Chromium Code Reviews Chromium Code Reviews
Issue 1988993002:
Check self-signed certificate names and signatures (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: net/cert/x509_certificate_nss.cc |
| diff --git a/net/cert/x509_certificate_nss.cc b/net/cert/x509_certificate_nss.cc |
| index 4e6380648a30d469ae94147f8e705f4931ee187d..b4264f247a010128ead53386f449825adff04761 100644 |
| --- a/net/cert/x509_certificate_nss.cc |
| +++ b/net/cert/x509_certificate_nss.cc |
| @@ -285,8 +285,12 @@ bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) { |
| crypto::ScopedSECKEYPublicKey public_key(CERT_ExtractPublicKey(cert_handle)); |
| if (!public_key.get()) |
| return false; |
| - return SECSuccess == CERT_VerifySignedDataWithPublicKey( |
| - &cert_handle->signatureWrap, public_key.get(), NULL); |
| + if (SECSuccess != CERT_VerifySignedDataWithPublicKey( |
| + &cert_handle->signatureWrap, public_key.get(), NULL)) { |
| + return false; |
| + } |
| + return CERT_CompareName(&cert_handle->subject, &cert_handle->issuer) == |
| + SECComparison::SECEqual; |
|
Ryan Sleevi
2016/05/26 07:57:08
We don't tend to qualify enums -
return CERT_Com
dadrian
2016/05/27 01:05:02
Done.
|
| } |
| } // namespace net |
