OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
6 | 6 |
7 #include <CommonCrypto/CommonDigest.h> | 7 #include <CommonCrypto/CommonDigest.h> |
8 #include <Security/Security.h> | 8 #include <Security/Security.h> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
62 x509_util::ParsePrincipal(&cert_handle->subject, &subject_); | 62 x509_util::ParsePrincipal(&cert_handle->subject, &subject_); |
63 x509_util::ParsePrincipal(&cert_handle->issuer, &issuer_); | 63 x509_util::ParsePrincipal(&cert_handle->issuer, &issuer_); |
64 x509_util::ParseDate(&cert_handle->validity.notBefore, &valid_start_); | 64 x509_util::ParseDate(&cert_handle->validity.notBefore, &valid_start_); |
65 x509_util::ParseDate(&cert_handle->validity.notAfter, &valid_expiry_); | 65 x509_util::ParseDate(&cert_handle->validity.notAfter, &valid_expiry_); |
66 serial_number_ = x509_util::ParseSerialNumber(cert_handle); | 66 serial_number_ = x509_util::ParseSerialNumber(cert_handle); |
67 } | 67 } |
68 fingerprint_ = CalculateFingerprint(cert_handle_); | 68 fingerprint_ = CalculateFingerprint(cert_handle_); |
69 ca_fingerprint_ = CalculateCAFingerprint(intermediate_ca_certs_); | 69 ca_fingerprint_ = CalculateCAFingerprint(intermediate_ca_certs_); |
70 } | 70 } |
71 | 71 |
72 bool X509Certificate::IsIssuedByEncoded( | |
73 const std::vector<std::string>& valid_issuers) { | |
74 if (x509_util::IsCertNameItemInIssuerList(&cert_handle_->derIssuer, | |
75 valid_issuers)) | |
Ryan Sleevi
2012/12/13 19:49:05
It's a shame to have to reparse the CERTName here
digit1
2012/12/14 17:54:33
I know, but cert_handle->issuer is a CertPrincipal
Ryan Sleevi
2012/12/14 18:16:42
cert_handle->issuer is a CERTName, which is the ca
digit1
2012/12/18 16:19:24
Thank you so much for this, I've implemented this
| |
76 return true; | |
77 | |
78 for (OSCertHandles::iterator it = intermediate_ca_certs_.begin(); | |
79 it != intermediate_ca_certs_.end(); ++it) { | |
80 if (x509_util::IsCertNameItemInIssuerList(&(*it)->derSubject, | |
81 valid_issuers)) | |
82 return true; | |
Ryan Sleevi
2012/12/13 19:49:05
BUG: Rather then checking the subject, you should
digit1
2012/12/14 17:54:33
That makes sense, I'll fix all checks.
| |
83 } | |
84 return false; | |
85 } | |
86 | |
72 // static | 87 // static |
73 X509Certificate* X509Certificate::CreateSelfSigned( | 88 X509Certificate* X509Certificate::CreateSelfSigned( |
74 crypto::RSAPrivateKey* key, | 89 crypto::RSAPrivateKey* key, |
75 const std::string& subject, | 90 const std::string& subject, |
76 uint32 serial_number, | 91 uint32 serial_number, |
77 base::TimeDelta valid_duration) { | 92 base::TimeDelta valid_duration) { |
78 DCHECK(key); | 93 DCHECK(key); |
79 DCHECK(!subject.empty()); | 94 DCHECK(!subject.empty()); |
80 NOTIMPLEMENTED(); | 95 NOTIMPLEMENTED(); |
81 return NULL; | 96 return NULL; |
(...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
221 | 236 |
222 // static | 237 // static |
223 void X509Certificate::GetPublicKeyInfo(OSCertHandle cert_handle, | 238 void X509Certificate::GetPublicKeyInfo(OSCertHandle cert_handle, |
224 size_t* size_bits, | 239 size_t* size_bits, |
225 PublicKeyType* type) { | 240 PublicKeyType* type) { |
226 x509_util_ios::NSSCertificate nss_cert(cert_handle); | 241 x509_util_ios::NSSCertificate nss_cert(cert_handle); |
227 x509_util::GetPublicKeyInfo(nss_cert.cert_handle(), size_bits, type); | 242 x509_util::GetPublicKeyInfo(nss_cert.cert_handle(), size_bits, type); |
228 } | 243 } |
229 | 244 |
230 } // namespace net | 245 } // namespace net |
OLD | NEW |