Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1315)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/cert_verify_proc_win.cc

Issue 266243004: Clang format slam. Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/base/mime_util_unittest.cc ('K') | « net/cert/cert_verify_proc_unittest.cc ('k') | net/cert/cert_verify_result.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/cert_verify_proc_win.cc
diff --git a/net/cert/cert_verify_proc_win.cc b/net/cert/cert_verify_proc_win.cc
index b6ab2b60ad1238a73aa7143f1d02f1b27701aa28..45f63ccc6658f8d1f48d906acafc683c7e7d7d21 100644
--- a/net/cert/cert_verify_proc_win.cc
+++ b/net/cert/cert_verify_proc_win.cc
@@ -74,13 +74,13 @@ int MapSecurityError(SECURITY_STATUS err) {
// far find interesting.
switch (err) {
case SEC_E_WRONG_PRINCIPAL: // Schannel
- case CERT_E_CN_NO_MATCH: // CryptoAPI
+ case CERT_E_CN_NO_MATCH: // CryptoAPI
return ERR_CERT_COMMON_NAME_INVALID;
case SEC_E_UNTRUSTED_ROOT: // Schannel
case CERT_E_UNTRUSTEDROOT: // CryptoAPI
return ERR_CERT_AUTHORITY_INVALID;
case SEC_E_CERT_EXPIRED: // Schannel
- case CERT_E_EXPIRED: // CryptoAPI
+ case CERT_E_EXPIRED: // CryptoAPI
return ERR_CERT_DATE_INVALID;
case CRYPT_E_NO_REVOCATION_CHECK:
return ERR_CERT_NO_REVOCATION_MECHANISM;
@@ -117,8 +117,8 @@ int MapCertChainErrorStatusToCertStatus(DWORD error_status) {
// We don't include CERT_TRUST_IS_NOT_TIME_NESTED because it's obsolete and
// we wouldn't consider it an error anyway
- const DWORD kDateInvalidErrors = CERT_TRUST_IS_NOT_TIME_VALID |
- CERT_TRUST_CTL_IS_NOT_TIME_VALID;
+ const DWORD kDateInvalidErrors =
+ CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_CTL_IS_NOT_TIME_VALID;
if (error_status & kDateInvalidErrors)
cert_status |= CERT_STATUS_DATE_INVALID;
@@ -138,8 +138,8 @@ int MapCertChainErrorStatusToCertStatus(DWORD error_status) {
if (error_status & CERT_TRUST_IS_REVOKED)
cert_status |= CERT_STATUS_REVOKED;
- const DWORD kWrongUsageErrors = CERT_TRUST_IS_NOT_VALID_FOR_USAGE |
- CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE;
+ const DWORD kWrongUsageErrors =
+ CERT_TRUST_IS_NOT_VALID_FOR_USAGE | CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE;
if (error_status & kWrongUsageErrors) {
// TODO(wtc): Should we add CERT_STATUS_WRONG_USAGE?
cert_status |= CERT_STATUS_INVALID;
@@ -162,8 +162,7 @@ int MapCertChainErrorStatusToCertStatus(DWORD error_status) {
// The rest of the errors.
const DWORD kCertInvalidErrors =
- CERT_TRUST_IS_CYCLIC |
- CERT_TRUST_INVALID_EXTENSION |
+ CERT_TRUST_IS_CYCLIC | CERT_TRUST_INVALID_EXTENSION |
CERT_TRUST_INVALID_POLICY_CONSTRAINTS |
CERT_TRUST_INVALID_BASIC_CONSTRAINTS |
CERT_TRUST_INVALID_NAME_CONSTRAINTS |
@@ -251,8 +250,7 @@ bool CertSubjectCommonNameHasNull(PCCERT_CONTEXT cert) {
// Array of ints (32-bit).
case CERT_RDN_UNIVERSAL_STRING: {
DWORD num_ints = rdn_attr->Value.cbData / 4;
- int* common_name =
- reinterpret_cast<int*>(rdn_attr->Value.pbData);
+ int* common_name = reinterpret_cast<int*>(rdn_attr->Value.pbData);
for (DWORD k = 0; k < num_ints; ++k) {
if (common_name[k] == 0)
return true;
@@ -301,9 +299,9 @@ void GetCertChainInfo(PCCERT_CHAIN_CONTEXT chain_context,
PCCERT_CONTEXT verified_cert = NULL;
std::vector<PCCERT_CONTEXT> verified_chain;
- bool has_root_ca = num_elements > 1 &&
- !(chain_context->TrustStatus.dwErrorStatus &
- CERT_TRUST_IS_PARTIAL_CHAIN);
+ bool has_root_ca =
+ num_elements > 1 &&
+ !(chain_context->TrustStatus.dwErrorStatus & CERT_TRUST_IS_PARTIAL_CHAIN);
// Each chain starts with the end entity certificate (i = 0) and ends with
// either the root CA certificate or the last available intermediate. If a
@@ -342,7 +340,7 @@ void GetCertChainInfo(PCCERT_CHAIN_CONTEXT chain_context,
if (has_root_ca)
verified_chain.push_back(element[num_elements]->pCertContext);
verify_result->verified_cert =
- X509Certificate::CreateFromHandle(verified_cert, verified_chain);
+ X509Certificate::CreateFromHandle(verified_cert, verified_chain);
}
}
@@ -478,7 +476,8 @@ void AppendPublicKeyHashes(PCCERT_CHAIN_CONTEXT chain,
HashValue sha1(HASH_VALUE_SHA1);
base::SHA1HashBytes(reinterpret_cast<const uint8*>(spki_bytes.data()),
- spki_bytes.size(), sha1.data());
+ spki_bytes.size(),
+ sha1.data());
hashes->push_back(sha1);
HashValue sha256(HASH_VALUE_SHA256);
@@ -524,17 +523,18 @@ bool CheckEV(PCCERT_CHAIN_CONTEXT chain_context,
// Look up the EV policy OID of the root CA.
PCCERT_CONTEXT root_cert = element[num_elements - 1]->pCertContext;
- SHA1HashValue fingerprint =
- X509Certificate::CalculateFingerprint(root_cert);
+ SHA1HashValue fingerprint = X509Certificate::CalculateFingerprint(root_cert);
EVRootCAMetadata* metadata = EVRootCAMetadata::GetInstance();
return metadata->HasEVPolicyOID(fingerprint, policy_oid);
}
} // namespace
-CertVerifyProcWin::CertVerifyProcWin() {}
+CertVerifyProcWin::CertVerifyProcWin() {
+}
-CertVerifyProcWin::~CertVerifyProcWin() {}
+CertVerifyProcWin::~CertVerifyProcWin() {
+}
bool CertVerifyProcWin::SupportsAdditionalTrustAnchors() const {
return false;
@@ -559,11 +559,8 @@ int CertVerifyProcWin::VerifyInternal(
// We still need to request szOID_SERVER_GATED_CRYPTO and szOID_SGC_NETSCAPE
// today because some certificate chains need them. IE also requests these
// two usages.
- static const LPSTR usage[] = {
- szOID_PKIX_KP_SERVER_AUTH,
- szOID_SERVER_GATED_CRYPTO,
- szOID_SGC_NETSCAPE
- };
+ static const LPSTR usage[] = {szOID_PKIX_KP_SERVER_AUTH,
+ szOID_SERVER_GATED_CRYPTO, szOID_SGC_NETSCAPE};
chain_para.RequestedUsage.dwType = USAGE_MATCH_TYPE_OR;
chain_para.RequestedUsage.Usage.cUsageIdentifier = arraysize(usage);
chain_para.RequestedUsage.Usage.rgpszUsageIdentifier =
@@ -618,15 +615,14 @@ int CertVerifyProcWin::VerifyInternal(
// IE passes a non-NULL pTime argument that specifies the current system
// time. IE passes CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT as the
// chain_flags argument.
- if (!CertGetCertificateChain(
- chain_engine,
- cert_list.get(),
- NULL, // current system time
- cert_list->hCertStore,
- &chain_para,
- chain_flags,
- NULL, // reserved
- &chain_context)) {
+ if (!CertGetCertificateChain(chain_engine,
+ cert_list.get(),
+ NULL, // current system time
+ cert_list->hCertStore,
+ &chain_para,
+ chain_flags,
+ NULL, // reserved
+ &chain_context)) {
verify_result->cert_status |= CERT_STATUS_INVALID;
return MapSecurityError(GetLastError());
}
@@ -639,8 +635,7 @@ int CertVerifyProcWin::VerifyInternal(
verify_result->cert_status |= CERT_STATUS_REVOKED;
} else if (crl_set_result == kCRLSetUnknown &&
(flags & CertVerifier::VERIFY_REV_CHECKING_ENABLED_EV_ONLY) &&
- !rev_checking_enabled &&
- ev_policy_oid != NULL) {
+ !rev_checking_enabled && ev_policy_oid != NULL) {
// We don't have fresh information about this chain from the CRLSet and
// it's probably an EV certificate. Retry with online revocation checking.
rev_checking_enabled = true;
@@ -648,15 +643,14 @@ int CertVerifyProcWin::VerifyInternal(
verify_result->cert_status |= CERT_STATUS_REV_CHECKING_ENABLED;
CertFreeCertificateChain(chain_context);
- if (!CertGetCertificateChain(
- chain_engine,
- cert_list.get(),
- NULL, // current system time
- cert_list->hCertStore,
- &chain_para,
- chain_flags,
- NULL, // reserved
- &chain_context)) {
+ if (!CertGetCertificateChain(chain_engine,
+ cert_list.get(),
+ NULL, // current system time
+ cert_list->hCertStore,
+ &chain_para,
+ chain_flags,
+ NULL, // reserved
+ &chain_context)) {
verify_result->cert_status |= CERT_STATUS_INVALID;
return MapSecurityError(GetLastError());
}
@@ -668,15 +662,14 @@ int CertVerifyProcWin::VerifyInternal(
chain_para.RequestedIssuancePolicy.Usage.cUsageIdentifier = 0;
chain_para.RequestedIssuancePolicy.Usage.rgpszUsageIdentifier = NULL;
CertFreeCertificateChain(chain_context);
- if (!CertGetCertificateChain(
- chain_engine,
- cert_list.get(),
- NULL, // current system time
- cert_list->hCertStore,
- &chain_para,
- chain_flags,
- NULL, // reserved
- &chain_context)) {
+ if (!CertGetCertificateChain(chain_engine,
+ cert_list.get(),
+ NULL, // current system time
+ cert_list->hCertStore,
+ &chain_para,
+ chain_flags,
+ NULL, // reserved
+ &chain_context)) {
verify_result->cert_status |= CERT_STATUS_INVALID;
return MapSecurityError(GetLastError());
}
@@ -693,15 +686,14 @@ int CertVerifyProcWin::VerifyInternal(
chain_flags &= ~CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY;
CertFreeCertificateChain(chain_context);
- if (!CertGetCertificateChain(
- chain_engine,
- cert_list.get(),
- NULL, // current system time
- cert_list->hCertStore,
- &chain_para,
- chain_flags,
- NULL, // reserved
- &chain_context)) {
+ if (!CertGetCertificateChain(chain_engine,
+ cert_list.get(),
+ NULL, // current system time
+ cert_list->hCertStore,
+ &chain_para,
+ chain_flags,
+ NULL, // reserved
+ &chain_context)) {
verify_result->cert_status |= CERT_STATUS_INVALID;
return MapSecurityError(GetLastError());
}
@@ -746,16 +738,13 @@ int CertVerifyProcWin::VerifyInternal(
policy_status.cbSize = sizeof(policy_status);
if (!CertVerifyCertificateChainPolicy(
- CERT_CHAIN_POLICY_SSL,
- chain_context,
- &policy_para,
- &policy_status)) {
+ CERT_CHAIN_POLICY_SSL, chain_context, &policy_para, &policy_status)) {
return MapSecurityError(GetLastError());
}
if (policy_status.dwError) {
- verify_result->cert_status |= MapNetErrorToCertStatus(
- MapSecurityError(policy_status.dwError));
+ verify_result->cert_status |=
+ MapNetErrorToCertStatus(MapSecurityError(policy_status.dwError));
}
// TODO(wtc): Suppress CERT_STATUS_NO_REVOCATION_MECHANISM for now to be
« net/base/mime_util_unittest.cc ('K') | « net/cert/cert_verify_proc_unittest.cc ('k') | net/cert/cert_verify_result.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698