| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/cert_verify_proc_mac.h" | 5 #include "net/cert/cert_verify_proc_mac.h" |
| 6 | 6 |
| 7 #include <CommonCrypto/CommonDigest.h> | 7 #include <CommonCrypto/CommonDigest.h> |
| 8 #include <CoreServices/CoreServices.h> | 8 #include <CoreServices/CoreServices.h> |
| 9 #include <Security/Security.h> | 9 #include <Security/Security.h> |
| 10 | 10 |
| (...skipping 660 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 671 index < chain_count; ++index) { | 671 index < chain_count; ++index) { |
| 672 if (chain_info[index].StatusBits & CSSM_CERT_STATUS_EXPIRED || | 672 if (chain_info[index].StatusBits & CSSM_CERT_STATUS_EXPIRED || |
| 673 chain_info[index].StatusBits & CSSM_CERT_STATUS_NOT_VALID_YET) | 673 chain_info[index].StatusBits & CSSM_CERT_STATUS_NOT_VALID_YET) |
| 674 verify_result->cert_status |= CERT_STATUS_DATE_INVALID; | 674 verify_result->cert_status |= CERT_STATUS_DATE_INVALID; |
| 675 if (!IsCertStatusError(verify_result->cert_status) && | 675 if (!IsCertStatusError(verify_result->cert_status) && |
| 676 chain_info[index].NumStatusCodes == 0) { | 676 chain_info[index].NumStatusCodes == 0) { |
| 677 LOG(WARNING) << "chain_info[" << index << "].NumStatusCodes is 0" | 677 LOG(WARNING) << "chain_info[" << index << "].NumStatusCodes is 0" |
| 678 ", chain_info[" << index << "].StatusBits is " | 678 ", chain_info[" << index << "].StatusBits is " |
| 679 << chain_info[index].StatusBits; | 679 << chain_info[index].StatusBits; |
| 680 } | 680 } |
| 681 for (uint32 status_code_index = 0; | 681 for (uint32_t status_code_index = 0; |
| 682 status_code_index < chain_info[index].NumStatusCodes; | 682 status_code_index < chain_info[index].NumStatusCodes; |
| 683 ++status_code_index) { | 683 ++status_code_index) { |
| 684 // As of OS X 10.9, attempting to verify a certificate chain that | 684 // As of OS X 10.9, attempting to verify a certificate chain that |
| 685 // contains a weak signature algorithm (MD2, MD5) in an intermediate | 685 // contains a weak signature algorithm (MD2, MD5) in an intermediate |
| 686 // or leaf cert will be treated as a (recoverable) policy validation | 686 // or leaf cert will be treated as a (recoverable) policy validation |
| 687 // failure, with the status code CSSMERR_TP_INVALID_CERTIFICATE | 687 // failure, with the status code CSSMERR_TP_INVALID_CERTIFICATE |
| 688 // added to the Status Codes. Don't treat this code as an invalid | 688 // added to the Status Codes. Don't treat this code as an invalid |
| 689 // certificate; instead, map it to a weak key. Any truly invalid | 689 // certificate; instead, map it to a weak key. Any truly invalid |
| 690 // certificates will have the major error (cssm_result) set to | 690 // certificates will have the major error (cssm_result) set to |
| 691 // CSSMERR_TP_INVALID_CERTIFICATE, rather than | 691 // CSSMERR_TP_INVALID_CERTIFICATE, rather than |
| (...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 783 } | 783 } |
| 784 } | 784 } |
| 785 } | 785 } |
| 786 } | 786 } |
| 787 } | 787 } |
| 788 | 788 |
| 789 return OK; | 789 return OK; |
| 790 } | 790 } |
| 791 | 791 |
| 792 } // namespace net | 792 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1158923005:
Use the exact-width integer types defined in <stdint.h> rather than (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master