OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <cert.h> // Must be included before certdb.h | 5 #include <cert.h> // Must be included before certdb.h |
6 #include <certdb.h> | 6 #include <certdb.h> |
7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
8 #include <nss.h> | 8 #include <nss.h> |
9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
10 #include <prerror.h> | 10 #include <prerror.h> |
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
82 if (rv != SECSuccess) | 82 if (rv != SECSuccess) |
83 return NULL; | 83 return NULL; |
84 | 84 |
85 return name.release(); | 85 return name.release(); |
86 } | 86 } |
87 | 87 |
88 } // namespace | 88 } // namespace |
89 | 89 |
90 namespace x509_util { | 90 namespace x509_util { |
91 | 91 |
92 void ParsePrincipal(CERTName* name, CertPrincipal* principal) { | 92 bool ParsePrincipal(CERTName* name, CertPrincipal* principal) { |
93 // Starting in NSS 3.15, CERTGetNameFunc takes a const CERTName* argument. | 93 // Starting in NSS 3.15, CERTGetNameFunc takes a const CERTName* argument. |
94 #if NSS_VMINOR >= 15 | 94 #if NSS_VMINOR >= 15 |
95 typedef char* (*CERTGetNameFunc)(const CERTName* name); | 95 typedef char* (*CERTGetNameFunc)(const CERTName* name); |
96 #else | 96 #else |
97 typedef char* (*CERTGetNameFunc)(CERTName * name); | 97 typedef char* (*CERTGetNameFunc)(CERTName * name); |
98 #endif | 98 #endif |
99 | 99 |
100 // TODO(jcampan): add business_category and serial_number. | 100 // TODO(jcampan): add business_category and serial_number. |
101 // TODO(wtc): NSS has the CERT_GetOrgName, CERT_GetOrgUnitName, and | 101 // TODO(wtc): NSS has the CERT_GetOrgName, CERT_GetOrgUnitName, and |
102 // CERT_GetDomainComponentName functions, but they return only the most | 102 // CERT_GetDomainComponentName functions, but they return only the most |
(...skipping 10 matching lines...) Expand all Loading... |
113 | 113 |
114 CERTRDN** rdns = name->rdns; | 114 CERTRDN** rdns = name->rdns; |
115 for (size_t rdn = 0; rdns[rdn]; ++rdn) { | 115 for (size_t rdn = 0; rdns[rdn]; ++rdn) { |
116 CERTAVA** avas = rdns[rdn]->avas; | 116 CERTAVA** avas = rdns[rdn]->avas; |
117 for (size_t pair = 0; avas[pair] != 0; ++pair) { | 117 for (size_t pair = 0; avas[pair] != 0; ++pair) { |
118 SECOidTag tag = CERT_GetAVATag(avas[pair]); | 118 SECOidTag tag = CERT_GetAVATag(avas[pair]); |
119 for (size_t oid = 0; oid < arraysize(kOIDs); ++oid) { | 119 for (size_t oid = 0; oid < arraysize(kOIDs); ++oid) { |
120 if (kOIDs[oid] == tag) { | 120 if (kOIDs[oid] == tag) { |
121 SECItem* decode_item = CERT_DecodeAVAValue(&avas[pair]->value); | 121 SECItem* decode_item = CERT_DecodeAVAValue(&avas[pair]->value); |
122 if (!decode_item) | 122 if (!decode_item) |
123 break; | 123 return false; |
124 // TODO(wtc): Pass decode_item to CERT_RFC1485_EscapeAndQuote. | 124 // TODO(wtc): Pass decode_item to CERT_RFC1485_EscapeAndQuote. |
125 std::string value(reinterpret_cast<char*>(decode_item->data), | 125 std::string value(reinterpret_cast<char*>(decode_item->data), |
126 decode_item->len); | 126 decode_item->len); |
127 values[oid]->push_back(value); | 127 values[oid]->push_back(value); |
128 SECITEM_FreeItem(decode_item, PR_TRUE); | 128 SECITEM_FreeItem(decode_item, PR_TRUE); |
129 break; | 129 break; |
130 } | 130 } |
131 } | 131 } |
132 } | 132 } |
133 } | 133 } |
134 | 134 |
135 // Get CN, L, S, and C. | 135 // Get CN, L, S, and C. |
136 CERTGetNameFunc get_name_funcs[4] = {CERT_GetCommonName, CERT_GetLocalityName, | 136 CERTGetNameFunc get_name_funcs[4] = {CERT_GetCommonName, CERT_GetLocalityName, |
137 CERT_GetStateName, CERT_GetCountryName}; | 137 CERT_GetStateName, CERT_GetCountryName}; |
138 std::string* single_values[4] = { | 138 std::string* single_values[4] = { |
139 &principal->common_name, &principal->locality_name, | 139 &principal->common_name, &principal->locality_name, |
140 &principal->state_or_province_name, &principal->country_name}; | 140 &principal->state_or_province_name, &principal->country_name}; |
141 for (size_t i = 0; i < arraysize(get_name_funcs); ++i) { | 141 for (size_t i = 0; i < arraysize(get_name_funcs); ++i) { |
142 char* value = get_name_funcs[i](name); | 142 char* value = get_name_funcs[i](name); |
143 if (value) { | 143 if (value) { |
144 single_values[i]->assign(value); | 144 single_values[i]->assign(value); |
145 PORT_Free(value); | 145 PORT_Free(value); |
146 } | 146 } |
147 } | 147 } |
| 148 |
| 149 return true; |
148 } | 150 } |
149 | 151 |
150 void ParseDate(const SECItem* der_date, base::Time* result) { | 152 bool ParseDate(const SECItem* der_date, base::Time* result) { |
151 PRTime prtime; | 153 PRTime prtime; |
152 SECStatus rv = DER_DecodeTimeChoice(&prtime, der_date); | 154 SECStatus rv = DER_DecodeTimeChoice(&prtime, der_date); |
153 DCHECK_EQ(SECSuccess, rv); | 155 if (rv != SECSuccess) |
| 156 return false; |
154 *result = crypto::PRTimeToBaseTime(prtime); | 157 *result = crypto::PRTimeToBaseTime(prtime); |
| 158 return true; |
155 } | 159 } |
156 | 160 |
157 std::string ParseSerialNumber(const CERTCertificate* certificate) { | 161 std::string ParseSerialNumber(const CERTCertificate* certificate) { |
158 return std::string(reinterpret_cast<char*>(certificate->serialNumber.data), | 162 return std::string(reinterpret_cast<char*>(certificate->serialNumber.data), |
159 certificate->serialNumber.len); | 163 certificate->serialNumber.len); |
160 } | 164 } |
161 | 165 |
162 bool GetSubjectAltName(CERTCertificate* cert_handle, | 166 bool GetSubjectAltName(CERTCertificate* cert_handle, |
163 std::vector<std::string>* dns_names, | 167 std::vector<std::string>* dns_names, |
164 std::vector<std::string>* ip_addrs) { | 168 std::vector<std::string>* ip_addrs) { |
(...skipping 252 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
417 base::SStringPrintf(&new_name, "%s #%d", nickname.c_str(), index++); | 421 base::SStringPrintf(&new_name, "%s #%d", nickname.c_str(), index++); |
418 temp_nickname = token_name + new_name; | 422 temp_nickname = token_name + new_name; |
419 } | 423 } |
420 | 424 |
421 return new_name; | 425 return new_name; |
422 } | 426 } |
423 | 427 |
424 } // namespace x509_util | 428 } // namespace x509_util |
425 | 429 |
426 } // namespace net | 430 } // namespace net |
OLD | NEW |