net/base/x509_certificate_win.cc - Issue 165504: Add new certificate error code... - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(657)

My Issues | Starred Open | Closed | All

Unified Diff: net/base/x509_certificate_win.cc

Issue 165504: Add new certificate error code... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/

Patch Set: Upload before checkin Created 11 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « net/base/net_error_list.h ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: net/base/x509_certificate_win.cc

===================================================================

--- net/base/x509_certificate_win.cc (revision 23393)

+++ net/base/x509_certificate_win.cc (working copy)

@@ -471,10 +471,14 @@

verify_result->cert_status |= MapCertChainErrorStatusToCertStatus(

chain_context->TrustStatus.dwErrorStatus);

- // Treat certificate signatures using weak signature algorithms as invalid.

- if (verify_result->has_md2 || verify_result->has_md4)

+ // Treat certificates signed using broken signature algorithms as invalid.

+ if (verify_result->has_md4)

verify_result->cert_status |= CERT_STATUS_INVALID;

+ // Flag certificates signed using weak signature algorithms.

+ if (verify_result->has_md2)

+ verify_result->cert_status |= CERT_STATUS_WEAK_SIGNATURE_ALGORITHM;

+

std::wstring wstr_hostname = ASCIIToWide(hostname);

SSL_EXTRA_CERT_CHAIN_POLICY_PARA extra_policy_para;

« no previous file with comments | « net/base/net_error_list.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698