OLD | NEW |
---|---|
(Empty) | |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "net/base/x509_util_ios.h" | |
6 | |
7 #include <cert.h> | |
8 #include <nss.h> | |
9 #include <prtypes.h> | |
10 | |
11 #include "base/mac/scoped_cftyperef.h" | |
12 #include "crypto/nss_util.h" | |
13 #include "net/base/x509_certificate.h" | |
14 | |
15 using base::mac::ScopedCFTypeRef; | |
16 | |
17 namespace net { | |
18 namespace x509_util_ios { | |
19 | |
20 namespace { | |
21 | |
22 // Creates an NSS certificate handle from |data|, which is |length| bytes in | |
23 // size. | |
24 CERTCertificate* CreateNSSCertHandleFromBytes(const char* data, | |
25 int length) { | |
26 if (length < 0) | |
27 return NULL; | |
28 | |
29 crypto::EnsureNSSInit(); | |
30 | |
31 if (!NSS_IsInitialized()) | |
32 return NULL; | |
33 | |
34 SECItem der_cert; | |
35 der_cert.data = reinterpret_cast<unsigned char*>(const_cast<char*>(data)); | |
36 der_cert.len = length; | |
37 der_cert.type = siDERCertBuffer; | |
38 | |
39 // Parse into a certificate structure. | |
40 return CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &der_cert, NULL, | |
41 PR_FALSE, PR_TRUE); | |
42 } | |
43 | |
44 } // namespace | |
45 | |
46 CERTCertificate* CreateNSSCertHandleFromOSHandle( | |
47 SecCertificateRef cert_handle) { | |
48 ScopedCFTypeRef<CFDataRef> cert_data(SecCertificateCopyData(cert_handle)); | |
49 return CreateNSSCertHandleFromBytes( | |
50 reinterpret_cast<const char*>(CFDataGetBytePtr(cert_data)), | |
51 CFDataGetLength(cert_data)); | |
52 } | |
53 | |
54 SecCertificateRef CreateOSCertHandleFromNSSHandle( | |
55 CERTCertificate* nss_cert_handle) { | |
56 return X509Certificate::CreateOSCertHandleFromBytes( | |
57 reinterpret_cast<const char*>(nss_cert_handle->derCert.data), | |
58 nss_cert_handle->derCert.len); | |
59 } | |
60 | |
61 NSSCertificate::NSSCertificate(SecCertificateRef cert_handle) { | |
62 nss_cert_handle_ = CreateNSSCertHandleFromOSHandle(cert_handle); | |
63 } | |
64 | |
65 NSSCertificate::~NSSCertificate() { | |
66 CERT_DestroyCertificate(nss_cert_handle_); | |
67 } | |
68 | |
69 CERTCertificate* NSSCertificate::cert_handle() { | |
70 return nss_cert_handle_; | |
Ryan Sleevi
2012/09/12 19:34:44
nit: We'll want to ensure that all callers who cal
droger
2012/09/13 13:03:05
I added special cases in GetSubjectAltName() and I
| |
71 } | |
72 | |
73 } // namespace x509_util_ios | |
74 } // namespace net | |
75 | |
OLD | NEW |