summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorraymes@chromium.org <raymes@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-04-05 21:55:49 +0000
committerraymes@chromium.org <raymes@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-04-05 21:55:49 +0000
commitadd68c87534edb4b6b50f35e75213f422083d5b9 (patch)
tree61d1ff046ba64384e02758a1068f261fa9493334
parent1d702f342ae59faf53741dd3dbf414092a8b0744 (diff)
downloadchromium_src-add68c87534edb4b6b50f35e75213f422083d5b9.zip
chromium_src-add68c87534edb4b6b50f35e75213f422083d5b9.tar.gz
chromium_src-add68c87534edb4b6b50f35e75213f422083d5b9.tar.bz2
Implemented the function which converts a Chrome X509Certificate into a pepper X509 certificate.
This also removes the un-implemented fields for now. It probably makes sense just to add them when we need them. BUG=114626 TEST=Ran X509 Certificate ppapi test. NOTRY=true Review URL: http://codereview.chromium.org/9836024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@131018 0039d316-1c4b-4281-b951-d872f2087c98
-rw-r--r--content/browser/renderer_host/pepper_tcp_socket.cc42
-rw-r--r--ppapi/api/private/ppb_x509_certificate_private.idl22
-rw-r--r--ppapi/c/private/ppb_x509_certificate_private.h24
-rw-r--r--ppapi/tests/test_x509_certificate_private.cc99
4 files changed, 169 insertions, 18 deletions
diff --git a/content/browser/renderer_host/pepper_tcp_socket.cc b/content/browser/renderer_host/pepper_tcp_socket.cc
index 8af741b..e80e8e6 100644
--- a/content/browser/renderer_host/pepper_tcp_socket.cc
+++ b/content/browser/renderer_host/pepper_tcp_socket.cc
@@ -10,6 +10,7 @@
#include "base/bind_helpers.h"
#include "base/compiler_specific.h"
#include "base/logging.h"
+#include "base/string_util.h"
#include "content/browser/renderer_host/pepper_message_filter.h"
#include "content/public/browser/browser_thread.h"
#include "net/base/cert_verifier.h"
@@ -208,7 +209,46 @@ void PepperTCPSocket::SendConnectACKError() {
bool PepperTCPSocket::GetCertificateFields(
const net::X509Certificate& cert,
ppapi::PPB_X509Certificate_Fields* fields) {
- // TODO(raymes,rsleevi): Implement this.
+ const net::CertPrincipal& issuer = cert.issuer();
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_COMMON_NAME,
+ new base::StringValue(issuer.common_name));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_LOCALITY_NAME,
+ new base::StringValue(issuer.locality_name));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_STATE_OR_PROVINCE_NAME,
+ new base::StringValue(issuer.state_or_province_name));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_COUNTRY_NAME,
+ new base::StringValue(issuer.country_name));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_NAME,
+ new base::StringValue(JoinString(issuer.organization_names, '\n')));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_UNIT_NAME,
+ new base::StringValue(JoinString(issuer.organization_unit_names, '\n')));
+
+ const net::CertPrincipal& subject = cert.subject();
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_COMMON_NAME,
+ new base::StringValue(subject.common_name));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_LOCALITY_NAME,
+ new base::StringValue(subject.locality_name));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_STATE_OR_PROVINCE_NAME,
+ new base::StringValue(subject.state_or_province_name));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_COUNTRY_NAME,
+ new base::StringValue(subject.country_name));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_NAME,
+ new base::StringValue(JoinString(subject.organization_names, '\n')));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_UNIT_NAME,
+ new base::StringValue(JoinString(subject.organization_unit_names, '\n')));
+
+ const std::string& serial_number = cert.serial_number();
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_SERIAL_NUMBER,
+ base::BinaryValue::CreateWithCopiedBuffer(serial_number.data(),
+ serial_number.length()));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_VALIDITY_NOT_BEFORE,
+ base::Value::CreateDoubleValue(cert.valid_start().ToDoubleT()));
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_VALIDITY_NOT_AFTER,
+ base::Value::CreateDoubleValue(cert.valid_expiry().ToDoubleT()));
+ std::string der;
+ net::X509Certificate::GetDEREncoded(cert.os_cert_handle(), &der);
+ fields->SetField(PP_X509CERTIFICATE_PRIVATE_RAW,
+ base::BinaryValue::CreateWithCopiedBuffer(der.data(), der.length()));
return true;
}
diff --git a/ppapi/api/private/ppb_x509_certificate_private.idl b/ppapi/api/private/ppb_x509_certificate_private.idl
index ad1a3eb..c68400b 100644
--- a/ppapi/api/private/ppb_x509_certificate_private.idl
+++ b/ppapi/api/private/ppb_x509_certificate_private.idl
@@ -38,7 +38,8 @@ enum PP_X509Certificate_Private_Field {
PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_UNIT_NAME = 5,
/**
- * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>).
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
*/
PP_X509CERTIFICATE_PRIVATE_ISSUER_UNIQUE_ID = 6,
@@ -61,13 +62,14 @@ enum PP_X509Certificate_Private_Field {
PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_UNIT_NAME = 12,
/**
- * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>).
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
*/
PP_X509CERTIFICATE_PRIVATE_SUBJECT_UNIQUE_ID = 13,
/**
- * This corresponds to an integer (<code>PP_VARTYPE_INT32</code>) which
- * which can be cast to a <code>PPB_X509Certificate_Private_Version</code>.
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
*/
PP_X509CERTIFICATE_PRIVATE_VERSION = 14,
@@ -77,12 +79,15 @@ enum PP_X509Certificate_Private_Field {
*/
PP_X509CERTIFICATE_PRIVATE_SERIAL_NUMBER = 15,
- /** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */
+ /**
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
+ */
PP_X509CERTIFICATE_PRIVATE_ALGORITHM_OID = 16,
/**
- * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>)
- * which is DER-encoded.
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
*/
PP_X509CERTIFICATE_PRIVATE_ALGORITHM_PARAMATERS_RAW = 17,
@@ -102,7 +107,8 @@ enum PP_X509Certificate_Private_Field {
PP_X509CERTIFICATE_PRIVATE_SUBJECT_PUBLIC_KEY_ALGORITHM_OID = 20,
/**
- * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>).
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
*/
PP_X509CERTIFICATE_PRIVATE_SUBJECT_PUBLIC_KEY = 21,
diff --git a/ppapi/c/private/ppb_x509_certificate_private.h b/ppapi/c/private/ppb_x509_certificate_private.h
index cd2c2b9..ba7cb0c 100644
--- a/ppapi/c/private/ppb_x509_certificate_private.h
+++ b/ppapi/c/private/ppb_x509_certificate_private.h
@@ -4,7 +4,7 @@
*/
/* From private/ppb_x509_certificate_private.idl,
- * modified Fri Mar 23 09:40:44 2012.
+ * modified Thu Mar 29 16:25:36 2012.
*/
#ifndef PPAPI_C_PRIVATE_PPB_X509_CERTIFICATE_PRIVATE_H_
@@ -52,7 +52,8 @@ typedef enum {
/** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */
PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_UNIT_NAME = 5,
/**
- * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>).
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
*/
PP_X509CERTIFICATE_PRIVATE_ISSUER_UNIQUE_ID = 6,
/** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */
@@ -68,12 +69,13 @@ typedef enum {
/** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */
PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_UNIT_NAME = 12,
/**
- * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>).
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
*/
PP_X509CERTIFICATE_PRIVATE_SUBJECT_UNIQUE_ID = 13,
/**
- * This corresponds to an integer (<code>PP_VARTYPE_INT32</code>) which
- * which can be cast to a <code>PPB_X509Certificate_Private_Version</code>.
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
*/
PP_X509CERTIFICATE_PRIVATE_VERSION = 14,
/**
@@ -81,11 +83,14 @@ typedef enum {
* The serial number may include a leading 0.
*/
PP_X509CERTIFICATE_PRIVATE_SERIAL_NUMBER = 15,
- /** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */
+ /**
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
+ */
PP_X509CERTIFICATE_PRIVATE_ALGORITHM_OID = 16,
/**
- * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>)
- * which is DER-encoded.
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
*/
PP_X509CERTIFICATE_PRIVATE_ALGORITHM_PARAMATERS_RAW = 17,
/**
@@ -101,7 +106,8 @@ typedef enum {
/** This corresponds to a string (<code>PP_VARTYPE_STRING</code>). */
PP_X509CERTIFICATE_PRIVATE_SUBJECT_PUBLIC_KEY_ALGORITHM_OID = 20,
/**
- * This corresponds to a byte array (<code>PP_VARTYPE_ARRAY_BUFFER</code>).
+ * Note: This field is unimplemented and will return
+ * <code>PP_VARTYPE_NULL</code>.
*/
PP_X509CERTIFICATE_PRIVATE_SUBJECT_PUBLIC_KEY = 21,
/**
diff --git a/ppapi/tests/test_x509_certificate_private.cc b/ppapi/tests/test_x509_certificate_private.cc
index 0665525..9bf950e 100644
--- a/ppapi/tests/test_x509_certificate_private.cc
+++ b/ppapi/tests/test_x509_certificate_private.cc
@@ -4,13 +4,61 @@
#include "ppapi/tests/test_x509_certificate_private.h"
+#include <cmath>
+#include <limits>
+
#include "ppapi/cpp/private/x509_certificate_private.h"
+#include "ppapi/cpp/var_array_buffer.h"
+#include "ppapi/cpp/var.h"
#include "ppapi/tests/testing_instance.h"
REGISTER_TEST_CASE(X509CertificatePrivate);
namespace {
+bool FieldMatchesString(
+ const pp::X509Certificate& certificate,
+ PP_X509Certificate_Private_Field field,
+ const std::string& expected) {
+ pp::Var field_value = certificate.GetField(field);
+ if (!field_value.is_string())
+ return false;
+ return field_value.AsString() == expected;
+}
+
+bool FieldMatchesDouble(
+ const pp::X509Certificate& certificate,
+ PP_X509Certificate_Private_Field field,
+ double expected) {
+ pp::Var field_value = certificate.GetField(field);
+ if (!field_value.is_double())
+ return false;
+ return std::fabs(field_value.AsDouble() - expected) <=
+ std::numeric_limits<double>::epsilon();
+}
+
+bool FieldMatchesBuffer(
+ const pp::X509Certificate& certificate,
+ PP_X509Certificate_Private_Field field,
+ const char* expected,
+ uint32_t expected_length) {
+ pp::Var field_value = certificate.GetField(field);
+ if (!field_value.is_array_buffer())
+ return false;
+ pp::VarArrayBuffer array_buffer(field_value);
+ char* bytes = static_cast<char*>(array_buffer.Map());
+ uint32_t length = array_buffer.ByteLength();
+ if (length != expected_length)
+ return false;
+ return std::equal(expected, expected + expected_length, bytes);
+}
+
+bool FieldIsNull(
+ const pp::X509Certificate& certificate,
+ PP_X509Certificate_Private_Field field) {
+ return certificate.GetField(field).is_null();
+}
+
// Google's cert.
const unsigned char kGoogleDer[] = {
0x30, 0x82, 0x03, 0x21, 0x30, 0x82, 0x02, 0x8a, 0xa0, 0x03, 0x02, 0x01,
@@ -108,6 +156,57 @@ std::string TestX509CertificatePrivate::TestValidCertificate() {
reinterpret_cast<const char*>(kGoogleDer), sizeof(kGoogleDer));
ASSERT_TRUE(successful);
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_SUBJECT_COMMON_NAME, "www.google.com"));
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_SUBJECT_LOCALITY_NAME, "Mountain View"));
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_SUBJECT_STATE_OR_PROVINCE_NAME, "California"));
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_SUBJECT_COUNTRY_NAME, "US"));
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_NAME, "Google Inc"));
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_UNIT_NAME, ""));
+
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_ISSUER_COMMON_NAME, "Thawte SGC CA"));
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_ISSUER_LOCALITY_NAME, ""));
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_ISSUER_STATE_OR_PROVINCE_NAME, ""));
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_ISSUER_COUNTRY_NAME, "ZA"));
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_NAME,
+ "Thawte Consulting (Pty) Ltd."));
+ ASSERT_TRUE(FieldMatchesString(certificate,
+ PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_UNIT_NAME, ""));
+
+ ASSERT_FALSE(FieldIsNull(certificate,
+ PP_X509CERTIFICATE_PRIVATE_SERIAL_NUMBER));
+ ASSERT_TRUE(FieldMatchesDouble(certificate,
+ PP_X509CERTIFICATE_PRIVATE_VALIDITY_NOT_BEFORE, 1238192407));
+ ASSERT_TRUE(FieldMatchesDouble(certificate,
+ PP_X509CERTIFICATE_PRIVATE_VALIDITY_NOT_AFTER, 1269728407));
+ ASSERT_TRUE(FieldMatchesBuffer(certificate,
+ PP_X509CERTIFICATE_PRIVATE_RAW,
+ reinterpret_cast<const char*>(kGoogleDer), sizeof(kGoogleDer)));
+
+ // Check unimplemented fields return null.
+ ASSERT_TRUE(FieldIsNull(certificate,
+ PP_X509CERTIFICATE_PRIVATE_SUBJECT_UNIQUE_ID));
+ ASSERT_TRUE(FieldIsNull(certificate,
+ PP_X509CERTIFICATE_PRIVATE_ISSUER_UNIQUE_ID));
+ ASSERT_TRUE(FieldIsNull(certificate,
+ PP_X509CERTIFICATE_PRIVATE_VERSION));
+ ASSERT_TRUE(FieldIsNull(certificate,
+ PP_X509CERTIFICATE_PRIVATE_ALGORITHM_OID));
+ ASSERT_TRUE(FieldIsNull(certificate,
+ PP_X509CERTIFICATE_PRIVATE_ALGORITHM_PARAMATERS_RAW));
+ ASSERT_TRUE(FieldIsNull(certificate,
+ PP_X509CERTIFICATE_PRIVATE_SUBJECT_PUBLIC_KEY));
+
PASS();
}