| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ | 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ |
| 6 #define NET_BASE_X509_CERTIFICATE_H_ | 6 #define NET_BASE_X509_CERTIFICATE_H_ |
| 7 | 7 |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include <string> | 10 #include <string> |
| (...skipping 229 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 240 | 240 |
| 241 // Time period during which the certificate is valid. More precisely, this | 241 // Time period during which the certificate is valid. More precisely, this |
| 242 // certificate is invalid before the |valid_start| date and invalid after | 242 // certificate is invalid before the |valid_start| date and invalid after |
| 243 // the |valid_expiry| date. | 243 // the |valid_expiry| date. |
| 244 // If we were unable to parse either date from the certificate (or if the cert | 244 // If we were unable to parse either date from the certificate (or if the cert |
| 245 // lacks either date), the date will be null (i.e., is_null() will be true). | 245 // lacks either date), the date will be null (i.e., is_null() will be true). |
| 246 const base::Time& valid_start() const { return valid_start_; } | 246 const base::Time& valid_start() const { return valid_start_; } |
| 247 const base::Time& valid_expiry() const { return valid_expiry_; } | 247 const base::Time& valid_expiry() const { return valid_expiry_; } |
| 248 | 248 |
| 249 // The fingerprint of this certificate. | 249 // The fingerprint of this certificate. |
| 250 const SHA1Fingerprint& fingerprint() const { return fingerprint_; } | 250 const SHA1HashValue& fingerprint() const { return fingerprint_; } |
| 251 | 251 |
| 252 // The fingerprint of the intermediate CA certificates. | 252 // The fingerprint of the intermediate CA certificates. |
| 253 const SHA1Fingerprint& ca_fingerprint() const { | 253 const SHA1HashValue& ca_fingerprint() const { |
| 254 return ca_fingerprint_; | 254 return ca_fingerprint_; |
| 255 } | 255 } |
| 256 | 256 |
| 257 // Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 | 257 // Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 |
| 258 // Server Identity, if the certificate has a subjectAltName extension of | 258 // Server Identity, if the certificate has a subjectAltName extension of |
| 259 // type dNSName, this method gets the DNS names in that extension. | 259 // type dNSName, this method gets the DNS names in that extension. |
| 260 // Otherwise, it gets the common name in the subject field. | 260 // Otherwise, it gets the common name in the subject field. |
| 261 void GetDNSNames(std::vector<std::string>* dns_names) const; | 261 void GetDNSNames(std::vector<std::string>* dns_names) const; |
| 262 | 262 |
| 263 // Gets the subjectAltName extension field from the certificate, if any. | 263 // Gets the subjectAltName extension field from the certificate, if any. |
| (...skipping 154 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 418 Format format); | 418 Format format); |
| 419 | 419 |
| 420 // Duplicates (or adds a reference to) an OS certificate handle. | 420 // Duplicates (or adds a reference to) an OS certificate handle. |
| 421 static OSCertHandle DupOSCertHandle(OSCertHandle cert_handle); | 421 static OSCertHandle DupOSCertHandle(OSCertHandle cert_handle); |
| 422 | 422 |
| 423 // Frees (or releases a reference to) an OS certificate handle. | 423 // Frees (or releases a reference to) an OS certificate handle. |
| 424 static void FreeOSCertHandle(OSCertHandle cert_handle); | 424 static void FreeOSCertHandle(OSCertHandle cert_handle); |
| 425 | 425 |
| 426 // Calculates the SHA-1 fingerprint of the certificate. Returns an empty | 426 // Calculates the SHA-1 fingerprint of the certificate. Returns an empty |
| 427 // (all zero) fingerprint on failure. | 427 // (all zero) fingerprint on failure. |
| 428 static SHA1Fingerprint CalculateFingerprint(OSCertHandle cert_handle); | 428 static SHA1HashValue CalculateFingerprint(OSCertHandle cert_handle); |
| 429 | 429 |
| 430 // Calculates the SHA-1 fingerprint of the intermediate CA certificates. | 430 // Calculates the SHA-1 fingerprint of the intermediate CA certificates. |
| 431 // Returns an empty (all zero) fingerprint on failure. | 431 // Returns an empty (all zero) fingerprint on failure. |
| 432 static SHA1Fingerprint CalculateCAFingerprint( | 432 static SHA1HashValue CalculateCAFingerprint( |
| 433 const OSCertHandles& intermediates); | 433 const OSCertHandles& intermediates); |
| 434 | 434 |
| 435 private: | 435 private: |
| 436 friend class base::RefCountedThreadSafe<X509Certificate>; | 436 friend class base::RefCountedThreadSafe<X509Certificate>; |
| 437 friend class TestRootCerts; // For unit tests | 437 friend class TestRootCerts; // For unit tests |
| 438 | 438 |
| 439 FRIEND_TEST_ALL_PREFIXES(X509CertificateNameVerifyTest, VerifyHostname); | 439 FRIEND_TEST_ALL_PREFIXES(X509CertificateNameVerifyTest, VerifyHostname); |
| 440 FRIEND_TEST_ALL_PREFIXES(X509CertificateTest, SerialNumbers); | 440 FRIEND_TEST_ALL_PREFIXES(X509CertificateTest, SerialNumbers); |
| 441 | 441 |
| 442 // Construct an X509Certificate from a handle to the certificate object | 442 // Construct an X509Certificate from a handle to the certificate object |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 488 // The issuer of the certificate. | 488 // The issuer of the certificate. |
| 489 CertPrincipal issuer_; | 489 CertPrincipal issuer_; |
| 490 | 490 |
| 491 // This certificate is not valid before |valid_start_| | 491 // This certificate is not valid before |valid_start_| |
| 492 base::Time valid_start_; | 492 base::Time valid_start_; |
| 493 | 493 |
| 494 // This certificate is not valid after |valid_expiry_| | 494 // This certificate is not valid after |valid_expiry_| |
| 495 base::Time valid_expiry_; | 495 base::Time valid_expiry_; |
| 496 | 496 |
| 497 // The fingerprint of this certificate. | 497 // The fingerprint of this certificate. |
| 498 SHA1Fingerprint fingerprint_; | 498 SHA1HashValue fingerprint_; |
| 499 | 499 |
| 500 // The fingerprint of the intermediate CA certificates. | 500 // The fingerprint of the intermediate CA certificates. |
| 501 SHA1Fingerprint ca_fingerprint_; | 501 SHA1HashValue ca_fingerprint_; |
| 502 | 502 |
| 503 // The serial number of this certificate, DER encoded. | 503 // The serial number of this certificate, DER encoded. |
| 504 std::string serial_number_; | 504 std::string serial_number_; |
| 505 | 505 |
| 506 // A handle to the certificate object in the underlying crypto library. | 506 // A handle to the certificate object in the underlying crypto library. |
| 507 OSCertHandle cert_handle_; | 507 OSCertHandle cert_handle_; |
| 508 | 508 |
| 509 // Untrusted intermediate certificates associated with this certificate | 509 // Untrusted intermediate certificates associated with this certificate |
| 510 // that may be needed for chain building. | 510 // that may be needed for chain building. |
| 511 OSCertHandles intermediate_ca_certs_; | 511 OSCertHandles intermediate_ca_certs_; |
| 512 | 512 |
| 513 #if defined(USE_NSS) | 513 #if defined(USE_NSS) |
| 514 // This stores any default nickname that has been set on the certificate | 514 // This stores any default nickname that has been set on the certificate |
| 515 // at creation time with CreateFromBytesWithNickname. | 515 // at creation time with CreateFromBytesWithNickname. |
| 516 // If this is empty, then GetDefaultNickname will return a generated name | 516 // If this is empty, then GetDefaultNickname will return a generated name |
| 517 // based on the type of the certificate. | 517 // based on the type of the certificate. |
| 518 std::string default_nickname_; | 518 std::string default_nickname_; |
| 519 #endif | 519 #endif |
| 520 | 520 |
| 521 DISALLOW_COPY_AND_ASSIGN(X509Certificate); | 521 DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
| 522 }; | 522 }; |
| 523 | 523 |
| 524 } // namespace net | 524 } // namespace net |
| 525 | 525 |
| 526 #endif // NET_BASE_X509_CERTIFICATE_H_ | 526 #endif // NET_BASE_X509_CERTIFICATE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10826257:
Implement SHA-256 fingerprint support (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/