Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(246)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/cert_verify_proc_nss.cc

Issue 2627523002: Refactor the assignment of CertVerifyResult::has_md2, etc. (Closed)
Patch Set: Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/cert_verify_proc.cc ('K') | « net/cert/cert_verify_proc_mac.cc ('k') | net/cert/cert_verify_proc_openssl.cc » ('j') | net/cert/cert_verify_proc_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/cert_verify_proc_nss.h" 5 #include "net/cert/cert_verify_proc_nss.h"
6 6
7 #include <cert.h> 7 #include <cert.h>
8 #include <nss.h> 8 #include <nss.h>
9 #include <prerror.h> 9 #include <prerror.h>
10 #include <secerr.h> 10 #include <secerr.h>
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after
184 // Test that |node->cert| is actually a self-signed certificate 184 // Test that |node->cert| is actually a self-signed certificate
185 // whose key is equal to |next_cert|, and not a self-issued 185 // whose key is equal to |next_cert|, and not a self-issued
186 // certificate signed by another key of the same CA. 186 // certificate signed by another key of the same CA.
187 if (next_cert && SECITEM_ItemsAreEqual(&node->cert->derPublicKey, 187 if (next_cert && SECITEM_ItemsAreEqual(&node->cert->derPublicKey,
188 &next_cert->derPublicKey)) { 188 &next_cert->derPublicKey)) {
189 continue; 189 continue;
190 } 190 }
191 } 191 }
192 verified_chain.push_back(node->cert); 192 verified_chain.push_back(node->cert);
193 } 193 }
194
195 FillCertVerifyResultWeakSignature(node->cert, i == 0, verify_result);
196 } 194 }
197 195
198 if (root_cert) 196 if (root_cert)
199 verified_chain.push_back(root_cert); 197 verified_chain.push_back(root_cert);
200 verify_result->verified_cert = 198 verify_result->verified_cert =
201 X509Certificate::CreateFromHandle(verified_cert, verified_chain); 199 X509Certificate::CreateFromHandle(verified_cert, verified_chain);
202 } 200 }
203 201
204 // IsKnownRoot returns true if the given certificate is one that we believe 202 // IsKnownRoot returns true if the given certificate is one that we believe
205 // is a standard (as opposed to user-installed) root. 203 // is a standard (as opposed to user-installed) root.
(...skipping 755 matching lines...) Expand 10 before | Expand all | Expand 10 after
961 CRLSet* crl_set, 959 CRLSet* crl_set,
962 const CertificateList& additional_trust_anchors, 960 const CertificateList& additional_trust_anchors,
963 CertVerifyResult* verify_result) { 961 CertVerifyResult* verify_result) {
964 return VerifyInternalImpl(cert, hostname, ocsp_response, flags, crl_set, 962 return VerifyInternalImpl(cert, hostname, ocsp_response, flags, crl_set,
965 additional_trust_anchors, 963 additional_trust_anchors,
966 NULL, // chain_verify_callback 964 NULL, // chain_verify_callback
967 verify_result); 965 verify_result);
968 } 966 }
969 967
970 } // namespace net 968 } // namespace net
OLDNEW
« net/cert/cert_verify_proc.cc ('K') | « net/cert/cert_verify_proc_mac.cc ('k') | net/cert/cert_verify_proc_openssl.cc » ('j') | net/cert/cert_verify_proc_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698