871 switch (trust_result) { |
855 case kSecTrustResultUnspecified: | 872 case kSecTrustResultUnspecified: |
856 case kSecTrustResultProceed: | 873 case kSecTrustResultProceed: |
857 // Certificate chain is valid and trusted ("unspecified" indicates that | 874 // Certificate chain is valid and trusted ("unspecified" indicates that |
858 // the user has not explicitly set a trust setting) | 875 // the user has not explicitly set a trust setting) |
859 break; | 876 break; |
860 | 877 |
(...skipping 509 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1370 CSSM_DATA cert_data; | 1387 CSSM_DATA cert_data; |
1371 OSStatus status = SecCertificateGetData(cert_handle, &cert_data); | 1388 OSStatus status = SecCertificateGetData(cert_handle, &cert_data); |
1372 if (status) | 1389 if (status) |
1373 return false; | 1390 return false; |
1374 | 1391 |
1375 return pickle->WriteData(reinterpret_cast<char*>(cert_data.Data), | 1392 return pickle->WriteData(reinterpret_cast<char*>(cert_data.Data), |
1376 cert_data.Length); | 1393 cert_data.Length); |
1377 } | 1394 } |
1378 | 1395 |
1379 } // namespace net | 1396 } // namespace net |
OLD | NEW |