Chromium Code Reviews Chromium Code Reviews
Issue 2610903003:
[refactor] Extract the CertVerifyResult assignment of has_md2, has_md4, (Closed)
| Index: net/cert/cert_verify_proc.cc |
| diff --git a/net/cert/cert_verify_proc.cc b/net/cert/cert_verify_proc.cc |
| index 91c8e95445291780d154d3d4804a46dab69580b9..83fec415cdf76a4be49a84c5d41a9dde9b24c798 100644 |
| --- a/net/cert/cert_verify_proc.cc |
| +++ b/net/cert/cert_verify_proc.cc |
| @@ -774,4 +774,33 @@ bool CertVerifyProc::HasTooLongValidity(const X509Certificate& cert) { |
| const base::Feature CertVerifyProc::kSHA1LegacyMode{ |
| "SHA1LegacyMode", base::FEATURE_DISABLED_BY_DEFAULT}; |
| +bool FillCertVerifyResultWeakSignature(X509Certificate::OSCertHandle cert, |
| + bool is_leaf, |
| + CertVerifyResult* verify_result) { |
| + bool uses_weak_hash = true; |
| + |
| + auto hash = X509Certificate::GetSignatureHashAlgorithm(cert); |
|
Ryan Sleevi
2017/01/05 22:48:24
Seems like this is skirting very close to the "Con
eroman
2017/01/05 23:36:30
Done.
|
| + switch (hash) { |
| + case X509Certificate::kSignatureHashAlgorithmMd2: |
| + verify_result->has_md2 = true; |
| + break; |
| + case X509Certificate::kSignatureHashAlgorithmMd4: |
| + verify_result->has_md4 = true; |
| + break; |
| + case X509Certificate::kSignatureHashAlgorithmMd5: |
| + verify_result->has_md5 = true; |
| + break; |
| + case X509Certificate::kSignatureHashAlgorithmSha1: |
| + verify_result->has_sha1 = true; |
| + if (is_leaf) |
| + verify_result->has_sha1_leaf = true; |
| + break; |
| + case X509Certificate::kSignatureHashAlgorithmOther: |
| + uses_weak_hash = false; |
| + break; |
| + } |
| + |
| + return uses_weak_hash; |
| +} |
| + |
| } // namespace net |
