Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(79)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: webrtc/base/sslidentity.cc

Issue 1468273004: Provide method for returning certificate expiration timestamp. (Closed) Base URL: https://chromium.googlesource.com/external/webrtc.git@master
Patch Set: Move most new code from opensslidentity.cc to timeutils.cc and sslidentity.cc Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« webrtc/base/opensslidentity.cc ('K') | « webrtc/base/sslidentity.h ('k') | webrtc/base/sslidentity_unittest.cc » ('j') | webrtc/base/sslidentity_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved.
3 * 3 *
4 * Use of this source code is governed by a BSD-style license 4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source 5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found 6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may 7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree. 8 * be found in the AUTHORS file in the root of the source tree.
9 */ 9 */
10 10
11 // Handling of certificates and keypairs for SSLStreamAdapter's peer mode. 11 // Handling of certificates and keypairs for SSLStreamAdapter's peer mode.
12 #if HAVE_CONFIG_H 12 #if HAVE_CONFIG_H
13 #include "config.h" 13 #include "config.h"
14 #endif // HAVE_CONFIG_H 14 #endif // HAVE_CONFIG_H
15 15
16 #include "webrtc/base/sslidentity.h" 16 #include "webrtc/base/sslidentity.h"
17 17
18 #include <ctime>
18 #include <string> 19 #include <string>
19 20
20 #include "webrtc/base/base64.h" 21 #include "webrtc/base/base64.h"
21 #include "webrtc/base/checks.h" 22 #include "webrtc/base/checks.h"
22 #include "webrtc/base/logging.h" 23 #include "webrtc/base/logging.h"
23 #include "webrtc/base/sslconfig.h" 24 #include "webrtc/base/sslconfig.h"
24 25
25 #if SSL_USE_OPENSSL 26 #if SSL_USE_OPENSSL
26 27
27 #include "webrtc/base/opensslidentity.h" 28 #include "webrtc/base/opensslidentity.h"
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after
170 const std::string& certificate) { 171 const std::string& certificate) {
171 return OpenSSLIdentity::FromPEMStrings(private_key, certificate); 172 return OpenSSLIdentity::FromPEMStrings(private_key, certificate);
172 } 173 }
173 174
174 #else // !SSL_USE_OPENSSL 175 #else // !SSL_USE_OPENSSL
175 176
176 #error "No SSL implementation" 177 #error "No SSL implementation"
177 178
178 #endif // SSL_USE_OPENSSL 179 #endif // SSL_USE_OPENSSL
179 180
181 // Read |n| bytes from ASN1 number string at *|pp| and return the numeric value.
182 // Update *|pp| and *|np| to reflect number of read bytes.
183 static int ASN1ReadInt(const unsigned char** pp, size_t* np, size_t n) {
184 const unsigned char* p = *pp;
185 int x = 0;
186 for (size_t i = 0; i < n; i++) {
187 x = 10 * x + p[i] - '0';
188 }
189 *pp = p + n;
190 *np = *np - n;
191 return x;
192 }
193
194 int64_t ASN1TimeToSec(const unsigned char *s, size_t length, bool long_format) {
195 std::tm tm;
196 int year;
197 size_t bytes_left = length;
198
199 // Read out ASN1 year, in either 2-char "UTCTIME" or 4-char "GENERALIZEDTIME"
200 // format. Both format use UTC in this context.
201 if (long_format) {
202 // ASN1 format: yyyymmddhh[mm[ss[.fff]]]Z where the Z is literal, but
203 // RFC 5280 requires us to only support exactly yyyymmddhhmmssZ.
204
205 if (bytes_left < 11)
206 return -1;
207
208 year = ASN1ReadInt(&s, &bytes_left, 4);
209 year -= 1900;
210 } else {
211 // ASN1 format: yymmddhhmm[ss]Z where the Z is literal, but RFC 5280
212 // requires us to only support exactly yymmddhhmmssZ.
213
214 if (bytes_left < 9)
215 return -1;
216
217 year = ASN1ReadInt(&s, &bytes_left, 2);
218 if (year < 70)
219 year += 100;
220 }
221
222 tm.tm_year = year;
223
224 // Read out remaining ASN1 time data and store it in |tm| in documented
225 // std::tm format.
226 tm.tm_mon = ASN1ReadInt(&s, &bytes_left, 2) - 1;
227 tm.tm_mday = ASN1ReadInt(&s, &bytes_left, 2);
228 tm.tm_hour = ASN1ReadInt(&s, &bytes_left, 2);
229 tm.tm_min = ASN1ReadInt(&s, &bytes_left, 2);
230 tm.tm_sec = ASN1ReadInt(&s, &bytes_left, 2);
231
232 if (bytes_left != 1 || s[0] != 'Z') {
233 // A final Z means UTC, mandated by RFC 5280, and compatible with OpenSSL.
234 return -1;
235 }
236
237 return TmToSeconds(tm);
238 }
239
180 } // namespace rtc 240 } // namespace rtc
OLDNEW
« webrtc/base/opensslidentity.cc ('K') | « webrtc/base/sslidentity.h ('k') | webrtc/base/sslidentity_unittest.cc » ('j') | webrtc/base/sslidentity_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698