diff options
author | raymes@chromium.org <raymes@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-04-05 21:55:49 +0000 |
---|---|---|
committer | raymes@chromium.org <raymes@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-04-05 21:55:49 +0000 |
commit | add68c87534edb4b6b50f35e75213f422083d5b9 (patch) | |
tree | 61d1ff046ba64384e02758a1068f261fa9493334 | |
parent | 1d702f342ae59faf53741dd3dbf414092a8b0744 (diff) | |
download | chromium_src-add68c87534edb4b6b50f35e75213f422083d5b9.zip chromium_src-add68c87534edb4b6b50f35e75213f422083d5b9.tar.gz chromium_src-add68c87534edb4b6b50f35e75213f422083d5b9.tar.bz2 |
Implemented the function which converts a Chrome X509Certificate into a pepper X509 certificate.
This also removes the un-implemented fields for now. It probably makes sense just to add them when we need them.
BUG=114626
TEST=Ran X509 Certificate ppapi test.
NOTRY=true
Review URL: http://codereview.chromium.org/9836024
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@131018 0039d316-1c4b-4281-b951-d872f2087c98
-rw-r--r-- | content/browser/renderer_host/pepper_tcp_socket.cc | 42 | ||||
-rw-r--r-- | ppapi/api/private/ppb_x509_certificate_private.idl | 22 | ||||
-rw-r--r-- | ppapi/c/private/ppb_x509_certificate_private.h | 24 | ||||
-rw-r--r-- | ppapi/tests/test_x509_certificate_private.cc | 99 |
4 files changed, 169 insertions, 18 deletions
diff --git a/content/browser/renderer_host/pepper_tcp_socket.cc b/content/browser/renderer_host/pepper_tcp_socket.cc index 8af741b..e80e8e6 100644 --- a/content/browser/renderer_host/pepper_tcp_socket.cc +++ b/content/browser/renderer_host/pepper_tcp_socket.cc @@ -10,6 +10,7 @@ #include "base/bind_helpers.h" #include "base/compiler_specific.h" #include "base/logging.h" +#include "base/string_util.h" #include "content/browser/renderer_host/pepper_message_filter.h" #include "content/public/browser/browser_thread.h" #include "net/base/cert_verifier.h" @@ -208,7 +209,46 @@ void PepperTCPSocket::SendConnectACKError() { bool PepperTCPSocket::GetCertificateFields( const net::X509Certificate& cert, ppapi::PPB_X509Certificate_Fields* fields) { - // TODO(raymes,rsleevi): Implement this. + const net::CertPrincipal& issuer = cert.issuer(); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_COMMON_NAME, + new base::StringValue(issuer.common_name)); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_LOCALITY_NAME, + new base::StringValue(issuer.locality_name)); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_STATE_OR_PROVINCE_NAME, + new base::StringValue(issuer.state_or_province_name)); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_COUNTRY_NAME, + new base::StringValue(issuer.country_name)); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_NAME, + new base::StringValue(JoinString(issuer.organization_names, '\n'))); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_UNIT_NAME, + new base::StringValue(JoinString(issuer.organization_unit_names, '\n'))); + + const net::CertPrincipal& subject = cert.subject(); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_COMMON_NAME, + new base::StringValue(subject.common_name)); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_LOCALITY_NAME, + new base::StringValue(subject.locality_name)); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_STATE_OR_PROVINCE_NAME, + new base::StringValue(subject.state_or_province_name)); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_COUNTRY_NAME, + new base::StringValue(subject.country_name)); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_NAME, + new base::StringValue(JoinString(subject.organization_names, '\n'))); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_UNIT_NAME, + new base::StringValue(JoinString(subject.organization_unit_names, '\n'))); + + const std::string& serial_number = cert.serial_number(); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_SERIAL_NUMBER, + base::BinaryValue::CreateWithCopiedBuffer(serial_number.data(), + serial_number.length())); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_VALIDITY_NOT_BEFORE, + base::Value::CreateDoubleValue(cert.valid_start().ToDoubleT())); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_VALIDITY_NOT_AFTER, + base::Value::CreateDoubleValue(cert.valid_expiry().ToDoubleT())); + std::string der; + net::X509Certificate::GetDEREncoded(cert.os_cert_handle(), &der); + fields->SetField(PP_X509CERTIFICATE_PRIVATE_RAW, + base::BinaryValue::CreateWithCopiedBuffer(der.data(), der.length())); return true; } diff --git a/ppapi/api/private/ppb_x509_certificate_private.idl b/ppapi/api/private/ppb_x509_certificate_private.idl index ad1a3eb..c68400b 100644 --- a/ppapi/api/private/ppb_x509_certificate_private.idl +++ b/ppapi/api/private/ppb_x509_certificate_private.idl @@ -38,7 +38,8 @@ enum PP_X509Certificate_Private_Field { PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_UNIT_NAME = 5, /** - * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>). + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. */ PP_X509CERTIFICATE_PRIVATE_ISSUER_UNIQUE_ID = 6, @@ -61,13 +62,14 @@ enum PP_X509Certificate_Private_Field { PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_UNIT_NAME = 12, /** - * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>). + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. */ PP_X509CERTIFICATE_PRIVATE_SUBJECT_UNIQUE_ID = 13, /** - * This corresponds to an integer (<code>PP_VARTYPE_INT32</code>) which - * which can be cast to a <code>PPB_X509Certificate_Private_Version</code>. + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. */ PP_X509CERTIFICATE_PRIVATE_VERSION = 14, @@ -77,12 +79,15 @@ enum PP_X509Certificate_Private_Field { */ PP_X509CERTIFICATE_PRIVATE_SERIAL_NUMBER = 15, - /** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */ + /** + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. + */ PP_X509CERTIFICATE_PRIVATE_ALGORITHM_OID = 16, /** - * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>) - * which is DER-encoded. + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. */ PP_X509CERTIFICATE_PRIVATE_ALGORITHM_PARAMATERS_RAW = 17, @@ -102,7 +107,8 @@ enum PP_X509Certificate_Private_Field { PP_X509CERTIFICATE_PRIVATE_SUBJECT_PUBLIC_KEY_ALGORITHM_OID = 20, /** - * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>). + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. */ PP_X509CERTIFICATE_PRIVATE_SUBJECT_PUBLIC_KEY = 21, diff --git a/ppapi/c/private/ppb_x509_certificate_private.h b/ppapi/c/private/ppb_x509_certificate_private.h index cd2c2b9..ba7cb0c 100644 --- a/ppapi/c/private/ppb_x509_certificate_private.h +++ b/ppapi/c/private/ppb_x509_certificate_private.h @@ -4,7 +4,7 @@ */ /* From private/ppb_x509_certificate_private.idl, - * modified Fri Mar 23 09:40:44 2012. + * modified Thu Mar 29 16:25:36 2012. */ #ifndef PPAPI_C_PRIVATE_PPB_X509_CERTIFICATE_PRIVATE_H_ @@ -52,7 +52,8 @@ typedef enum { /** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */ PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_UNIT_NAME = 5, /** - * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>). + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. */ PP_X509CERTIFICATE_PRIVATE_ISSUER_UNIQUE_ID = 6, /** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */ @@ -68,12 +69,13 @@ typedef enum { /** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */ PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_UNIT_NAME = 12, /** - * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>). + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. */ PP_X509CERTIFICATE_PRIVATE_SUBJECT_UNIQUE_ID = 13, /** - * This corresponds to an integer (<code>PP_VARTYPE_INT32</code>) which - * which can be cast to a <code>PPB_X509Certificate_Private_Version</code>. + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. */ PP_X509CERTIFICATE_PRIVATE_VERSION = 14, /** @@ -81,11 +83,14 @@ typedef enum { * The serial number may include a leading 0. */ PP_X509CERTIFICATE_PRIVATE_SERIAL_NUMBER = 15, - /** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */ + /** + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. + */ PP_X509CERTIFICATE_PRIVATE_ALGORITHM_OID = 16, /** - * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>) - * which is DER-encoded. + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. */ PP_X509CERTIFICATE_PRIVATE_ALGORITHM_PARAMATERS_RAW = 17, /** @@ -101,7 +106,8 @@ typedef enum { /** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */ PP_X509CERTIFICATE_PRIVATE_SUBJECT_PUBLIC_KEY_ALGORITHM_OID = 20, /** - * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>). + * Note: This field is unimplemented and will return + * <code>PP_VARTYPE_NULL</code>. */ PP_X509CERTIFICATE_PRIVATE_SUBJECT_PUBLIC_KEY = 21, /** diff --git a/ppapi/tests/test_x509_certificate_private.cc b/ppapi/tests/test_x509_certificate_private.cc index 0665525..9bf950e 100644 --- a/ppapi/tests/test_x509_certificate_private.cc +++ b/ppapi/tests/test_x509_certificate_private.cc @@ -4,13 +4,61 @@ #include "ppapi/tests/test_x509_certificate_private.h" +#include <cmath> +#include <limits> + #include "ppapi/cpp/private/x509_certificate_private.h" +#include "ppapi/cpp/var_array_buffer.h" +#include "ppapi/cpp/var.h" #include "ppapi/tests/testing_instance.h" REGISTER_TEST_CASE(X509CertificatePrivate); namespace { +bool FieldMatchesString( + const pp::X509Certificate& certificate, + PP_X509Certificate_Private_Field field, + const std::string& expected) { + pp::Var field_value = certificate.GetField(field); + if (!field_value.is_string()) + return false; + return field_value.AsString() == expected; +} + +bool FieldMatchesDouble( + const pp::X509Certificate& certificate, + PP_X509Certificate_Private_Field field, + double expected) { + pp::Var field_value = certificate.GetField(field); + if (!field_value.is_double()) + return false; + return std::fabs(field_value.AsDouble() - expected) <= + std::numeric_limits<double>::epsilon(); +} + +bool FieldMatchesBuffer( + const pp::X509Certificate& certificate, + PP_X509Certificate_Private_Field field, + const char* expected, + uint32_t expected_length) { + pp::Var field_value = certificate.GetField(field); + if (!field_value.is_array_buffer()) + return false; + pp::VarArrayBuffer array_buffer(field_value); + char* bytes = static_cast<char*>(array_buffer.Map()); + uint32_t length = array_buffer.ByteLength(); + if (length != expected_length) + return false; + return std::equal(expected, expected + expected_length, bytes); +} + +bool FieldIsNull( + const pp::X509Certificate& certificate, + PP_X509Certificate_Private_Field field) { + return certificate.GetField(field).is_null(); +} + // Google's cert. const unsigned char kGoogleDer[] = { 0x30, 0x82, 0x03, 0x21, 0x30, 0x82, 0x02, 0x8a, 0xa0, 0x03, 0x02, 0x01, @@ -108,6 +156,57 @@ std::string TestX509CertificatePrivate::TestValidCertificate() { reinterpret_cast<const char*>(kGoogleDer), sizeof(kGoogleDer)); ASSERT_TRUE(successful); + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_SUBJECT_COMMON_NAME, "www.google.com")); + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_SUBJECT_LOCALITY_NAME, "Mountain View")); + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_SUBJECT_STATE_OR_PROVINCE_NAME, "California")); + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_SUBJECT_COUNTRY_NAME, "US")); + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_NAME, "Google Inc")); + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_UNIT_NAME, "")); + + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_ISSUER_COMMON_NAME, "Thawte SGC CA")); + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_ISSUER_LOCALITY_NAME, "")); + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_ISSUER_STATE_OR_PROVINCE_NAME, "")); + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_ISSUER_COUNTRY_NAME, "ZA")); + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_NAME, + "Thawte Consulting (Pty) Ltd.")); + ASSERT_TRUE(FieldMatchesString(certificate, + PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_UNIT_NAME, "")); + + ASSERT_FALSE(FieldIsNull(certificate, + PP_X509CERTIFICATE_PRIVATE_SERIAL_NUMBER)); + ASSERT_TRUE(FieldMatchesDouble(certificate, + PP_X509CERTIFICATE_PRIVATE_VALIDITY_NOT_BEFORE, 1238192407)); + ASSERT_TRUE(FieldMatchesDouble(certificate, + PP_X509CERTIFICATE_PRIVATE_VALIDITY_NOT_AFTER, 1269728407)); + ASSERT_TRUE(FieldMatchesBuffer(certificate, + PP_X509CERTIFICATE_PRIVATE_RAW, + reinterpret_cast<const char*>(kGoogleDer), sizeof(kGoogleDer))); + + // Check unimplemented fields return null. + ASSERT_TRUE(FieldIsNull(certificate, + PP_X509CERTIFICATE_PRIVATE_SUBJECT_UNIQUE_ID)); + ASSERT_TRUE(FieldIsNull(certificate, + PP_X509CERTIFICATE_PRIVATE_ISSUER_UNIQUE_ID)); + ASSERT_TRUE(FieldIsNull(certificate, + PP_X509CERTIFICATE_PRIVATE_VERSION)); + ASSERT_TRUE(FieldIsNull(certificate, + PP_X509CERTIFICATE_PRIVATE_ALGORITHM_OID)); + ASSERT_TRUE(FieldIsNull(certificate, + PP_X509CERTIFICATE_PRIVATE_ALGORITHM_PARAMATERS_RAW)); + ASSERT_TRUE(FieldIsNull(certificate, + PP_X509CERTIFICATE_PRIVATE_SUBJECT_PUBLIC_KEY)); + PASS(); } |