net/tools/cert_verify_tool/cert_verify_tool.cc - Issue 2800993002: Add a key purpose parameter to Certificate PathBuilder.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/tools/cert_verify_tool/cert_verify_tool.cc

Issue 2800993002: Add a key purpose parameter to Certificate PathBuilder. (Closed)

Patch Set: rebase Created 3 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « net/data/verify_certificate_chain_unittest/unconstrained-root-bad-eku.pem ('k') | net/tools/cert_verify_tool/verify_using_path_builder.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2016 The Chromium Authors. All rights reserved.	1 // Copyright 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include <iostream>	5 #include <iostream>

6	6

7 #include "base/at_exit.h"	7 #include "base/at_exit.h"

8 #include "base/command_line.h"	8 #include "base/command_line.h"

9 #include "base/logging.h"	9 #include "base/logging.h"

10 #include "base/message_loop/message_loop.h"	10 #include "base/message_loop/message_loop.h"

(...skipping 108 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
119 &intermediate_der_certs)) {	119 &intermediate_der_certs)) {

120 std::cerr << "ERROR: Couldn't read certificate chain\n";	120 std::cerr << "ERROR: Couldn't read certificate chain\n";

121 return 1;	121 return 1;

122 }	122 }

123	123

124 if (target_der_cert.der_cert.empty()) {	124 if (target_der_cert.der_cert.empty()) {

125 std::cerr << "ERROR: no target cert\n";	125 std::cerr << "ERROR: no target cert\n";

126 return 1;	126 return 1;

127 }	127 }

128	128

	129 // TODO(eroman): Also use CertVerifyProcBuiltin.

	130

129 std::cout << "CertVerifyProc:\n";	131 std::cout << "CertVerifyProc:\n";

130 bool cert_verify_proc_ok = true;	132 bool cert_verify_proc_ok = true;

131 if (!time_flag.empty()) {	133 if (!time_flag.empty()) {

132 std::cerr << "ERROR: --time is not supported with CertVerifyProc, "	134 std::cerr << "ERROR: --time is not supported with CertVerifyProc, "

133 "skipping.\n";	135 "skipping.\n";

134 } else if (hostname.empty()) {	136 } else if (hostname.empty()) {

135 std::cerr << "ERROR: --hostname is required for CertVerifyProc, skipping\n";	137 std::cerr << "ERROR: --hostname is required for CertVerifyProc, skipping\n";

136 } else {	138 } else {

137 cert_verify_proc_ok = VerifyUsingCertVerifyProc(	139 cert_verify_proc_ok = VerifyUsingCertVerifyProc(

138 target_der_cert, hostname, intermediate_der_certs, root_der_certs,	140 target_der_cert, hostname, intermediate_der_certs, root_der_certs,

139 dump_prefix_path);	141 dump_prefix_path);

140 }	142 }

141	143

142 std::cout << "\nCertPathBuilder:\n";	144 std::cout << "\nCertPathBuilder:\n";

143	145

144 if (!hostname.empty()) {	146 if (!hostname.empty()) {

145 std::cerr	147 std::cerr

146 << "WARNING: --hostname is not yet verified with CertPathBuilder\n";	148 << "WARNING: --hostname is not yet verified with CertPathBuilder\n";

147 }	149 }

148	150

149 bool path_builder_ok =	151 bool path_builder_ok =

150 VerifyUsingPathBuilder(target_der_cert, intermediate_der_certs,	152 VerifyUsingPathBuilder(target_der_cert, intermediate_der_certs,

151 root_der_certs, verify_time, dump_prefix_path);	153 root_der_certs, verify_time, dump_prefix_path);

152	154

153 return (cert_verify_proc_ok && path_builder_ok) ? 0 : 1;	155 return (cert_verify_proc_ok && path_builder_ok) ? 0 : 1;

154 }	156 }

OLD	NEW