OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/ct_objects_extractor.h" | 5 #include "net/cert/ct_objects_extractor.h" |
6 | 6 |
7 #include <cert.h> | 7 #include <cert.h> |
8 #include <secasn1.h> | 8 #include <secasn1.h> |
9 #include <secitem.h> | 9 #include <secitem.h> |
10 #include <secoid.h> | 10 #include <secoid.h> |
(...skipping 251 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
262 std::string encoded; | 262 std::string encoded; |
263 if (!X509Certificate::GetDEREncoded(leaf, &encoded)) | 263 if (!X509Certificate::GetDEREncoded(leaf, &encoded)) |
264 return false; | 264 return false; |
265 | 265 |
266 result->Reset(); | 266 result->Reset(); |
267 result->type = ct::LogEntry::LOG_ENTRY_TYPE_X509; | 267 result->type = ct::LogEntry::LOG_ENTRY_TYPE_X509; |
268 result->leaf_certificate.swap(encoded); | 268 result->leaf_certificate.swap(encoded); |
269 return true; | 269 return true; |
270 } | 270 } |
271 | 271 |
272 bool ExtractSCTListFromOCSPResponse(X509Certificate::OSCertHandle leaf, | |
273 const std::string& ocsp_response, | |
274 std::string* sct_list) { | |
275 DCHECK(leaf); | |
276 NSSCertWrapper leaf_cert(leaf); | |
wtc
2013/12/03 21:04:25
Nit: this is an expensive way to get the serial nu
ekasper
2013/12/04 19:25:15
I wasn't really thinking what I was doing :/
I've
| |
277 sct_list->clear(); | |
278 base::StringPiece serial_number = base::StringPiece( | |
279 reinterpret_cast<char*>(leaf_cert.cert->serialNumber.data), | |
280 leaf_cert.cert->serialNumber.len); | |
281 base::StringPiece sct_list_out; | |
282 if (!asn1::ExtractSCTExtensionFromOCSPResponse(ocsp_response, | |
Ryan Sleevi
2013/12/03 21:03:18
We should be using the NSS ASN.1 functions for thi
ekasper
2013/12/04 19:25:15
Done...
| |
283 serial_number, | |
284 &sct_list_out)) | |
285 return false; | |
wtc
2013/12/03 21:04:25
Nit: add curly braces.
| |
286 | |
287 *sct_list = sct_list_out.as_string(); | |
288 return true; | |
289 } | |
290 | |
272 } // namespace ct | 291 } // namespace ct |
273 | 292 |
274 } // namespace net | 293 } // namespace net |
OLD | NEW |