extensions/browser/api/cast_channel/cast_auth_util.cc - Issue 2050983002: Cast device revocation checking. - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(13)

My Issues | Starred Open | Closed | All

Unified Diff: extensions/browser/api/cast_channel/cast_auth_util.cc

Issue 2050983002: Cast device revocation checking. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Fixed proto again Created 4 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« components/test/data/cast_certificate/testsuite/testsuite1.pb_text ('K') | « components/test/data/cast_certificate/testsuite/testsuite1.pb_text ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: extensions/browser/api/cast_channel/cast_auth_util.cc

diff --git a/extensions/browser/api/cast_channel/cast_auth_util.cc b/extensions/browser/api/cast_channel/cast_auth_util.cc

index 451058b03581e12b9f2ddaa05787490161588138..579d269ad1204624aa26cc56f195bc01617df4f3 100644

--- a/extensions/browser/api/cast_channel/cast_auth_util.cc

+++ b/extensions/browser/api/cast_channel/cast_auth_util.cc

@@ -151,9 +151,11 @@ AuthResult VerifyCredentials(const AuthResponse& response,

base::Time::Exploded now;

base::Time::Now().UTCExplode(&now);

+ // CRL should not be enforced until it is served.

cast_crypto::CastDeviceCertPolicy device_policy;

- if (!cast_crypto::VerifyDeviceCert(cert_chain, now, &verification_context,

- &device_policy)) {

+ if (!cast_crypto::VerifyDeviceCert(

+ cert_chain, now, &verification_context, &device_policy, nullptr,

+ cast_certificate::CRLPolicy::CRL_OPTIONAL)) {

// TODO(eroman): The error information was lost; this error is ambiguous.

return AuthResult("Failed verifying cast device certificate",

AuthResult::ERROR_CERT_NOT_SIGNED_BY_TRUSTED_CA);

« components/test/data/cast_certificate/testsuite/testsuite1.pb_text ('K') | « components/test/data/cast_certificate/testsuite/testsuite1.pb_text ('k') | no next file » | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698