| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ | 5 #ifndef NET_BASE_X509_CERTIFICATE_H_ |
| 6 #define NET_BASE_X509_CERTIFICATE_H_ | 6 #define NET_BASE_X509_CERTIFICATE_H_ |
| 7 | 7 |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include <string> | 10 #include <string> |
| (...skipping 223 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 234 | 234 |
| 235 // Time period during which the certificate is valid. More precisely, this | 235 // Time period during which the certificate is valid. More precisely, this |
| 236 // certificate is invalid before the |valid_start| date and invalid after | 236 // certificate is invalid before the |valid_start| date and invalid after |
| 237 // the |valid_expiry| date. | 237 // the |valid_expiry| date. |
| 238 // If we were unable to parse either date from the certificate (or if the cert | 238 // If we were unable to parse either date from the certificate (or if the cert |
| 239 // lacks either date), the date will be null (i.e., is_null() will be true). | 239 // lacks either date), the date will be null (i.e., is_null() will be true). |
| 240 const base::Time& valid_start() const { return valid_start_; } | 240 const base::Time& valid_start() const { return valid_start_; } |
| 241 const base::Time& valid_expiry() const { return valid_expiry_; } | 241 const base::Time& valid_expiry() const { return valid_expiry_; } |
| 242 | 242 |
| 243 // The fingerprint of this certificate. | 243 // The fingerprint of this certificate. |
| 244 const SHA1Fingerprint& fingerprint() const { return fingerprint_; } | 244 const SHA1HashValue& fingerprint() const { return fingerprint_; } |
| 245 | 245 |
| 246 // The fingerprint of the intermediate CA certificates. | 246 // The fingerprint of the intermediate CA certificates. |
| 247 const SHA1Fingerprint& ca_fingerprint() const { | 247 const SHA1HashValue& ca_fingerprint() const { |
| 248 return ca_fingerprint_; | 248 return ca_fingerprint_; |
| 249 } | 249 } |
| 250 | 250 |
| 251 // Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 | 251 // Gets the DNS names in the certificate. Pursuant to RFC 2818, Section 3.1 |
| 252 // Server Identity, if the certificate has a subjectAltName extension of | 252 // Server Identity, if the certificate has a subjectAltName extension of |
| 253 // type dNSName, this method gets the DNS names in that extension. | 253 // type dNSName, this method gets the DNS names in that extension. |
| 254 // Otherwise, it gets the common name in the subject field. | 254 // Otherwise, it gets the common name in the subject field. |
| 255 void GetDNSNames(std::vector<std::string>* dns_names) const; | 255 void GetDNSNames(std::vector<std::string>* dns_names) const; |
| 256 | 256 |
| 257 // Gets the subjectAltName extension field from the certificate, if any. | 257 // Gets the subjectAltName extension field from the certificate, if any. |
| (...skipping 154 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 412 Format format); | 412 Format format); |
| 413 | 413 |
| 414 // Duplicates (or adds a reference to) an OS certificate handle. | 414 // Duplicates (or adds a reference to) an OS certificate handle. |
| 415 static OSCertHandle DupOSCertHandle(OSCertHandle cert_handle); | 415 static OSCertHandle DupOSCertHandle(OSCertHandle cert_handle); |
| 416 | 416 |
| 417 // Frees (or releases a reference to) an OS certificate handle. | 417 // Frees (or releases a reference to) an OS certificate handle. |
| 418 static void FreeOSCertHandle(OSCertHandle cert_handle); | 418 static void FreeOSCertHandle(OSCertHandle cert_handle); |
| 419 | 419 |
| 420 // Calculates the SHA-1 fingerprint of the certificate. Returns an empty | 420 // Calculates the SHA-1 fingerprint of the certificate. Returns an empty |
| 421 // (all zero) fingerprint on failure. | 421 // (all zero) fingerprint on failure. |
| 422 static SHA1Fingerprint CalculateFingerprint(OSCertHandle cert_handle); | 422 static SHA1HashValue CalculateFingerprint(OSCertHandle cert_handle); |
| 423 | 423 |
| 424 // Calculates the SHA-1 fingerprint of the intermediate CA certificates. | 424 // Calculates the SHA-1 fingerprint of the intermediate CA certificates. |
| 425 // Returns an empty (all zero) fingerprint on failure. | 425 // Returns an empty (all zero) fingerprint on failure. |
| 426 static SHA1Fingerprint CalculateCAFingerprint( | 426 static SHA1HashValue CalculateCAFingerprint( |
| 427 const OSCertHandles& intermediates); | 427 const OSCertHandles& intermediates); |
| 428 | 428 |
| 429 private: | 429 private: |
| 430 friend class base::RefCountedThreadSafe<X509Certificate>; | 430 friend class base::RefCountedThreadSafe<X509Certificate>; |
| 431 friend class TestRootCerts; // For unit tests | 431 friend class TestRootCerts; // For unit tests |
| 432 | 432 |
| 433 FRIEND_TEST_ALL_PREFIXES(X509CertificateNameVerifyTest, VerifyHostname); | 433 FRIEND_TEST_ALL_PREFIXES(X509CertificateNameVerifyTest, VerifyHostname); |
| 434 FRIEND_TEST_ALL_PREFIXES(X509CertificateTest, SerialNumbers); | 434 FRIEND_TEST_ALL_PREFIXES(X509CertificateTest, SerialNumbers); |
| 435 | 435 |
| 436 // Construct an X509Certificate from a handle to the certificate object | 436 // Construct an X509Certificate from a handle to the certificate object |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 482 // The issuer of the certificate. | 482 // The issuer of the certificate. |
| 483 CertPrincipal issuer_; | 483 CertPrincipal issuer_; |
| 484 | 484 |
| 485 // This certificate is not valid before |valid_start_| | 485 // This certificate is not valid before |valid_start_| |
| 486 base::Time valid_start_; | 486 base::Time valid_start_; |
| 487 | 487 |
| 488 // This certificate is not valid after |valid_expiry_| | 488 // This certificate is not valid after |valid_expiry_| |
| 489 base::Time valid_expiry_; | 489 base::Time valid_expiry_; |
| 490 | 490 |
| 491 // The fingerprint of this certificate. | 491 // The fingerprint of this certificate. |
| 492 SHA1Fingerprint fingerprint_; | 492 SHA1HashValue fingerprint_; |
| 493 | 493 |
| 494 // The fingerprint of the intermediate CA certificates. | 494 // The fingerprint of the intermediate CA certificates. |
| 495 SHA1Fingerprint ca_fingerprint_; | 495 SHA1HashValue ca_fingerprint_; |
| 496 | 496 |
| 497 // The serial number of this certificate, DER encoded. | 497 // The serial number of this certificate, DER encoded. |
| 498 std::string serial_number_; | 498 std::string serial_number_; |
| 499 | 499 |
| 500 // A handle to the certificate object in the underlying crypto library. | 500 // A handle to the certificate object in the underlying crypto library. |
| 501 OSCertHandle cert_handle_; | 501 OSCertHandle cert_handle_; |
| 502 | 502 |
| 503 // Untrusted intermediate certificates associated with this certificate | 503 // Untrusted intermediate certificates associated with this certificate |
| 504 // that may be needed for chain building. | 504 // that may be needed for chain building. |
| 505 OSCertHandles intermediate_ca_certs_; | 505 OSCertHandles intermediate_ca_certs_; |
| 506 | 506 |
| 507 #if defined(USE_NSS) | 507 #if defined(USE_NSS) |
| 508 // This stores any default nickname that has been set on the certificate | 508 // This stores any default nickname that has been set on the certificate |
| 509 // at creation time with CreateFromBytesWithNickname. | 509 // at creation time with CreateFromBytesWithNickname. |
| 510 // If this is empty, then GetDefaultNickname will return a generated name | 510 // If this is empty, then GetDefaultNickname will return a generated name |
| 511 // based on the type of the certificate. | 511 // based on the type of the certificate. |
| 512 std::string default_nickname_; | 512 std::string default_nickname_; |
| 513 #endif | 513 #endif |
| 514 | 514 |
| 515 DISALLOW_COPY_AND_ASSIGN(X509Certificate); | 515 DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
| 516 }; | 516 }; |
| 517 | 517 |
| 518 } // namespace net | 518 } // namespace net |
| 519 | 519 |
| 520 #endif // NET_BASE_X509_CERTIFICATE_H_ | 520 #endif // NET_BASE_X509_CERTIFICATE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10826257:
Implement SHA-256 fingerprint support (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/