Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(311)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/x509_util_nss.cc

Issue 2758803003: Make X509Certificate creation fail if X509Certificate::Initialize fails. (Closed)
Patch Set: test updatess 2 Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/x509_util_nss.h ('k') | net/socket/ssl_client_socket_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <cert.h> // Must be included before certdb.h 5 #include <cert.h> // Must be included before certdb.h
6 #include <certdb.h> 6 #include <certdb.h>
7 #include <cryptohi.h> 7 #include <cryptohi.h>
8 #include <nss.h> 8 #include <nss.h>
9 #include <pk11pub.h> 9 #include <pk11pub.h>
10 #include <prerror.h> 10 #include <prerror.h>
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after
82 if (rv != SECSuccess) 82 if (rv != SECSuccess)
83 return NULL; 83 return NULL;
84 84
85 return name.release(); 85 return name.release();
86 } 86 }
87 87
88 } // namespace 88 } // namespace
89 89
90 namespace x509_util { 90 namespace x509_util {
91 91
92 void ParsePrincipal(CERTName* name, CertPrincipal* principal) { 92 bool ParsePrincipal(CERTName* name, CertPrincipal* principal) {
93 // Starting in NSS 3.15, CERTGetNameFunc takes a const CERTName* argument. 93 // Starting in NSS 3.15, CERTGetNameFunc takes a const CERTName* argument.
94 #if NSS_VMINOR >= 15 94 #if NSS_VMINOR >= 15
95 typedef char* (*CERTGetNameFunc)(const CERTName* name); 95 typedef char* (*CERTGetNameFunc)(const CERTName* name);
96 #else 96 #else
97 typedef char* (*CERTGetNameFunc)(CERTName * name); 97 typedef char* (*CERTGetNameFunc)(CERTName * name);
98 #endif 98 #endif
99 99
100 // TODO(jcampan): add business_category and serial_number. 100 // TODO(jcampan): add business_category and serial_number.
101 // TODO(wtc): NSS has the CERT_GetOrgName, CERT_GetOrgUnitName, and 101 // TODO(wtc): NSS has the CERT_GetOrgName, CERT_GetOrgUnitName, and
102 // CERT_GetDomainComponentName functions, but they return only the most 102 // CERT_GetDomainComponentName functions, but they return only the most
(...skipping 10 matching lines...) Expand all
113 113
114 CERTRDN** rdns = name->rdns; 114 CERTRDN** rdns = name->rdns;
115 for (size_t rdn = 0; rdns[rdn]; ++rdn) { 115 for (size_t rdn = 0; rdns[rdn]; ++rdn) {
116 CERTAVA** avas = rdns[rdn]->avas; 116 CERTAVA** avas = rdns[rdn]->avas;
117 for (size_t pair = 0; avas[pair] != 0; ++pair) { 117 for (size_t pair = 0; avas[pair] != 0; ++pair) {
118 SECOidTag tag = CERT_GetAVATag(avas[pair]); 118 SECOidTag tag = CERT_GetAVATag(avas[pair]);
119 for (size_t oid = 0; oid < arraysize(kOIDs); ++oid) { 119 for (size_t oid = 0; oid < arraysize(kOIDs); ++oid) {
120 if (kOIDs[oid] == tag) { 120 if (kOIDs[oid] == tag) {
121 SECItem* decode_item = CERT_DecodeAVAValue(&avas[pair]->value); 121 SECItem* decode_item = CERT_DecodeAVAValue(&avas[pair]->value);
122 if (!decode_item) 122 if (!decode_item)
123 break; 123 return false;
124 // TODO(wtc): Pass decode_item to CERT_RFC1485_EscapeAndQuote. 124 // TODO(wtc): Pass decode_item to CERT_RFC1485_EscapeAndQuote.
125 std::string value(reinterpret_cast<char*>(decode_item->data), 125 std::string value(reinterpret_cast<char*>(decode_item->data),
126 decode_item->len); 126 decode_item->len);
127 values[oid]->push_back(value); 127 values[oid]->push_back(value);
128 SECITEM_FreeItem(decode_item, PR_TRUE); 128 SECITEM_FreeItem(decode_item, PR_TRUE);
129 break; 129 break;
130 } 130 }
131 } 131 }
132 } 132 }
133 } 133 }
134 134
135 // Get CN, L, S, and C. 135 // Get CN, L, S, and C.
136 CERTGetNameFunc get_name_funcs[4] = {CERT_GetCommonName, CERT_GetLocalityName, 136 CERTGetNameFunc get_name_funcs[4] = {CERT_GetCommonName, CERT_GetLocalityName,
137 CERT_GetStateName, CERT_GetCountryName}; 137 CERT_GetStateName, CERT_GetCountryName};
138 std::string* single_values[4] = { 138 std::string* single_values[4] = {
139 &principal->common_name, &principal->locality_name, 139 &principal->common_name, &principal->locality_name,
140 &principal->state_or_province_name, &principal->country_name}; 140 &principal->state_or_province_name, &principal->country_name};
141 for (size_t i = 0; i < arraysize(get_name_funcs); ++i) { 141 for (size_t i = 0; i < arraysize(get_name_funcs); ++i) {
142 char* value = get_name_funcs[i](name); 142 char* value = get_name_funcs[i](name);
143 if (value) { 143 if (value) {
144 single_values[i]->assign(value); 144 single_values[i]->assign(value);
145 PORT_Free(value); 145 PORT_Free(value);
146 } 146 }
147 } 147 }
148
149 return true;
148 } 150 }
149 151
150 void ParseDate(const SECItem* der_date, base::Time* result) { 152 bool ParseDate(const SECItem* der_date, base::Time* result) {
151 PRTime prtime; 153 PRTime prtime;
152 SECStatus rv = DER_DecodeTimeChoice(&prtime, der_date); 154 SECStatus rv = DER_DecodeTimeChoice(&prtime, der_date);
153 DCHECK_EQ(SECSuccess, rv); 155 if (rv != SECSuccess)
156 return false;
154 *result = crypto::PRTimeToBaseTime(prtime); 157 *result = crypto::PRTimeToBaseTime(prtime);
158 return true;
155 } 159 }
156 160
157 std::string ParseSerialNumber(const CERTCertificate* certificate) { 161 std::string ParseSerialNumber(const CERTCertificate* certificate) {
158 return std::string(reinterpret_cast<char*>(certificate->serialNumber.data), 162 return std::string(reinterpret_cast<char*>(certificate->serialNumber.data),
159 certificate->serialNumber.len); 163 certificate->serialNumber.len);
160 } 164 }
161 165
162 bool GetSubjectAltName(CERTCertificate* cert_handle, 166 bool GetSubjectAltName(CERTCertificate* cert_handle,
163 std::vector<std::string>* dns_names, 167 std::vector<std::string>* dns_names,
164 std::vector<std::string>* ip_addrs) { 168 std::vector<std::string>* ip_addrs) {
(...skipping 252 matching lines...) Expand 10 before | Expand all | Expand 10 after
417 base::SStringPrintf(&new_name, "%s #%d", nickname.c_str(), index++); 421 base::SStringPrintf(&new_name, "%s #%d", nickname.c_str(), index++);
418 temp_nickname = token_name + new_name; 422 temp_nickname = token_name + new_name;
419 } 423 }
420 424
421 return new_name; 425 return new_name;
422 } 426 }
423 427
424 } // namespace x509_util 428 } // namespace x509_util
425 429
426 } // namespace net 430 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/x509_util_nss.h ('k') | net/socket/ssl_client_socket_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698