Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(166)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2093223002: Allow Cast certificates to have serial numbers greater than 20 bytes, as well as non-minimal INTEGE… (Closed)

Created:
4 years, 6 months ago by eroman
Modified:
4 years, 6 months ago
Reviewers:
mattm
CC:
chromium-reviews, cbentzel+watch_chromium.org, sheretov+watch_chromium.org, dougsteed+watch_chromium.org, vadimgo+watch_chromium.org, ryanchung+watch_chromium.org, ryanchung
Base URL:
https://chromium.googlesource.com/chromium/src.git@2743
Target Ref:
refs/pending/branch-heads/2743
Project:
chromium
Visibility:
Public.

Description

Allow Cast certificates to have serial numbers greater than 20 bytes, as well as non-minimal INTEGER encodings (invalid DER). Previously such certificates were rejected, however there are some intermediate device certificates with serial numbers 21 bytes long, so make a temporary allowance. BUG=621645 Review-Url: https://codereview.chromium.org/2079273004 Cr-Commit-Position: refs/heads/master@{#401019} (cherry picked from commit c15c91eed960673eff22f0bec50cdab4fd950824 -- with many merge conflicts resolved) R=mattm@chromium.org Committed: https://chromium.googlesource.com/chromium/src/+/36b7414ef935eb3a60ff3d934d722e5eedf055ca

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+365 lines, -28 lines) Patch
M components/cast_certificate/cast_cert_validator.cc View 3 chunks +21 lines, -4 lines 0 comments Download
M components/cast_certificate/cast_cert_validator_unittest.cc View 1 chunk +21 lines, -0 lines 0 comments Download
A components/test/data/cast_certificate/certificates/intermediate_serialnumber_toolong.pem View 1 chunk +270 lines, -0 lines 0 comments Download
M net/cert/internal/parse_certificate.h View 4 chunks +18 lines, -2 lines 0 comments Download
M net/cert/internal/parse_certificate.cc View 2 chunks +6 lines, -2 lines 0 comments Download
M net/cert/internal/parse_certificate_fuzzer.cc View 1 chunk +1 line, -2 lines 0 comments Download
M net/cert/internal/parse_certificate_unittest.cc View 2 chunks +2 lines, -2 lines 0 comments Download
M net/cert/internal/parse_ocsp.cc View 1 chunk +2 lines, -2 lines 0 comments Download
M net/cert/internal/verify_certificate_chain.h View 3 chunks +3 lines, -0 lines 0 comments Download
M net/cert/internal/verify_certificate_chain.cc View 10 chunks +16 lines, -9 lines 0 comments Download
M net/cert/internal/verify_certificate_chain_pkits_unittest.cc View 1 chunk +2 lines, -2 lines 0 comments Download
M net/cert/internal/verify_certificate_chain_unittest.cc View 2 chunks +3 lines, -3 lines 0 comments Download

Messages

Total messages: 9 (4 generated)
eroman
Matt: This is the cherry pick to M52 branch. It didn't apply cleanly because of ...
4 years, 6 months ago (2016-06-24 20:24:37 UTC) #2
mattm
lgtm
4 years, 6 months ago (2016-06-24 20:41:11 UTC) #3
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2093223002/1
4 years, 6 months ago (2016-06-24 20:59:35 UTC) #5
commit-bot: I haz the power
CLs for remote refs other than refs/pending/heads/master must contain NOTRY=true and NOPRESUBMIT=true in order for ...
4 years, 6 months ago (2016-06-24 20:59:37 UTC) #7
eroman
4 years, 6 months ago (2016-06-24 21:02:49 UTC) #9
Message was sent while issue was closed. 
Committed patchset #1 (id:1) manually as
36b7414ef935eb3a60ff3d934d722e5eedf055ca.

Powered by Google App Engine
This is Rietveld 408576698