Make it a fatal SSL error when encountering certs signed with md[2,4], and interstitial md5

net/base/x509_certificate_unittest.cc

Index: net/base/x509_certificate_unittest.cc
diff --git a/net/base/x509_certificate_unittest.cc b/net/base/x509_certificate_unittest.cc
index f48336226c0c9701989bb2df21e6a299f23acd56..b34e91d48adc6e8586b87ec235eebb0c1b621ab0 100644
--- a/net/base/x509_certificate_unittest.cc
+++ b/net/base/x509_certificate_unittest.cc
@@ -1563,12 +1563,40 @@ TEST_P(X509CertificateWeakDigestTest, Verify) {
 
   int flags = 0;
   CertVerifyResult verify_result;
-  ee_chain->Verify("127.0.0.1", flags, NULL, &verify_result);
+  int rv = ee_chain->Verify("127.0.0.1", flags, NULL, &verify_result);
   EXPECT_EQ(data.expected_has_md5, verify_result.has_md5);
   EXPECT_EQ(data.expected_has_md4, verify_result.has_md4);
   EXPECT_EQ(data.expected_has_md2, verify_result.has_md2);
   EXPECT_EQ(data.expected_has_md5_ca, verify_result.has_md5_ca);
   EXPECT_EQ(data.expected_has_md2_ca, verify_result.has_md2_ca);
+
+  // Ensure that MD4 and MD2 are tagged as invalid.
+  if (data.expected_has_md4 || data.expected_has_md2) {
+    EXPECT_EQ(CERT_STATUS_INVALID,
+              verify_result.cert_status & CERT_STATUS_INVALID);
+  }
+
+  // Ensure that MD5 is flagged as weak.
+  if (data.expected_has_md5) {
+    EXPECT_EQ(
+        CERT_STATUS_WEAK_SIGNATURE_ALGORITHM,
+        verify_result.cert_status & CERT_STATUS_WEAK_SIGNATURE_ALGORITHM);
+  }
+
+  // If a root cert is present, then check that the chain was rejected if any
+  // weak algorithms are present. This is only checked when a root cert is
+  // present, as the error reported for incomplete chains with weak algorithms
+  // varies between implementations, dependent on the algorithm, although all
+  // variations are fatal.

[wtc, 2011/12/02 23:04:59]

The second sentence is hard to understand.

One possible interpretation is as follows:
  If a root cert is present, then check that the chain was
  rejected if any weak algorithms are present. The error
  code is dependent on the algorithm, although all
  variations are fatal. This is only checked when a root
  cert is present, as the error reported for incomplete
  chains with weak algorithms varies between implementations.

Another possible interpretation is as follows:
  If a root cert is present, then check that the chain was rejected if any
  weak algorithms are present. This is only checked when a root cert is
  present, as the error reported for incomplete chains with weak algorithms
  varies between implementations and depends on the algorithm, although all
  variations are fatal.
  

[Ryan Sleevi, 2011/12/02 23:54:28]

The latter. I blame serial commas -
http://en.wikipedia.org/wiki/Serial_comma#Creating_ambiguity - and will update
accordingly.

+  if (data.root_cert_filename) {
+    if (data.expected_has_md4 || data.expected_has_md2) {
+      EXPECT_EQ(ERR_CERT_INVALID, rv);
+    } else if (data.expected_has_md5) {
+      EXPECT_EQ(ERR_CERT_WEAK_SIGNATURE_ALGORITHM, rv);
+    } else {
+      EXPECT_EQ(OK, rv);
+    }
+  }
 }
 
 // Unlike TEST/TEST_F, which are macros that expand to further macros,