Index: net/base/x509_certificate.cc |
diff --git a/net/base/x509_certificate.cc b/net/base/x509_certificate.cc |
index e1fca4e77597f664ec7b0da2fd384c314e638b39..3217351c76e3cf2495e3e2e9fc1e259859d278ef 100644 |
--- a/net/base/x509_certificate.cc |
+++ b/net/base/x509_certificate.cc |
@@ -590,6 +590,22 @@ int X509Certificate::Verify(const std::string& hostname, |
rv = MapCertStatusToNetError(verify_result->cert_status); |
} |
+ // Treat certificates signed using broken signature algorithms as invalid. |
+ if (verify_result->has_md2 || verify_result->has_md4) { |
+ verify_result->cert_status |= CERT_STATUS_INVALID; |
+ rv = MapCertStatusToNetError(verify_result->cert_status); |
+ } |
+ |
+ // Flag certificates using weak signature algorithms. |
+ if (verify_result->has_md5) { |
+ verify_result->cert_status |= CERT_STATUS_WEAK_SIGNATURE_ALGORITHM; |
+ // Only replace the error code if there is not already an error, otherwise |
+ // this may end up replacing a fatal error (such as a library failure) |
+ // with a benign, user-overridable error. |
wtc
2011/11/04 22:57:42
This is a subtle problem. Perhaps the test should
|
+ if (rv == OK) |
+ rv = MapCertStatusToNetError(verify_result->cert_status); |
+ } |
+ |
return rv; |
} |