Index: net/cert/cert_verify_proc_mac.cc |
diff --git a/net/cert/cert_verify_proc_mac.cc b/net/cert/cert_verify_proc_mac.cc |
index 9d5043b165cf92643bd7cd9752855ddb42099b0c..7662b6654a1f6f0db4773357aeaf5e0fed61a9cf 100644 |
--- a/net/cert/cert_verify_proc_mac.cc |
+++ b/net/cert/cert_verify_proc_mac.cc |
@@ -202,7 +202,8 @@ void CopyCertChainToVerifyResult(CFArrayRef cert_chain, |
} |
scoped_refptr<X509Certificate> verified_cert_with_chain = |
- X509Certificate::CreateFromHandle(verified_cert, verified_chain); |
+ x509_util::CreateX509CertificateFromSecCertificate(verified_cert, |
+ verified_chain); |
if (verified_cert_with_chain) |
verify_result->verified_cert = std::move(verified_cert_with_chain); |
else |
@@ -212,7 +213,7 @@ void CopyCertChainToVerifyResult(CFArrayRef cert_chain, |
// Returns true if the certificate uses MD2, MD4, MD5, or SHA1, and false |
// otherwise. A return of false also includes the case where the signature |
// algorithm couldn't be conclusively labeled as weak. |
-bool CertUsesWeakHash(X509Certificate::OSCertHandle cert_handle) { |
+bool CertUsesWeakHash(SecCertificateRef cert_handle) { |
x509_util::CSSMCachedCertificate cached_cert; |
OSStatus status = cached_cert.Init(cert_handle); |
if (status) |
@@ -639,7 +640,7 @@ class OSXKnownRootHelper { |
return false; |
SecCertificateRef root_ref = reinterpret_cast<SecCertificateRef>( |
const_cast<void*>(CFArrayGetValueAtIndex(chain, n - 1))); |
- SHA256HashValue hash = X509Certificate::CalculateFingerprint256(root_ref); |
+ SHA256HashValue hash = x509_util::CalculateFingerprint256(root_ref); |
return known_roots_.find(hash) != known_roots_.end(); |
} |
@@ -659,7 +660,7 @@ class OSXKnownRootHelper { |
for (CFIndex i = 0, size = CFArrayGetCount(cert_array); i < size; ++i) { |
SecCertificateRef cert = reinterpret_cast<SecCertificateRef>( |
const_cast<void*>(CFArrayGetValueAtIndex(cert_array, i))); |
- known_roots_.insert(X509Certificate::CalculateFingerprint256(cert)); |
+ known_roots_.insert(x509_util::CalculateFingerprint256(cert)); |
} |
} |
@@ -805,7 +806,9 @@ int VerifyWithGivenFlags(X509Certificate* cert, |
} |
ScopedCFTypeRef<CFMutableArrayRef> cert_array( |
- cert->CreateOSCertChainForCert()); |
+ x509_util::CreateSecCertificateArrayForX509Certificate(cert)); |
+ if (!cert_array) |
+ return ERR_CERT_INVALID; |
// Beginning with the certificate chain as supplied by the server, attempt |
// to verify the chain. If a failure is encountered, trim a certificate |