OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
6 | 6 |
7 #include <blapi.h> // Implement CalculateChainFingerprint() with NSS. | 7 #include <blapi.h> // Implement CalculateChainFingerprint() with NSS. |
8 | 8 |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
115 &out_store, NULL, NULL) || out_store == NULL) { | 115 &out_store, NULL, NULL) || out_store == NULL) { |
116 return results; | 116 return results; |
117 } | 117 } |
118 | 118 |
119 AddCertsFromStore(out_store, &results); | 119 AddCertsFromStore(out_store, &results); |
120 CertCloseStore(out_store, CERT_CLOSE_STORE_CHECK_FLAG); | 120 CertCloseStore(out_store, CERT_CLOSE_STORE_CHECK_FLAG); |
121 | 121 |
122 return results; | 122 return results; |
123 } | 123 } |
124 | 124 |
125 // Given a CERT_NAME_BLOB, returns true if it appears in a given list, | |
126 // formatted as a vector of strings holding DER-encoded X.509 | |
127 // DistinguishedName entries. | |
128 bool IsCertNameBlobInIssuerList(CERT_NAME_BLOB* name_blob, | |
129 const std::vector<std::string>& issuer_names) { | |
Ryan Sleevi
2012/12/13 19:49:05
STYLE: Indenting is wrong
bool IsCertNameBlobInIs
digit1
2012/12/14 17:54:33
Done.
| |
130 for (std::vector<std::string>::const_iterator it = issuer_names.begin(); | |
131 it != issuer_names.end(); ++it) { | |
132 CERT_NAME_BLOB issuer_blob; | |
133 issuer_blob.pbData = reinterpret_cast<BYTE*>(it->data()); | |
134 issuer_blob.cbData = static_cast<DWORD>(it->length()); | |
135 | |
136 BOOL rb = CertCompareCertificateName( | |
137 X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, &issuer_blob, name_blob); | |
138 if (rb) | |
139 return true; | |
140 } | |
141 return false; | |
142 } | |
143 | |
125 } // namespace | 144 } // namespace |
126 | 145 |
127 void X509Certificate::Initialize() { | 146 void X509Certificate::Initialize() { |
128 DCHECK(cert_handle_); | 147 DCHECK(cert_handle_); |
129 subject_.ParseDistinguishedName(cert_handle_->pCertInfo->Subject.pbData, | 148 subject_.ParseDistinguishedName(cert_handle_->pCertInfo->Subject.pbData, |
130 cert_handle_->pCertInfo->Subject.cbData); | 149 cert_handle_->pCertInfo->Subject.cbData); |
131 issuer_.ParseDistinguishedName(cert_handle_->pCertInfo->Issuer.pbData, | 150 issuer_.ParseDistinguishedName(cert_handle_->pCertInfo->Issuer.pbData, |
132 cert_handle_->pCertInfo->Issuer.cbData); | 151 cert_handle_->pCertInfo->Issuer.cbData); |
133 | 152 |
134 valid_start_ = Time::FromFileTime(cert_handle_->pCertInfo->NotBefore); | 153 valid_start_ = Time::FromFileTime(cert_handle_->pCertInfo->NotBefore); |
(...skipping 320 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
455 break; | 474 break; |
456 case CALG_ECDSA: | 475 case CALG_ECDSA: |
457 *type = kPublicKeyTypeECDSA; | 476 *type = kPublicKeyTypeECDSA; |
458 break; | 477 break; |
459 case CALG_ECDH: | 478 case CALG_ECDH: |
460 *type = kPublicKeyTypeECDH; | 479 *type = kPublicKeyTypeECDH; |
461 break; | 480 break; |
462 } | 481 } |
463 } | 482 } |
464 | 483 |
484 bool X509Certificate::IsIssuedByEncoded( | |
485 const std::vector<std::string>& valid_issuers) { | |
486 | |
487 // If the certificate's issuer in the list? | |
488 if (IsCertNameBlobInIssuerList( | |
489 &cert_handle_->pCertInfo->Issuer, | |
490 valid_issuers)) | |
Ryan Sleevi
2012/12/13 19:49:05
STYLE: Indenting is messy here
if (IsCertNameBlob
digit1
2012/12/14 17:54:33
Done.
| |
491 return true; | |
492 | |
493 // Otherwise, is any of the intermediate CA subjects in the list? | |
494 for (OSCertHandles::iterator it = intermediate_ca_certs_.begin(); | |
495 it != intermediate_ca_certs_.end(); ++it) { | |
496 if (IsCertNameBlobInIssuerList( | |
497 &it->pCertInfo->Subject, | |
498 valid_issuers)) | |
499 return true; | |
500 } | |
501 | |
502 return false; | |
503 } | |
504 | |
465 } // namespace net | 505 } // namespace net |
OLD | NEW |