Index: net/cert/cert_verify_proc_ios.cc |
diff --git a/net/cert/cert_verify_proc_ios.cc b/net/cert/cert_verify_proc_ios.cc |
index 84ecd2aea84ba31730c706d83dc16c03ed414667..7e7296f85ea634d199f7e4d1cd0eb1802cbe1e16 100644 |
--- a/net/cert/cert_verify_proc_ios.cc |
+++ b/net/cert/cert_verify_proc_ios.cc |
@@ -101,7 +101,7 @@ int BuildAndEvaluateSecTrustRef(CFArrayRef cert_array, |
return OK; |
} |
-void GetCertChainInfo(CFArrayRef cert_chain, CertVerifyResult* verify_result) { |
+bool GetCertChainInfo(CFArrayRef cert_chain, CertVerifyResult* verify_result) { |
eroman
2017/03/23 23:41:31
I left a comment about GetCertChainInfo() for the
mattm
2017/03/24 21:49:35
Done.
|
DCHECK_LT(0, CFArrayGetCount(cert_chain)); |
SecCertificateRef verified_cert = nullptr; |
@@ -117,11 +117,11 @@ void GetCertChainInfo(CFArrayRef cert_chain, CertVerifyResult* verify_result) { |
std::string der_bytes; |
if (!X509Certificate::GetDEREncoded(chain_cert, &der_bytes)) |
- return; |
+ return false; |
base::StringPiece spki_bytes; |
if (!asn1::ExtractSPKIFromDERCert(der_bytes, &spki_bytes)) |
- continue; |
+ return false; |
HashValue sha1(HASH_VALUE_SHA1); |
CC_SHA1(spki_bytes.data(), spki_bytes.size(), sha1.data()); |
@@ -139,11 +139,15 @@ void GetCertChainInfo(CFArrayRef cert_chain, CertVerifyResult* verify_result) { |
} |
if (!verified_cert) { |
NOTREACHED(); |
- return; |
+ return false; |
} |
- verify_result->verified_cert = |
+ scoped_refptr<X509Certificate> verified_cert_with_chain = |
X509Certificate::CreateFromHandle(verified_cert, verified_chain); |
+ if (!verified_cert_with_chain) |
+ return false; |
+ verify_result->verified_cert = std::move(verified_cert_with_chain); |
+ return true; |
} |
} // namespace |
@@ -264,7 +268,8 @@ int CertVerifyProcIOS::VerifyInternal( |
verify_result->cert_status |= GetCertFailureStatusFromTrust(trust_ref); |
} |
- GetCertChainInfo(final_chain, verify_result); |
+ if (!GetCertChainInfo(final_chain, verify_result)) |
+ verify_result->cert_status |= CERT_STATUS_INVALID; |
// iOS lacks the ability to distinguish built-in versus non-built-in roots, |
// so opt to 'fail open' of any restrictive policies that apply to built-in |