Index: net/cert/x509_certificate_bytes.cc |
diff --git a/net/cert/x509_certificate_bytes.cc b/net/cert/x509_certificate_bytes.cc |
index 8ffc3f6d4623fd6a129b8a7e2818ee56db7b7ec0..7cada9faca35f330e519c17f36fb556163599fb7 100644 |
--- a/net/cert/x509_certificate_bytes.cc |
+++ b/net/cert/x509_certificate_bytes.cc |
@@ -42,6 +42,12 @@ bool GeneralizedTimeToBaseTime(const der::GeneralizedTime& generalized, |
return base::Time::FromUTCExploded(exploded, result); |
} |
+ParseCertificateOptions DefaultParseCertificateOptions() { |
+ ParseCertificateOptions options; |
+ options.allow_invalid_serial_numbers = true; |
+ return options; |
+} |
+ |
// Sets |value| to the Value from a DER Sequence Tag-Length-Value and return |
// true, or return false if the TLV was not a valid DER Sequence. |
WARN_UNUSED_RESULT bool GetSequenceValue(const der::Input& tlv, |
@@ -64,7 +70,8 @@ bool GetNormalizedCertIssuer(CRYPTO_BUFFER* cert, |
return false; |
} |
ParsedTbsCertificate tbs; |
- if (!ParseTbsCertificate(tbs_certificate_tlv, {}, &tbs, nullptr)) |
+ if (!ParseTbsCertificate(tbs_certificate_tlv, |
+ DefaultParseCertificateOptions(), &tbs, nullptr)) |
return false; |
der::Input issuer_value; |
@@ -169,7 +176,8 @@ bool X509Certificate::Initialize() { |
} |
ParsedTbsCertificate tbs; |
- if (!ParseTbsCertificate(tbs_certificate_tlv, {}, &tbs, nullptr)) |
+ if (!ParseTbsCertificate(tbs_certificate_tlv, |
+ DefaultParseCertificateOptions(), &tbs, nullptr)) |
return false; |
if (!ParsePrincipal(tbs.subject_tlv, &subject_) || |
@@ -204,7 +212,8 @@ bool X509Certificate::GetSubjectAltName( |
} |
ParsedTbsCertificate tbs; |
- if (!ParseTbsCertificate(tbs_certificate_tlv, {}, &tbs, nullptr)) |
+ if (!ParseTbsCertificate(tbs_certificate_tlv, |
+ DefaultParseCertificateOptions(), &tbs, nullptr)) |
return false; |
if (!tbs.has_extensions) |
return false; |
@@ -428,7 +437,8 @@ bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) { |
return false; |
} |
ParsedTbsCertificate tbs; |
- if (!ParseTbsCertificate(tbs_certificate_tlv, {}, &tbs, nullptr)) { |
+ if (!ParseTbsCertificate(tbs_certificate_tlv, |
+ DefaultParseCertificateOptions(), &tbs, nullptr)) { |
return false; |
} |