Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(483)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/x509_certificate_nss.cc

Issue 1988993002: Check self-signed certificate names and signatures (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Remove dependency on openssl -text format Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/cert/x509_certificate_ios.cc ('k') | net/cert/x509_certificate_openssl.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/x509_certificate_nss.cc
diff --git a/net/cert/x509_certificate_nss.cc b/net/cert/x509_certificate_nss.cc
index 4e6380648a30d469ae94147f8e705f4931ee187d..8681b3c2f35efc0ef0e7f3482726c32debd0cefb 100644
--- a/net/cert/x509_certificate_nss.cc
+++ b/net/cert/x509_certificate_nss.cc
@@ -285,8 +285,12 @@ bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) {
crypto::ScopedSECKEYPublicKey public_key(CERT_ExtractPublicKey(cert_handle));
if (!public_key.get())
return false;
- return SECSuccess == CERT_VerifySignedDataWithPublicKey(
- &cert_handle->signatureWrap, public_key.get(), NULL);
+ if (SECSuccess != CERT_VerifySignedDataWithPublicKey(
+ &cert_handle->signatureWrap, public_key.get(), NULL)) {
+ return false;
+ }
+ return CERT_CompareName(&cert_handle->subject, &cert_handle->issuer) ==
+ SECEqual;
}
} // namespace net
« no previous file with comments | « net/cert/x509_certificate_ios.cc ('k') | net/cert/x509_certificate_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698