| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <algorithm> | 5 #include <algorithm> |
| 6 | 6 |
| 7 #include "base/sha1.h" | 7 #include "base/sha1.h" |
| 8 #include "crypto/sha2.h" | 8 #include "crypto/sha2.h" |
| 9 #include "net/cert/internal/cert_errors.h" |
| 9 #include "net/cert/internal/parse_ocsp.h" | 10 #include "net/cert/internal/parse_ocsp.h" |
| 10 #include "net/der/encode_values.h" | 11 #include "net/der/encode_values.h" |
| 11 | 12 |
| 12 namespace net { | 13 namespace net { |
| 13 | 14 |
| 14 OCSPCertID::OCSPCertID() {} | 15 OCSPCertID::OCSPCertID() {} |
| 15 OCSPCertID::~OCSPCertID() {} | 16 OCSPCertID::~OCSPCertID() {} |
| 16 | 17 |
| 17 OCSPSingleResponse::OCSPSingleResponse() {} | 18 OCSPSingleResponse::OCSPSingleResponse() {} |
| 18 OCSPSingleResponse::~OCSPSingleResponse() {} | 19 OCSPSingleResponse::~OCSPSingleResponse() {} |
| (...skipping 474 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 493 | 494 |
| 494 } // namespace | 495 } // namespace |
| 495 | 496 |
| 496 bool GetOCSPCertStatus(const OCSPResponseData& response_data, | 497 bool GetOCSPCertStatus(const OCSPResponseData& response_data, |
| 497 const der::Input& issuer_tbs_certificate_tlv, | 498 const der::Input& issuer_tbs_certificate_tlv, |
| 498 const der::Input& cert_tbs_certificate_tlv, | 499 const der::Input& cert_tbs_certificate_tlv, |
| 499 OCSPCertStatus* out) { | 500 OCSPCertStatus* out) { |
| 500 out->status = OCSPRevocationStatus::GOOD; | 501 out->status = OCSPRevocationStatus::GOOD; |
| 501 | 502 |
| 502 ParsedTbsCertificate tbs_cert; | 503 ParsedTbsCertificate tbs_cert; |
| 503 if (!ParseTbsCertificate(cert_tbs_certificate_tlv, {}, &tbs_cert)) | 504 // TODO(crbug.com/634443): Propagate the errors. |
| 505 CertErrors errors; |
| 506 if (!ParseTbsCertificate(cert_tbs_certificate_tlv, {}, &tbs_cert, &errors)) |
| 504 return false; | 507 return false; |
| 505 ParsedTbsCertificate issuer_tbs_cert; | 508 ParsedTbsCertificate issuer_tbs_cert; |
| 506 if (!ParseTbsCertificate(issuer_tbs_certificate_tlv, {}, &issuer_tbs_cert)) | 509 if (!ParseTbsCertificate(issuer_tbs_certificate_tlv, {}, &issuer_tbs_cert, |
| 510 &errors)) |
| 507 return false; | 511 return false; |
| 508 | 512 |
| 509 bool found = false; | 513 bool found = false; |
| 510 for (const auto& response : response_data.responses) { | 514 for (const auto& response : response_data.responses) { |
| 511 OCSPSingleResponse single_response; | 515 OCSPSingleResponse single_response; |
| 512 if (!ParseOCSPSingleResponse(response, &single_response)) | 516 if (!ParseOCSPSingleResponse(response, &single_response)) |
| 513 return false; | 517 return false; |
| 514 if (CheckCertID(single_response.cert_id_tlv, tbs_cert, issuer_tbs_cert, | 518 if (CheckCertID(single_response.cert_id_tlv, tbs_cert, issuer_tbs_cert, |
| 515 tbs_cert.serial_number)) { | 519 tbs_cert.serial_number)) { |
| 516 OCSPCertStatus new_status = single_response.cert_status; | 520 OCSPCertStatus new_status = single_response.cert_status; |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 548 &earliest_this_update)) { | 552 &earliest_this_update)) { |
| 549 return false; | 553 return false; |
| 550 } | 554 } |
| 551 if (response.this_update < earliest_this_update) | 555 if (response.this_update < earliest_this_update) |
| 552 return false; // Response is too old. | 556 return false; // Response is too old. |
| 553 | 557 |
| 554 return true; | 558 return true; |
| 555 } | 559 } |
| 556 | 560 |
| 557 } // namespace net | 561 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2341943002:
Add error details to TBSCertificate parsing function and tests. (Closed)
