Do not treat weak keys (<1024 bits || MD5) as fatal errors

net/base/cert_verify_proc_win.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/cert_verify_proc_win.h"
 
 #include "base/memory/scoped_ptr.h"
 #include "base/sha1.h"
 #include "base/string_util.h"
 #include "base/utf_string_conversions.h"
 #include "crypto/capi_util.h"
 #include "crypto/scoped_capi_types.h"
 #include "crypto/sha2.h"
 #include "net/base/asn1_util.h"
 #include "net/base/cert_status_flags.h"
 #include "net/base/cert_verify_result.h"
 #include "net/base/crl_set.h"
 #include "net/base/ev_root_ca_metadata.h"
 #include "net/base/net_errors.h"
 #include "net/base/test_root_certs.h"
 #include "net/base/x509_certificate.h"
 #include "net/base/x509_certificate_known_roots_win.h"
 
 #pragma comment(lib, "crypt32.lib")
 
+#if !defined(CERT_TRUST_HAS_WEAK_SIGNATURE)
+// This was introduced in Windows 8 / Windows Server 2012, but retroactively
+// ported as far back as Windows XP via system update.
+#define CERT_TRUST_HAS_WEAK_SIGNATURE 0x00100000
+#endif
+
 namespace net {
 
 namespace {
 
 struct FreeChainEngineFunctor {
   void operator()(HCERTCHAINENGINE engine) const {
     if (engine)
       CertFreeCertificateChainEngine(engine);
   }
 };
@@ skipping 97 matching lines @@
   if (error_status & CERT_TRUST_IS_REVOKED)
     cert_status |= CERT_STATUS_REVOKED;
 
   const DWORD kWrongUsageErrors = CERT_TRUST_IS_NOT_VALID_FOR_USAGE |
                                   CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE;
   if (error_status & kWrongUsageErrors) {
     // TODO(wtc): Should we add CERT_STATUS_WRONG_USAGE?
     cert_status |= CERT_STATUS_INVALID;
   }
 
+  if (error_status & CERT_TRUST_IS_NOT_SIGNATURE_VALID) {
+    // Check for a 'non-strong-signed' signature. Depending on OS

[agl, 2012/06/13 21:15:13]

You have 'non-strong-signed' in quotes, so maybe it's taken from somewhere else.
But it doesn't make a lot of sense to me :)

[Ryan Sleevi, 2012/06/13 21:22:37]

Yeah, MSFT document. They don't call it a 'weak' signature, they call the
assertions 'strong' signatures (
http://msdn.microsoft.com/en-us/library/windows/desktop/hh870262(v=vs.85).aspx )

All signatures we consider weak, Microsoft considers to not be strong signed.
However, signatures that we may consider acceptable (eg: non-weak) Microsoft
considers not to be strong signed. eg: SHA-1, RSA < 2048.

I've tweaked the wording a little to reflect this.

+    // configuration, this may also exclude SHA-1 signatures.
+    if (error_status & CERT_TRUST_HAS_WEAK_SIGNATURE) {
+      cert_status |= CERT_STATUS_WEAK_KEY;
+    } else {
+      cert_status |= CERT_STATUS_INVALID;
+    }
+  }
+
   // The rest of the errors.
   const DWORD kCertInvalidErrors =
-      CERT_TRUST_IS_NOT_SIGNATURE_VALID |
       CERT_TRUST_IS_CYCLIC |
       CERT_TRUST_INVALID_EXTENSION |
       CERT_TRUST_INVALID_POLICY_CONSTRAINTS |
       CERT_TRUST_INVALID_BASIC_CONSTRAINTS |
       CERT_TRUST_INVALID_NAME_CONSTRAINTS |
       CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID |
       CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT |
       CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT |
       CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT |
       CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT |
@@ skipping 557 matching lines @@
   verify_result->is_issued_by_known_root = IsIssuedByKnownRoot(chain_context);
 
   if (ev_policy_oid &&
       CheckEV(chain_context, rev_checking_enabled, ev_policy_oid)) {
     verify_result->cert_status |= CERT_STATUS_IS_EV;
   }
   return OK;
 }
 
 }  // namespace net