Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(51)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java

Issue 108653013: Export verified_cert and public_key_hashes on Android. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Remove unnecessary NET_EXPORT. Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/android/java/src/org/chromium/net/AndroidCertVerifyResult.java ('k') | net/android/java/src/org/chromium/net/X509Util.java » ('j') | net/android/java/src/org/chromium/net/X509Util.java » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java
diff --git a/net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java b/net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java
index 83775d895b2bd54cdea6d4057ae75499f4889b3e..e4caee50583f6b0ccb24452529666261b456f1c9 100644
--- a/net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java
+++ b/net/android/java/src/org/chromium/net/AndroidNetworkLibrary.java
@@ -198,20 +198,24 @@ class AndroidNetworkLibrary {
}
/**
- * Validate the server's certificate chain is trusted.
+ * Validate the server's certificate chain is trusted. Note that the caller
+ * must still verify the name matches that of the leaf certificate.
*
* @param certChain The ASN.1 DER encoded bytes for certificates.
- * @param authType The key exchange algorithm name (e.g. RSA)
+ * @param authType The key exchange algorithm name (e.g. RSA).
+ * @param host The hostname of the server.
* @return Android certificate verification result code.
*/
@CalledByNative
- public static int verifyServerCertificates(byte[][] certChain, String authType) {
+ public static AndroidCertVerifyResult verifyServerCertificates(byte[][] certChain,
+ String authType,
+ String host) {
try {
- return X509Util.verifyServerCertificates(certChain, authType);
+ return X509Util.verifyServerCertificates(certChain, authType, host);
} catch (KeyStoreException e) {
- return CertVerifyResultAndroid.VERIFY_FAILED;
+ return new AndroidCertVerifyResult(CertVerifyStatusAndroid.VERIFY_FAILED);
} catch (NoSuchAlgorithmException e) {
- return CertVerifyResultAndroid.VERIFY_FAILED;
+ return new AndroidCertVerifyResult(CertVerifyStatusAndroid.VERIFY_FAILED);
}
}
« no previous file with comments | « net/android/java/src/org/chromium/net/AndroidCertVerifyResult.java ('k') | net/android/java/src/org/chromium/net/X509Util.java » ('j') | net/android/java/src/org/chromium/net/X509Util.java » ('J')

Powered by Google App Engine
This is Rietveld 408576698