summaryrefslogtreecommitdiffstats
path: root/net/base/x509_certificate_mac.cc
diff options
context:
space:
mode:
Diffstat (limited to 'net/base/x509_certificate_mac.cc')
-rw-r--r--net/base/x509_certificate_mac.cc41
1 files changed, 21 insertions, 20 deletions
diff --git a/net/base/x509_certificate_mac.cc b/net/base/x509_certificate_mac.cc
index cd8a3ca..05fbe63 100644
--- a/net/base/x509_certificate_mac.cc
+++ b/net/base/x509_certificate_mac.cc
@@ -10,12 +10,13 @@
#include "base/logging.h"
#include "base/pickle.h"
-#include "base/scoped_cftyperef.h"
+#include "base/mac/scoped_cftyperef.h"
#include "base/sys_string_conversions.h"
#include "net/base/cert_status_flags.h"
#include "net/base/cert_verify_result.h"
#include "net/base/net_errors.h"
+using base::mac::ScopedCFTypeRef;
using base::Time;
namespace net {
@@ -46,7 +47,7 @@ class MacTrustedCertificates {
OSStatus status = SecTrustCopyAnchorCertificates(&anchor_array);
if (status)
return NULL;
- scoped_cftyperef<CFArrayRef> scoped_anchor_array(anchor_array);
+ ScopedCFTypeRef<CFArrayRef> scoped_anchor_array(anchor_array);
CFMutableArrayRef merged_array = CFArrayCreateMutableCopy(
kCFAllocatorDefault, 0, anchor_array);
if (!merged_array)
@@ -337,17 +338,17 @@ OSStatus CopyCertChain(SecCertificateRef cert_handle,
OSStatus result = X509Certificate::CreateSSLClientPolicy(&ssl_policy);
if (result)
return result;
- scoped_cftyperef<SecPolicyRef> scoped_ssl_policy(ssl_policy);
+ ScopedCFTypeRef<SecPolicyRef> scoped_ssl_policy(ssl_policy);
// Create a SecTrustRef.
- scoped_cftyperef<CFArrayRef> input_certs(
+ ScopedCFTypeRef<CFArrayRef> input_certs(
CFArrayCreate(NULL, (const void**)&cert_handle, 1,
&kCFTypeArrayCallBacks));
SecTrustRef trust_ref = NULL;
result = SecTrustCreateWithCertificates(input_certs, ssl_policy, &trust_ref);
if (result)
return result;
- scoped_cftyperef<SecTrustRef> trust(trust_ref);
+ ScopedCFTypeRef<SecTrustRef> trust(trust_ref);
// Evaluate trust, which creates the cert chain.
SecTrustResultType status;
@@ -396,7 +397,7 @@ void AddCertificatesFromBytes(const char* data, size_t length,
SecExternalFormat format,
X509Certificate::OSCertHandles* output) {
SecExternalFormat input_format = format;
- scoped_cftyperef<CFDataRef> local_data(CFDataCreateWithBytesNoCopy(
+ ScopedCFTypeRef<CFDataRef> local_data(CFDataCreateWithBytesNoCopy(
kCFAllocatorDefault, reinterpret_cast<const UInt8*>(data),
length, kCFAllocatorNull));
@@ -409,7 +410,7 @@ void AddCertificatesFromBytes(const char* data, size_t length,
return;
}
- scoped_cftyperef<CFArrayRef> scoped_items(items);
+ ScopedCFTypeRef<CFArrayRef> scoped_items(items);
CFTypeID cert_type_id = SecCertificateGetTypeID();
for (CFIndex i = 0; i < CFArrayGetCount(items); ++i) {
@@ -513,7 +514,7 @@ int X509Certificate::Verify(const std::string& hostname, int flags,
&ssl_policy);
if (status)
return NetErrorFromOSStatus(status);
- scoped_cftyperef<SecPolicyRef> scoped_ssl_policy(ssl_policy);
+ ScopedCFTypeRef<SecPolicyRef> scoped_ssl_policy(ssl_policy);
// Create and configure a SecTrustRef, which takes our certificate(s)
// and our SSL SecPolicyRef. SecTrustCreateWithCertificates() takes an
@@ -524,7 +525,7 @@ int X509Certificate::Verify(const std::string& hostname, int flags,
&kCFTypeArrayCallBacks);
if (!cert_array)
return ERR_OUT_OF_MEMORY;
- scoped_cftyperef<CFArrayRef> scoped_cert_array(cert_array);
+ ScopedCFTypeRef<CFArrayRef> scoped_cert_array(cert_array);
CFArrayAppendValue(cert_array, cert_handle_);
for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i)
CFArrayAppendValue(cert_array, intermediate_ca_certs_[i]);
@@ -539,13 +540,13 @@ int X509Certificate::Verify(const std::string& hostname, int flags,
status = SecTrustCreateWithCertificates(cert_array, ssl_policy, &trust_ref);
if (status)
return NetErrorFromOSStatus(status);
- scoped_cftyperef<SecTrustRef> scoped_trust_ref(trust_ref);
+ ScopedCFTypeRef<SecTrustRef> scoped_trust_ref(trust_ref);
// Set the trusted anchor certificates for the SecTrustRef by merging the
// system trust anchors and the test root certificate.
CFArrayRef anchor_array =
Singleton<MacTrustedCertificates>::get()->CopyTrustedCertificateArray();
- scoped_cftyperef<CFArrayRef> scoped_anchor_array(anchor_array);
+ ScopedCFTypeRef<CFArrayRef> scoped_anchor_array(anchor_array);
if (anchor_array) {
status = SecTrustSetAnchorCertificates(trust_ref, anchor_array);
if (status)
@@ -573,7 +574,7 @@ int X509Certificate::Verify(const std::string& hostname, int flags,
sizeof(tp_action_data));
if (!action_data_ref)
return ERR_OUT_OF_MEMORY;
- scoped_cftyperef<CFDataRef> scoped_action_data_ref(action_data_ref);
+ ScopedCFTypeRef<CFDataRef> scoped_action_data_ref(action_data_ref);
status = SecTrustSetParameters(trust_ref, CSSM_TP_ACTION_DEFAULT,
action_data_ref);
if (status)
@@ -594,7 +595,7 @@ int X509Certificate::Verify(const std::string& hostname, int flags,
&chain_info);
if (status)
return NetErrorFromOSStatus(status);
- scoped_cftyperef<CFArrayRef> scoped_completed_chain(completed_chain);
+ ScopedCFTypeRef<CFArrayRef> scoped_completed_chain(completed_chain);
// Evaluate the results
OSStatus cssm_result;
@@ -864,7 +865,7 @@ bool X509Certificate::IsIssuedBy(
result = CopyCertChain(os_cert_handle(), &cert_chain);
if (result != noErr)
return false;
- scoped_cftyperef<CFArrayRef> scoped_cert_chain(cert_chain);
+ ScopedCFTypeRef<CFArrayRef> scoped_cert_chain(cert_chain);
// Check all the certs in the chain for a match.
int n = CFArrayGetCount(cert_chain);
@@ -902,10 +903,10 @@ bool X509Certificate::GetSSLClientCertificates (
const std::string& server_domain,
const std::vector<CertPrincipal>& valid_issuers,
std::vector<scoped_refptr<X509Certificate> >* certs) {
- scoped_cftyperef<SecIdentityRef> preferred_identity;
+ ScopedCFTypeRef<SecIdentityRef> preferred_identity;
if (!server_domain.empty()) {
// See if there's an identity preference for this domain:
- scoped_cftyperef<CFStringRef> domain_str(
+ ScopedCFTypeRef<CFStringRef> domain_str(
base::SysUTF8ToCFStringRef("https://" + server_domain));
SecIdentityRef identity = NULL;
if (SecIdentityCopyPreference(domain_str,
@@ -918,19 +919,19 @@ bool X509Certificate::GetSSLClientCertificates (
// Now enumerate the identities in the available keychains.
SecIdentitySearchRef search = nil;
OSStatus err = SecIdentitySearchCreate(NULL, CSSM_KEYUSE_SIGN, &search);
- scoped_cftyperef<SecIdentitySearchRef> scoped_search(search);
+ ScopedCFTypeRef<SecIdentitySearchRef> scoped_search(search);
while (!err) {
SecIdentityRef identity = NULL;
err = SecIdentitySearchCopyNext(search, &identity);
if (err)
break;
- scoped_cftyperef<SecIdentityRef> scoped_identity(identity);
+ ScopedCFTypeRef<SecIdentityRef> scoped_identity(identity);
SecCertificateRef cert_handle;
err = SecIdentityCopyCertificate(identity, &cert_handle);
if (err != noErr)
continue;
- scoped_cftyperef<SecCertificateRef> scoped_cert_handle(cert_handle);
+ ScopedCFTypeRef<SecCertificateRef> scoped_cert_handle(cert_handle);
scoped_refptr<X509Certificate> cert(
CreateFromHandle(cert_handle, SOURCE_LONE_CERT_IMPORT,
@@ -983,7 +984,7 @@ CFArrayRef X509Certificate::CreateClientCertificateChain() const {
LOG(ERROR) << "SecIdentityCreateWithCertificate error " << result;
return NULL;
}
- scoped_cftyperef<CFMutableArrayRef> chain(
+ ScopedCFTypeRef<CFMutableArrayRef> chain(
CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks));
CFArrayAppendValue(chain, identity);
generated by cgit v1.1 at 2025-01-31 05:30:23 +0000