diff options
| author | ukai@chromium.org <ukai@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-12 03:57:32 +0000 |
|---|---|---|
| committer | ukai@chromium.org <ukai@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-12 03:57:32 +0000 |
| commit | c0d769d16ca94f36239fcd82725d909947f1cc1c (patch) | |
| tree | 534e4c930865d6b7bcdbff895380f825b6c7e51e /net/base/ev_root_ca_metadata.cc | |
| parent | c59fc74df671f470511a87e24c2d7efee864c27e (diff) | |
| download | chromium_src-c0d769d16ca94f36239fcd82725d909947f1cc1c.zip chromium_src-c0d769d16ca94f36239fcd82725d909947f1cc1c.tar.gz chromium_src-c0d769d16ca94f36239fcd82725d909947f1cc1c.tar.bz2 | |
typedef PolicyOID to support Linux-only SECOidTag in EVRootCAMetadata methods.
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/164134
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@23164 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/ev_root_ca_metadata.cc')
| -rw-r--r-- | net/base/ev_root_ca_metadata.cc | 50 |
1 files changed, 44 insertions, 6 deletions
diff --git a/net/base/ev_root_ca_metadata.cc b/net/base/ev_root_ca_metadata.cc index 0aeca2b..1fa59ed 100644 --- a/net/base/ev_root_ca_metadata.cc +++ b/net/base/ev_root_ca_metadata.cc @@ -2,9 +2,22 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/singleton.h" #include "net/base/ev_root_ca_metadata.h" +#if defined(OS_LINUX) +// Work around https://bugzilla.mozilla.org/show_bug.cgi?id=455424 +// until NSS 3.12.2 comes out and we update to it. +#define Lock FOO_NSS_Lock +#include <cert.h> +#include <pkcs11n.h> +#include <secerr.h> +#include <secoid.h> +#undef Lock +#endif + +#include "base/logging.h" +#include "base/singleton.h" + namespace net { // Raw metadata. @@ -201,8 +214,8 @@ EVRootCAMetadata* EVRootCAMetadata::GetInstance() { bool EVRootCAMetadata::GetPolicyOID( const X509Certificate::Fingerprint& fingerprint, - std::string* policy_oid) const { - StringMap::const_iterator iter = ev_policy_.find(fingerprint); + PolicyOID* policy_oid) const { + PolicyOidMap::const_iterator iter = ev_policy_.find(fingerprint); if (iter == ev_policy_.end()) return false; *policy_oid = iter->second; @@ -211,16 +224,41 @@ bool EVRootCAMetadata::GetPolicyOID( EVRootCAMetadata::EVRootCAMetadata() { // Constructs the object from the raw metadata in ev_root_ca_metadata. - num_policy_oids_ = arraysize(ev_root_ca_metadata); - policy_oids_.reset(new const char*[num_policy_oids_]); +#if defined(OS_LINUX) + for (size_t i = 0; i < arraysize(ev_root_ca_metadata); i++) { + const EVMetadata& metadata = ev_root_ca_metadata[i]; + PRUint8 buf[1024]; + SECItem oid_item; + oid_item.data = buf; + oid_item.len = sizeof(buf); + SECStatus status = SEC_StringToOID(NULL, &oid_item, metadata.policy_oid, 0); + if (status != SECSuccess) { + LOG(ERROR) << "Failed to convert to OID: " << metadata.policy_oid; + continue; + } + // Register the OID. + SECOidData od; + od.oid.len = oid_item.len; + od.oid.data = oid_item.data; + od.offset = SEC_OID_UNKNOWN; + od.desc = metadata.policy_oid; + od.mechanism = CKM_INVALID_MECHANISM; + od.supportedExtension = INVALID_CERT_EXTENSION; + SECOidTag policy = SECOID_AddEntry(&od); + DCHECK(policy != SEC_OID_UNKNOWN); + ev_policy_[metadata.fingerprint] = policy; + policy_oids_.push_back(policy); + } +#else for (size_t i = 0; i < arraysize(ev_root_ca_metadata); i++) { const EVMetadata& metadata = ev_root_ca_metadata[i]; ev_policy_[metadata.fingerprint] = metadata.policy_oid; // Multiple root CA certs may use the same EV policy OID. Having // duplicates in the policy_oids_ array does no harm, so we don't // bother detecting duplicates. - policy_oids_[i] = metadata.policy_oid; + policy_oids_.push_back(metadata.policy_oid); } +#endif } } // namespace net |