diff options
| author | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-10-18 01:47:04 +0000 |
|---|---|---|
| committer | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-10-18 01:47:04 +0000 |
| commit | 3c5f6db2ef15a4ac179351764f320e16364fa457 (patch) | |
| tree | c69a4d6684d81d73a622343311c2e962501819e4 /net/net.gyp | |
| parent | 091a5b6f0dede5cedee54ec1aae623a946ab405f (diff) | |
| download | chromium_src-3c5f6db2ef15a4ac179351764f320e16364fa457.zip chromium_src-3c5f6db2ef15a4ac179351764f320e16364fa457.tar.gz chromium_src-3c5f6db2ef15a4ac179351764f320e16364fa457.tar.bz2 | |
Use NSS to generate Origin-Bound Certs on Win and Mac.
The platform RSAPrivateKey is used to generate the private key, which is then imported into NSS to generate the certificate.
X509Certificate::CreateOriginBound is moved to x509_util::CreateOriginBoundCert so it can be shared by those platforms, and removes the unnecessary X509Certificate generation step.
BUG=88782
TEST=X509UtilNSSTest.CreateOriginBoundCert & manual testing: try on win or mac, check if generated cert has the OBC extension.
Review URL: http://codereview.chromium.org/8296014
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@105997 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/net.gyp')
| -rw-r--r-- | net/net.gyp | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/net/net.gyp b/net/net.gyp index 3b0ddbc..cfccfa3 100644 --- a/net/net.gyp +++ b/net/net.gyp @@ -247,6 +247,9 @@ 'base/x509_certificate_nss.cc', 'base/x509_certificate_openssl.cc', 'base/x509_certificate_win.cc', + 'base/x509_util.h', + 'base/x509_util_nss.cc', + 'base/x509_util_nss.h', 'base/x509_util_openssl.cc', 'base/x509_util_openssl.h', 'disk_cache/addr.cc', @@ -765,6 +768,8 @@ 'base/nss_memio.h', 'base/test_root_certs_nss.cc', 'base/x509_certificate_nss.cc', + 'base/x509_util_nss.cc', + 'base/x509_util_nss.h', 'ocsp/nss_ocsp.cc', 'ocsp/nss_ocsp.h', 'socket/dns_cert_provenance_check.cc', @@ -976,6 +981,8 @@ 'base/upload_data_stream_unittest.cc', 'base/x509_certificate_unittest.cc', 'base/x509_cert_types_mac_unittest.cc', + 'base/x509_util_nss_unittest.cc', + 'base/x509_util_openssl_unittest.cc', 'disk_cache/addr_unittest.cc', 'disk_cache/backend_unittest.cc', 'disk_cache/bitmap_unittest.cc', @@ -1157,9 +1164,14 @@ # TODO(bulach): Add equivalent tests when the underlying # functionality is ported to OpenSSL. 'sources!': [ + 'base/x509_util_nss_unittest.cc', 'base/cert_database_nss_unittest.cc', 'base/dnssec_unittest.cc', ], + }, { # else !use_openssl: remove the unneeded files + 'sources!': [ + 'base/x509_util_openssl_unittest.cc', + ], }, ], [ 'OS == "win"', { @@ -1171,6 +1183,17 @@ # TODO(mark): Specifying this here shouldn't be necessary. 'dependencies': [ '../third_party/icu/icu.gyp:icudata', + '../third_party/nss/nss.gyp:nspr', + '../third_party/nss/nss.gyp:nss', + 'third_party/nss/ssl.gyp:ssl', + ], + }, + ], + [ 'OS == "mac"', { + 'dependencies': [ + '../third_party/nss/nss.gyp:nspr', + '../third_party/nss/nss.gyp:nss', + 'third_party/nss/ssl.gyp:ssl', ], }, ], |