Clang format slam.

net/cert/cert_verify_proc_mac.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cert/cert_verify_proc_mac.h"
 
 #include <CommonCrypto/CommonDigest.h>
 #include <CoreServices/CoreServices.h>
 #include <Security/Security.h>
 
@@ skipping 218 matching lines @@
       verify_result->has_md5 = true;
     }
   }
   if (!verified_cert)
     return;
 
   verify_result->verified_cert =
       X509Certificate::CreateFromHandle(verified_cert, verified_chain);
 }
 
-void AppendPublicKeyHashes(CFArrayRef chain,
-                           HashValueVector* hashes) {
+void AppendPublicKeyHashes(CFArrayRef chain, HashValueVector* hashes) {
   const CFIndex n = CFArrayGetCount(chain);
   for (CFIndex i = 0; i < n; i++) {
     SecCertificateRef cert = reinterpret_cast<SecCertificateRef>(
         const_cast<void*>(CFArrayGetValueAtIndex(chain, i)));
 
     CSSM_DATA cert_data;
     OSStatus err = SecCertificateGetData(cert, &cert_data);
     DCHECK_EQ(err, noErr);
     base::StringPiece der_bytes(reinterpret_cast<const char*>(cert_data.Data),
-                               cert_data.Length);
+                                cert_data.Length);
     base::StringPiece spki_bytes;
     if (!asn1::ExtractSPKIFromDERCert(der_bytes, &spki_bytes))
       continue;
 
     HashValue sha1(HASH_VALUE_SHA1);
     CC_SHA1(spki_bytes.data(), spki_bytes.size(), sha1.data());
     hashes->push_back(sha1);
 
     HashValue sha256(HASH_VALUE_SHA256);
     CC_SHA256(spki_bytes.data(), spki_bytes.size(), sha256.data());
@@ skipping 91 matching lines @@
 // This function should only be called while the Mac Security Services lock is
 // held.
 int BuildAndEvaluateSecTrustRef(CFArrayRef cert_array,
                                 CFArrayRef trust_policies,
                                 int flags,
                                 ScopedCFTypeRef<SecTrustRef>* trust_ref,
                                 SecTrustResultType* trust_result,
                                 ScopedCFTypeRef<CFArrayRef>* verified_chain,
                                 CSSM_TP_APPLE_EVIDENCE_INFO** chain_info) {
   SecTrustRef tmp_trust = NULL;
-  OSStatus status = SecTrustCreateWithCertificates(cert_array, trust_policies,
-                                                   &tmp_trust);
+  OSStatus status =
+      SecTrustCreateWithCertificates(cert_array, trust_policies, &tmp_trust);
   if (status)
     return NetErrorFromOSStatus(status);
   ScopedCFTypeRef<SecTrustRef> scoped_tmp_trust(tmp_trust);
 
   if (TestRootCerts::HasInstance()) {
     status = TestRootCerts::GetInstance()->FixupSecTrustRef(tmp_trust);
     if (status)
       return NetErrorFromOSStatus(status);
   }
 
   CSSM_APPLE_TP_ACTION_DATA tp_action_data;
   memset(&tp_action_data, 0, sizeof(tp_action_data));
   tp_action_data.Version = CSSM_APPLE_TP_ACTION_VERSION;
   // Allow CSSM to download any missing intermediate certificates if an
   // authorityInfoAccess extension or issuerAltName extension is present.
-  tp_action_data.ActionFlags = CSSM_TP_ACTION_FETCH_CERT_FROM_NET |
-                               CSSM_TP_ACTION_TRUST_SETTINGS;
+  tp_action_data.ActionFlags =
+      CSSM_TP_ACTION_FETCH_CERT_FROM_NET | CSSM_TP_ACTION_TRUST_SETTINGS;
 
   // Note: For EV certificates, the Apple TP will handle setting these flags
   // as part of EV evaluation.
   if (flags & CertVerifier::VERIFY_REV_CHECKING_ENABLED) {
     // Require a positive result from an OCSP responder or a CRL (or both)
     // for every certificate in the chain. The Apple TP automatically
     // excludes the self-signed root from this requirement. If a certificate
     // is missing both a crlDistributionPoints extension and an
     // authorityInfoAccess extension with an OCSP responder URL, then we
     // will get a kSecTrustResultRecoverableTrustFailure back from
     // SecTrustEvaluate(), with a
     // CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK error code. In that case,
     // we'll set our own result to include
     // CERT_STATUS_NO_REVOCATION_MECHANISM. If one or both extensions are
     // present, and a check fails (server unavailable, OCSP retry later,
     // signature mismatch), then we'll set our own result to include
     // CERT_STATUS_UNABLE_TO_CHECK_REVOCATION.
     tp_action_data.ActionFlags |= CSSM_TP_ACTION_REQUIRE_REV_PER_CERT;
 
     // Note, even if revocation checking is disabled, SecTrustEvaluate() will
     // modify the OCSP options so as to attempt OCSP checking if it believes a
     // certificate may chain to an EV root. However, because network fetches
     // are disabled in CreateTrustPolicies() when revocation checking is
     // disabled, these will only go against the local cache.
   }
 
   CFDataRef action_data_ref =
       CFDataCreateWithBytesNoCopy(kCFAllocatorDefault,
                                   reinterpret_cast<UInt8*>(&tp_action_data),
-                                  sizeof(tp_action_data), kCFAllocatorNull);
+                                  sizeof(tp_action_data),
+                                  kCFAllocatorNull);
   if (!action_data_ref)
     return ERR_OUT_OF_MEMORY;
   ScopedCFTypeRef<CFDataRef> scoped_action_data_ref(action_data_ref);
-  status = SecTrustSetParameters(tmp_trust, CSSM_TP_ACTION_DEFAULT,
-                                 action_data_ref);
+  status =
+      SecTrustSetParameters(tmp_trust, CSSM_TP_ACTION_DEFAULT, action_data_ref);
   if (status)
     return NetErrorFromOSStatus(status);
 
   // Verify the certificate. A non-zero result from SecTrustGetResult()
   // indicates that some fatal error occurred and the chain couldn't be
   // processed, not that the chain contains no errors. We need to examine the
   // output of SecTrustGetResult() to determine that.
   SecTrustResultType tmp_trust_result;
   status = SecTrustEvaluate(tmp_trust, &tmp_trust_result);
   if (status)
     return NetErrorFromOSStatus(status);
   CFArrayRef tmp_verified_chain = NULL;
   CSSM_TP_APPLE_EVIDENCE_INFO* tmp_chain_info;
-  status = SecTrustGetResult(tmp_trust, &tmp_trust_result, &tmp_verified_chain,
-                             &tmp_chain_info);
+  status = SecTrustGetResult(
+      tmp_trust, &tmp_trust_result, &tmp_verified_chain, &tmp_chain_info);
   if (status)
     return NetErrorFromOSStatus(status);
 
   trust_ref->swap(scoped_tmp_trust);
   *trust_result = tmp_trust_result;
   verified_chain->reset(tmp_verified_chain);
   *chain_info = tmp_chain_info;
 
   return OK;
 }
 
 // OS X ships with both "GTE CyberTrust Global Root" and "Baltimore CyberTrust
 // Root" as part of its trusted root store. However, a cross-certified version
 // of the "Baltimore CyberTrust Root" exists that chains to "GTE CyberTrust
 // Global Root". When OS X/Security.framework attempts to evaluate such a
 // certificate chain, it disregards the "Baltimore CyberTrust Root" that exists
 // within Keychain and instead attempts to terminate the chain in the "GTE
 // CyberTrust Global Root". However, the GTE root is scheduled to be removed in
 // a future OS X update (for sunsetting purposes), and once removed, such
 // chains will fail validation, even though a trust anchor still exists.
 //
 // Rather than over-generalizing a solution that may mask a number of TLS
 // misconfigurations, attempt to specifically match the affected
 // cross-certified certificate and remove it from certificate chain processing.
 bool IsBadBaltimoreGTECertificate(SecCertificateRef cert) {
   // Matches the GTE-signed Baltimore CyberTrust Root
   // https://cacert.omniroot.com/Baltimore-to-GTE-04-12.pem
-  static const SHA1HashValue kBadBaltimoreHashNew =
-    { { 0x4D, 0x34, 0xEA, 0x92, 0x76, 0x4B, 0x3A, 0x31, 0x49, 0x11,
-        0x99, 0x52, 0xF4, 0x19, 0x30, 0xCA, 0x11, 0x34, 0x83, 0x61 } };
+  static const SHA1HashValue kBadBaltimoreHashNew = {
+      {0x4D, 0x34, 0xEA, 0x92, 0x76, 0x4B, 0x3A, 0x31, 0x49, 0x11, 0x99, 0x52,
+       0xF4, 0x19, 0x30, 0xCA, 0x11, 0x34, 0x83, 0x61}};
   // Matches the legacy GTE-signed Baltimore CyberTrust Root
   // https://cacert.omniroot.com/gte-2-2025.pem
-  static const SHA1HashValue kBadBaltimoreHashOld =
-    { { 0x54, 0xD8, 0xCB, 0x49, 0x1F, 0xA1, 0x6D, 0xF8, 0x87, 0xDC,
-        0x94, 0xA9, 0x34, 0xCC, 0x83, 0x6B, 0xDA, 0xA8, 0xA3, 0x69 } };
+  static const SHA1HashValue kBadBaltimoreHashOld = {
+      {0x54, 0xD8, 0xCB, 0x49, 0x1F, 0xA1, 0x6D, 0xF8, 0x87, 0xDC, 0x94, 0xA9,
+       0x34, 0xCC, 0x83, 0x6B, 0xDA, 0xA8, 0xA3, 0x69}};
 
   SHA1HashValue fingerprint = X509Certificate::CalculateFingerprint(cert);
 
   return fingerprint.Equals(kBadBaltimoreHashNew) ||
          fingerprint.Equals(kBadBaltimoreHashOld);
 }
 
 // Attempts to re-verify |cert_array| after adjusting the inputs to work around
 // known issues in OS X. To be used if BuildAndEvaluateSecTrustRef fails to
 // return a positive result for verification.
@@ skipping 21 matching lines @@
       slice_point = i;
       break;
     }
   }
   if (slice_point == 0)
     return;  // Nothing to do.
 
   ScopedCFTypeRef<CFMutableArrayRef> adjusted_cert_array(
       CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks));
   // Note: This excludes the certificate at |slice_point|.
-  CFArrayAppendArray(adjusted_cert_array, cert_array,
-                     CFRangeMake(0, slice_point));
+  CFArrayAppendArray(
+      adjusted_cert_array, cert_array, CFRangeMake(0, slice_point));
 
   // Ignore the result; failure will preserve the old verification results.
-  BuildAndEvaluateSecTrustRef(
-      adjusted_cert_array, trust_policies, flags, trust_ref, trust_result,
-      verified_chain, chain_info);
+  BuildAndEvaluateSecTrustRef(adjusted_cert_array,
+                              trust_policies,
+                              flags,
+                              trust_ref,
+                              trust_result,
+                              verified_chain,
+                              chain_info);
 }
 
 }  // namespace
 
-CertVerifyProcMac::CertVerifyProcMac() {}
+CertVerifyProcMac::CertVerifyProcMac() {
+}
 
-CertVerifyProcMac::~CertVerifyProcMac() {}
+CertVerifyProcMac::~CertVerifyProcMac() {
+}
 
 bool CertVerifyProcMac::SupportsAdditionalTrustAnchors() const {
   return false;
 }
 
 int CertVerifyProcMac::VerifyInternal(
     X509Certificate* cert,
     const std::string& hostname,
     int flags,
     CRLSet* crl_set,
@@ skipping 13 matching lines @@
 
   // Serialize all calls that may use the Keychain, to work around various
   // issues in OS X 10.6+ with multi-threaded access to Security.framework.
   base::AutoLock lock(crypto::GetMacSecurityServicesLock());
 
   ScopedCFTypeRef<SecTrustRef> trust_ref;
   SecTrustResultType trust_result = kSecTrustResultDeny;
   ScopedCFTypeRef<CFArrayRef> completed_chain;
   CSSM_TP_APPLE_EVIDENCE_INFO* chain_info = NULL;
 
-  int rv = BuildAndEvaluateSecTrustRef(
-      cert_array, trust_policies, flags, &trust_ref, &trust_result,
-      &completed_chain, &chain_info);
+  int rv = BuildAndEvaluateSecTrustRef(cert_array,
+                                       trust_policies,
+                                       flags,
+                                       &trust_ref,
+                                       &trust_result,
+                                       &completed_chain,
+                                       &chain_info);
   if (rv != OK)
     return rv;
   if (trust_result != kSecTrustResultUnspecified &&
       trust_result != kSecTrustResultProceed) {
-    RetrySecTrustEvaluateWithAdjustedChain(
-        cert_array, trust_policies, flags, &trust_ref, &trust_result,
-        &completed_chain, &chain_info);
+    RetrySecTrustEvaluateWithAdjustedChain(cert_array,
+                                           trust_policies,
+                                           flags,
+                                           &trust_ref,
+                                           &trust_result,
+                                           &completed_chain,
+                                           &chain_info);
   }
 
   if (flags & CertVerifier::VERIFY_REV_CHECKING_ENABLED)
     verify_result->cert_status |= CERT_STATUS_REV_CHECKING_ENABLED;
 
   if (crl_set && !CheckRevocationWithCRLSet(completed_chain, crl_set))
     verify_result->cert_status |= CERT_STATUS_REVOKED;
 
   GetCertChainInfo(completed_chain, chain_info, verify_result);
 
@@ skipping 27 matching lines @@
       if (status)
         return NetErrorFromOSStatus(status);
       if (cssm_result == CSSMERR_TP_VERIFY_ACTION_FAILED) {
         policy_failed = true;
       } else {
         verify_result->cert_status |= CertStatusFromOSStatus(cssm_result);
       }
       // Walk the chain of error codes in the CSSM_TP_APPLE_EVIDENCE_INFO
       // structure which can catch multiple errors from each certificate.
       for (CFIndex index = 0, chain_count = CFArrayGetCount(completed_chain);
-           index < chain_count; ++index) {
+           index < chain_count;
+           ++index) {
         if (chain_info[index].StatusBits & CSSM_CERT_STATUS_EXPIRED ||
             chain_info[index].StatusBits & CSSM_CERT_STATUS_NOT_VALID_YET)
           verify_result->cert_status |= CERT_STATUS_DATE_INVALID;
         if (!IsCertStatusError(verify_result->cert_status) &&
             chain_info[index].NumStatusCodes == 0) {
           LOG(WARNING) << "chain_info[" << index << "].NumStatusCodes is 0"
-                          ", chain_info[" << index << "].StatusBits is "
-                       << chain_info[index].StatusBits;
+                                                    ", chain_info[" << index
+                       << "].StatusBits is " << chain_info[index].StatusBits;
         }
         for (uint32 status_code_index = 0;
              status_code_index < chain_info[index].NumStatusCodes;
              ++status_code_index) {
           // As of OS X 10.9, attempting to verify a certificate chain that
           // contains a weak signature algorithm (MD2, MD5) in an intermediate
           // or leaf cert will be treated as a (recoverable) policy validation
           // failure, with the status code CSSMERR_TP_INVALID_CERTIFICATE
           // added to the Status Codes. Don't treat this code as an invalid
           // certificate; instead, map it to a weak key. Any truly invalid
           // certificates will have the major error (cssm_result) set to
           // CSSMERR_TP_INVALID_CERTIFICATE, rather than
           // CSSMERR_TP_VERIFY_ACTION_FAILED.
           CertStatus mapped_status = 0;
           if (policy_failed &&
               chain_info[index].StatusCodes[status_code_index] ==
                   CSSMERR_TP_INVALID_CERTIFICATE) {
-              mapped_status = CERT_STATUS_WEAK_SIGNATURE_ALGORITHM;
+            mapped_status = CERT_STATUS_WEAK_SIGNATURE_ALGORITHM;
+            weak_key_or_signature_algorithm = true;
+          } else {
+            mapped_status = CertStatusFromOSStatus(
+                chain_info[index].StatusCodes[status_code_index]);
+            if (mapped_status == CERT_STATUS_WEAK_KEY)
               weak_key_or_signature_algorithm = true;
-          } else {
-              mapped_status = CertStatusFromOSStatus(
-                  chain_info[index].StatusCodes[status_code_index]);
-              if (mapped_status == CERT_STATUS_WEAK_KEY)
-                weak_key_or_signature_algorithm = true;
           }
           verify_result->cert_status |= mapped_status;
         }
       }
       if (policy_failed && !weak_key_or_signature_algorithm) {
         // If CSSMERR_TP_VERIFY_ACTION_FAILED wasn't returned due to a weak
         // key, map it back to an appropriate error code.
         verify_result->cert_status |= CertStatusFromOSStatus(cssm_result);
       }
       if (!IsCertStatusError(verify_result->cert_status)) {
@@ skipping 36 matching lines @@
 
   if (flags & CertVerifier::VERIFY_EV_CERT) {
     // Determine the certificate's EV status using SecTrustCopyExtendedResult(),
     // which is an internal/private API function added in OS X 10.5.7.
     // Note: "ExtendedResult" means extended validation results.
     CFBundleRef bundle =
         CFBundleGetBundleWithIdentifier(CFSTR("com.apple.security"));
     if (bundle) {
       SecTrustCopyExtendedResultFuncPtr copy_extended_result =
           reinterpret_cast<SecTrustCopyExtendedResultFuncPtr>(
-              CFBundleGetFunctionPointerForName(bundle,
-                  CFSTR("SecTrustCopyExtendedResult")));
+              CFBundleGetFunctionPointerForName(
+                  bundle, CFSTR("SecTrustCopyExtendedResult")));
       if (copy_extended_result) {
         CFDictionaryRef ev_dict_temp = NULL;
         status = copy_extended_result(trust_ref, &ev_dict_temp);
         ScopedCFTypeRef<CFDictionaryRef> ev_dict(ev_dict_temp);
         ev_dict_temp = NULL;
         if (status == noErr && ev_dict) {
           // In 10.7.3, SecTrustCopyExtendedResult returns noErr and populates
           // ev_dict even for non-EV certificates, but only EV certificates
           // will cause ev_dict to contain kSecEVOrganizationName. In previous
           // releases, SecTrustCopyExtendedResult would only return noErr and
           // populate ev_dict for EV certificates, but would always include
           // kSecEVOrganizationName in that case, so checking for this key is
           // appropriate for all known versions of SecTrustCopyExtendedResult.
           // The actual organization name is unneeded here and can be accessed
           // through other means. All that matters here is the OS' conception
           // of whether or not the certificate is EV.
-          if (CFDictionaryContainsKey(ev_dict,
-                                      kSecEVOrganizationName)) {
+          if (CFDictionaryContainsKey(ev_dict, kSecEVOrganizationName)) {
             verify_result->cert_status |= CERT_STATUS_IS_EV;
             if (flags & CertVerifier::VERIFY_REV_CHECKING_ENABLED_EV_ONLY)
               verify_result->cert_status |= CERT_STATUS_REV_CHECKING_ENABLED;
           }
         }
       }
     }
   }
 
   return OK;
 }
 
 }  // namespace net