net/cert/x509_certificate_bytes.cc - Issue 2881023003: X509CertificateBytes: Allow invalid serial numbers for now.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/x509_certificate_bytes.cc

Issue 2881023003: X509CertificateBytes: Allow invalid serial numbers for now. (Closed)

Patch Set: review changes 2 Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/x509_certificate_bytes.cc

diff --git a/net/cert/x509_certificate_bytes.cc b/net/cert/x509_certificate_bytes.cc

index 8ffc3f6d4623fd6a129b8a7e2818ee56db7b7ec0..7cada9faca35f330e519c17f36fb556163599fb7 100644

--- a/net/cert/x509_certificate_bytes.cc

+++ b/net/cert/x509_certificate_bytes.cc

@@ -42,6 +42,12 @@ bool GeneralizedTimeToBaseTime(const der::GeneralizedTime& generalized,

return base::Time::FromUTCExploded(exploded, result);

}

+ParseCertificateOptions DefaultParseCertificateOptions() {

+ ParseCertificateOptions options;

+ options.allow_invalid_serial_numbers = true;

+ return options;

// Sets |value| to the Value from a DER Sequence Tag-Length-Value and return

// true, or return false if the TLV was not a valid DER Sequence.

WARN_UNUSED_RESULT bool GetSequenceValue(const der::Input& tlv,

@@ -64,7 +70,8 @@ bool GetNormalizedCertIssuer(CRYPTO_BUFFER* cert,

return false;

}

ParsedTbsCertificate tbs;

- if (!ParseTbsCertificate(tbs_certificate_tlv, {}, &tbs, nullptr))

+ if (!ParseTbsCertificate(tbs_certificate_tlv,

+ DefaultParseCertificateOptions(), &tbs, nullptr))

return false;

der::Input issuer_value;

@@ -169,7 +176,8 @@ bool X509Certificate::Initialize() {

}

ParsedTbsCertificate tbs;

- if (!ParseTbsCertificate(tbs_certificate_tlv, {}, &tbs, nullptr))

+ if (!ParseTbsCertificate(tbs_certificate_tlv,

+ DefaultParseCertificateOptions(), &tbs, nullptr))

return false;

if (!ParsePrincipal(tbs.subject_tlv, &subject_) ||

@@ -204,7 +212,8 @@ bool X509Certificate::GetSubjectAltName(

}

ParsedTbsCertificate tbs;

- if (!ParseTbsCertificate(tbs_certificate_tlv, {}, &tbs, nullptr))

+ if (!ParseTbsCertificate(tbs_certificate_tlv,

+ DefaultParseCertificateOptions(), &tbs, nullptr))

return false;

if (!tbs.has_extensions)

return false;

@@ -428,7 +437,8 @@ bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) {

return false;

}

ParsedTbsCertificate tbs;

- if (!ParseTbsCertificate(tbs_certificate_tlv, {}, &tbs, nullptr)) {

+ if (!ParseTbsCertificate(tbs_certificate_tlv,

+ DefaultParseCertificateOptions(), &tbs, nullptr)) {

return false;

}

« no previous file with comments | « net/cert/internal/parsed_certificate_unittest.cc ('k') | net/cert/x509_certificate_unittest.cc » ('j') | no next file with comments »