Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(99)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/x509_certificate_nss.cc

Issue 2758803003: Make X509Certificate creation fail if X509Certificate::Initialize fails. (Closed)
Patch Set: test updatess 2 Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/x509_certificate_mac.cc ('k') | net/cert/x509_certificate_openssl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <cert.h> 5 #include <cert.h>
6 #include <cryptohi.h> 6 #include <cryptohi.h>
7 #include <keyhi.h> 7 #include <keyhi.h>
8 #include <nss.h> 8 #include <nss.h>
9 #include <pk11pub.h> 9 #include <pk11pub.h>
10 #include <prtime.h> 10 #include <prtime.h>
11 #include <seccomon.h> 11 #include <seccomon.h>
12 #include <secder.h> 12 #include <secder.h>
13 #include <sechash.h> 13 #include <sechash.h>
14 14
15 #include <memory> 15 #include <memory>
16 16
17 #include "base/logging.h" 17 #include "base/logging.h"
18 #include "base/numerics/safe_conversions.h" 18 #include "base/numerics/safe_conversions.h"
19 #include "base/pickle.h" 19 #include "base/pickle.h"
20 #include "base/strings/stringprintf.h" 20 #include "base/strings/stringprintf.h"
21 #include "base/time/time.h" 21 #include "base/time/time.h"
22 #include "crypto/nss_util.h" 22 #include "crypto/nss_util.h"
23 #include "crypto/scoped_nss_types.h" 23 #include "crypto/scoped_nss_types.h"
24 #include "net/cert/x509_certificate.h" 24 #include "net/cert/x509_certificate.h"
25 #include "net/cert/x509_util_nss.h" 25 #include "net/cert/x509_util_nss.h"
26 26
27 namespace net { 27 namespace net {
28 28
29 void X509Certificate::Initialize() { 29 bool X509Certificate::Initialize() {
30 x509_util::ParsePrincipal(&cert_handle_->subject, &subject_); 30 serial_number_ = x509_util::ParseSerialNumber(cert_handle_);
31 x509_util::ParsePrincipal(&cert_handle_->issuer, &issuer_);
32 31
33 x509_util::ParseDate(&cert_handle_->validity.notBefore, &valid_start_); 32 return (
34 x509_util::ParseDate(&cert_handle_->validity.notAfter, &valid_expiry_); 33 !serial_number_.empty() &&
35 34 x509_util::ParsePrincipal(&cert_handle_->subject, &subject_) &&
36 serial_number_ = x509_util::ParseSerialNumber(cert_handle_); 35 x509_util::ParsePrincipal(&cert_handle_->issuer, &issuer_) &&
36 x509_util::ParseDate(&cert_handle_->validity.notBefore, &valid_start_) &&
37 x509_util::ParseDate(&cert_handle_->validity.notAfter, &valid_expiry_));
37 } 38 }
38 39
39 std::string X509Certificate::GetDefaultNickname(CertType type) const { 40 std::string X509Certificate::GetDefaultNickname(CertType type) const {
40 std::string result; 41 std::string result;
41 if (type == USER_CERT && cert_handle_->slot) { 42 if (type == USER_CERT && cert_handle_->slot) {
42 // Find the private key for this certificate and see if it has a 43 // Find the private key for this certificate and see if it has a
43 // nickname. If there is a private key, and it has a nickname, then 44 // nickname. If there is a private key, and it has a nickname, then
44 // return that nickname. 45 // return that nickname.
45 SECKEYPrivateKey* private_key = PK11_FindPrivateKeyFromCert( 46 SECKEYPrivateKey* private_key = PK11_FindPrivateKeyFromCert(
46 cert_handle_->slot, 47 cert_handle_->slot,
(...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after
245 return false; 246 return false;
246 if (SECSuccess != CERT_VerifySignedDataWithPublicKey( 247 if (SECSuccess != CERT_VerifySignedDataWithPublicKey(
247 &cert_handle->signatureWrap, public_key.get(), NULL)) { 248 &cert_handle->signatureWrap, public_key.get(), NULL)) {
248 return false; 249 return false;
249 } 250 }
250 return CERT_CompareName(&cert_handle->subject, &cert_handle->issuer) == 251 return CERT_CompareName(&cert_handle->subject, &cert_handle->issuer) ==
251 SECEqual; 252 SECEqual;
252 } 253 }
253 254
254 } // namespace net 255 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/x509_certificate_mac.cc ('k') | net/cert/x509_certificate_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698