| OLD | NEW |
|---|
| 1 // Copyright (c) 2017 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/cert_verify_proc_builtin.h" | 5 #include "net/cert/cert_verify_proc_builtin.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 203 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 214 if (!der::EncodeTimeAsGeneralizedTime(base::Time::Now(), | 214 if (!der::EncodeTimeAsGeneralizedTime(base::Time::Now(), |
| 215 &verification_time)) { | 215 &verification_time)) { |
| 216 // This really shouldn't be possible unless Time::Now() returned | 216 // This really shouldn't be possible unless Time::Now() returned |
| 217 // something crazy. | 217 // something crazy. |
| 218 verify_result->cert_status |= CERT_STATUS_DATE_INVALID; | 218 verify_result->cert_status |= CERT_STATUS_DATE_INVALID; |
| 219 return; | 219 return; |
| 220 } | 220 } |
| 221 | 221 |
| 222 // Initialize the path builder. | 222 // Initialize the path builder. |
| 223 CertPathBuilder::Result result; | 223 CertPathBuilder::Result result; |
| 224 CertPathBuilder path_builder(target, ssl_trust_store->GetTrustStore(), | 224 CertPathBuilder path_builder( |
| 225 &signature_policy, verification_time, | 225 target, ssl_trust_store->GetTrustStore(), &signature_policy, |
| 226 KeyPurpose::SERVER_AUTH, &result); | 226 verification_time, KeyPurpose::SERVER_AUTH, InitialExplicitPolicy::kFalse, |
| 227 {AnyPolicy()} /* user_initial_policy_set*/, |
| 228 InitialPolicyMappingInhibit::kFalse, InitialAnyPolicyInhibit::kFalse, |
| 229 &result); |
| 227 | 230 |
| 228 // Allow the path builder to discover the explicitly provided intermediates in | 231 // Allow the path builder to discover the explicitly provided intermediates in |
| 229 // |input_cert|. | 232 // |input_cert|. |
| 230 CertIssuerSourceStatic intermediates; | 233 CertIssuerSourceStatic intermediates; |
| 231 AddIntermediatesToIssuerSource(input_cert, &intermediates); | 234 AddIntermediatesToIssuerSource(input_cert, &intermediates); |
| 232 path_builder.AddCertIssuerSource(&intermediates); | 235 path_builder.AddCertIssuerSource(&intermediates); |
| 233 | 236 |
| 234 // TODO(crbug.com/649017): Allow the path builder to discover intermediates | 237 // TODO(crbug.com/649017): Allow the path builder to discover intermediates |
| 235 // through AIA fetching. | 238 // through AIA fetching. |
| 236 | 239 |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 292 : OK; | 295 : OK; |
| 293 } | 296 } |
| 294 | 297 |
| 295 } // namespace | 298 } // namespace |
| 296 | 299 |
| 297 scoped_refptr<CertVerifyProc> CreateCertVerifyProcBuiltin() { | 300 scoped_refptr<CertVerifyProc> CreateCertVerifyProcBuiltin() { |
| 298 return scoped_refptr<CertVerifyProc>(new CertVerifyProcBuiltin()); | 301 return scoped_refptr<CertVerifyProc>(new CertVerifyProcBuiltin()); |
| 299 } | 302 } |
| 300 | 303 |
| 301 } // namespace net | 304 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2898303005:
Wire up certificate policies support in PathBuilder. (Closed)
