| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ | 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ |
| 6 #define NET_BASE_X509_CERTIFICATE_H_ | 6 #define NET_BASE_X509_CERTIFICATE_H_ |
| 7 | 7 |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include <string> | 10 #include <string> |
| (...skipping 251 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 262 | 262 |
| 263 // Time period during which the certificate is valid. More precisely, this | 263 // Time period during which the certificate is valid. More precisely, this |
| 264 // certificate is invalid before the |valid_start| date and invalid after | 264 // certificate is invalid before the |valid_start| date and invalid after |
| 265 // the |valid_expiry| date. | 265 // the |valid_expiry| date. |
| 266 // If we were unable to parse either date from the certificate (or if the cert | 266 // If we were unable to parse either date from the certificate (or if the cert |
| 267 // lacks either date), the date will be null (i.e., is_null() will be true). | 267 // lacks either date), the date will be null (i.e., is_null() will be true). |
| 268 const base::Time& valid_start() const { return valid_start_; } | 268 const base::Time& valid_start() const { return valid_start_; } |
| 269 const base::Time& valid_expiry() const { return valid_expiry_; } | 269 const base::Time& valid_expiry() const { return valid_expiry_; } |
| 270 | 270 |
| 271 // The fingerprint of this certificate. | 271 // The fingerprint of this certificate. |
| 272 const SHA1Fingerprint& fingerprint() const { return fingerprint_; } | 272 const SHA1HashValue& fingerprint() const { return fingerprint_; } |
| 273 | 273 |
| 274 // The fingerprint of the intermediate CA certificates. | 274 // The fingerprint of the intermediate CA certificates. |
| 275 const SHA1Fingerprint& ca_fingerprint() const { | 275 const SHA1HashValue& ca_fingerprint() const { |
| 276 return ca_fingerprint_; | 276 return ca_fingerprint_; |
| 277 } | 277 } |
| 278 | 278 |
| 279 // Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 | 279 // Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 |
| 280 // Server Identity, if the certificate has a subjectAltName extension of | 280 // Server Identity, if the certificate has a subjectAltName extension of |
| 281 // type dNSName, this method gets the DNS names in that extension. | 281 // type dNSName, this method gets the DNS names in that extension. |
| 282 // Otherwise, it gets the common name in the subject field. | 282 // Otherwise, it gets the common name in the subject field. |
| 283 void GetDNSNames(std::vector<std::string>* dns_names) const; | 283 void GetDNSNames(std::vector<std::string>* dns_names) const; |
| 284 | 284 |
| 285 // Gets the subjectAltName extension field from the certificate, if any. | 285 // Gets the subjectAltName extension field from the certificate, if any. |
| (...skipping 154 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 440 Format format); | 440 Format format); |
| 441 | 441 |
| 442 // Duplicates (or adds a reference to) an OS certificate handle. | 442 // Duplicates (or adds a reference to) an OS certificate handle. |
| 443 static OSCertHandle DupOSCertHandle(OSCertHandle cert_handle); | 443 static OSCertHandle DupOSCertHandle(OSCertHandle cert_handle); |
| 444 | 444 |
| 445 // Frees (or releases a reference to) an OS certificate handle. | 445 // Frees (or releases a reference to) an OS certificate handle. |
| 446 static void FreeOSCertHandle(OSCertHandle cert_handle); | 446 static void FreeOSCertHandle(OSCertHandle cert_handle); |
| 447 | 447 |
| 448 // Calculates the SHA-1 fingerprint of the certificate. Returns an empty | 448 // Calculates the SHA-1 fingerprint of the certificate. Returns an empty |
| 449 // (all zero) fingerprint on failure. | 449 // (all zero) fingerprint on failure. |
| 450 static SHA1Fingerprint CalculateFingerprint(OSCertHandle cert_handle); | 450 static SHA1HashValue CalculateFingerprint(OSCertHandle cert_handle); |
| 451 | 451 |
| 452 // Calculates the SHA-1 fingerprint of the intermediate CA certificates. | 452 // Calculates the SHA-1 fingerprint of the intermediate CA certificates. |
| 453 // Returns an empty (all zero) fingerprint on failure. | 453 // Returns an empty (all zero) fingerprint on failure. |
| 454 static SHA1Fingerprint CalculateCAFingerprint( | 454 static SHA1HashValue CalculateCAFingerprint( |
| 455 const OSCertHandles& intermediates); | 455 const OSCertHandles& intermediates); |
| 456 | 456 |
| 457 private: | 457 private: |
| 458 friend class base::RefCountedThreadSafe<X509Certificate>; | 458 friend class base::RefCountedThreadSafe<X509Certificate>; |
| 459 friend class TestRootCerts; // For unit tests | 459 friend class TestRootCerts; // For unit tests |
| 460 | 460 |
| 461 FRIEND_TEST_ALL_PREFIXES(X509CertificateNameVerifyTest, VerifyHostname); | 461 FRIEND_TEST_ALL_PREFIXES(X509CertificateNameVerifyTest, VerifyHostname); |
| 462 FRIEND_TEST_ALL_PREFIXES(X509CertificateTest, SerialNumbers); | 462 FRIEND_TEST_ALL_PREFIXES(X509CertificateTest, SerialNumbers); |
| 463 | 463 |
| 464 // Construct an X509Certificate from a handle to the certificate object | 464 // Construct an X509Certificate from a handle to the certificate object |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 510 // The issuer of the certificate. | 510 // The issuer of the certificate. |
| 511 CertPrincipal issuer_; | 511 CertPrincipal issuer_; |
| 512 | 512 |
| 513 // This certificate is not valid before |valid_start_| | 513 // This certificate is not valid before |valid_start_| |
| 514 base::Time valid_start_; | 514 base::Time valid_start_; |
| 515 | 515 |
| 516 // This certificate is not valid after |valid_expiry_| | 516 // This certificate is not valid after |valid_expiry_| |
| 517 base::Time valid_expiry_; | 517 base::Time valid_expiry_; |
| 518 | 518 |
| 519 // The fingerprint of this certificate. | 519 // The fingerprint of this certificate. |
| 520 SHA1Fingerprint fingerprint_; | 520 SHA1HashValue fingerprint_; |
| 521 | 521 |
| 522 // The fingerprint of the intermediate CA certificates. | 522 // The fingerprint of the intermediate CA certificates. |
| 523 SHA1Fingerprint ca_fingerprint_; | 523 SHA1HashValue ca_fingerprint_; |
| 524 | 524 |
| 525 // The serial number of this certificate, DER encoded. | 525 // The serial number of this certificate, DER encoded. |
| 526 std::string serial_number_; | 526 std::string serial_number_; |
| 527 | 527 |
| 528 // A handle to the certificate object in the underlying crypto library. | 528 // A handle to the certificate object in the underlying crypto library. |
| 529 OSCertHandle cert_handle_; | 529 OSCertHandle cert_handle_; |
| 530 | 530 |
| 531 // Untrusted intermediate certificates associated with this certificate | 531 // Untrusted intermediate certificates associated with this certificate |
| 532 // that may be needed for chain building. | 532 // that may be needed for chain building. |
| 533 OSCertHandles intermediate_ca_certs_; | 533 OSCertHandles intermediate_ca_certs_; |
| 534 | 534 |
| 535 #if defined(USE_NSS) | 535 #if defined(USE_NSS) |
| 536 // This stores any default nickname that has been set on the certificate | 536 // This stores any default nickname that has been set on the certificate |
| 537 // at creation time with CreateFromBytesWithNickname. | 537 // at creation time with CreateFromBytesWithNickname. |
| 538 // If this is empty, then GetDefaultNickname will return a generated name | 538 // If this is empty, then GetDefaultNickname will return a generated name |
| 539 // based on the type of the certificate. | 539 // based on the type of the certificate. |
| 540 std::string default_nickname_; | 540 std::string default_nickname_; |
| 541 #endif | 541 #endif |
| 542 | 542 |
| 543 DISALLOW_COPY_AND_ASSIGN(X509Certificate); | 543 DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
| 544 }; | 544 }; |
| 545 | 545 |
| 546 } // namespace net | 546 } // namespace net |
| 547 | 547 |
| 548 #endif // NET_BASE_X509_CERTIFICATE_H_ | 548 #endif // NET_BASE_X509_CERTIFICATE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10826257:
Implement SHA-256 fingerprint support (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/