// Copyright 2016 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "net/tools/cert_verify_tool/verify_using_path_builder.h" #include <iostream> #include <memory> #include "base/strings/string_number_conversions.h" #include "base/strings/string_util.h" #include "base/time/time.h" #include "crypto/sha2.h" #include "net/cert/cert_net_fetcher.h" #include "net/cert/internal/cert_issuer_source_aia.h" #include "net/cert/internal/system_trust_store.h" #include "net/cert/time_conversions.h" #include "net/cert/x509_certificate.h" #include "net/cert/x509_util.h" #include "net/tools/cert_verify_tool/cert_verify_tool_util.h" #include "third_party/boringssl/src/include/openssl/bytestring.h" #include "third_party/boringssl/src/include/openssl/mem.h" #include "third_party/boringssl/src/pki/cert_issuer_source_static.h" #include "third_party/boringssl/src/pki/parse_name.h" #include "third_party/boringssl/src/pki/parsed_certificate.h" #include "third_party/boringssl/src/pki/path_builder.h" #include "third_party/boringssl/src/pki/simple_path_builder_delegate.h" #include "third_party/boringssl/src/pki/trust_store_collection.h" #include "third_party/boringssl/src/pki/trust_store_in_memory.h" namespace { bool AddPemEncodedCert(const bssl::ParsedCertificate* cert, std::vector<std::string>* pem_encoded_chain) { … } // Dumps a chain of bssl::ParsedCertificate objects to a PEM file. bool DumpParsedCertificateChain(const base::FilePath& file_path, const bssl::CertPathBuilderResultPath& path) { … } // Returns a hex-encoded sha256 of the DER-encoding of |cert|. std::string FingerPrintParsedCertificate(const bssl::ParsedCertificate* cert) { … } std::string SubjectToString(const bssl::RDNSequence& parsed_subject) { … } // Returns a textual representation of the Subject of |cert|. std::string SubjectFromParsedCertificate(const bssl::ParsedCertificate* cert) { … } // Dumps a ResultPath to std::cout. void PrintResultPath(const bssl::CertPathBuilderResultPath* result_path, size_t index, bool is_best) { … } std::shared_ptr<const bssl::ParsedCertificate> ParseCertificate( const CertInput& input) { … } } // namespace // Verifies |target_der_cert| using bssl::CertPathBuilder. bool VerifyUsingPathBuilder( const CertInput& target_der_cert, const std::vector<CertInput>& intermediate_der_certs, const std::vector<CertInputWithTrustSetting>& der_certs_with_trust_settings, const base::Time at_time, const base::FilePath& dump_prefix_path, scoped_refptr<net::CertNetFetcher> cert_net_fetcher, net::SystemTrustStore* system_trust_store) { … }
Codebase Browser
chromium