| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/path_builder.h" | 5 #include "net/cert/internal/path_builder.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <unordered_set> | 8 #include <unordered_set> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 586 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 597 | 597 |
| 598 void CertPathBuilder::DoGetNextPathComplete() { | 598 void CertPathBuilder::DoGetNextPathComplete() { |
| 599 if (next_path_.IsEmpty()) { | 599 if (next_path_.IsEmpty()) { |
| 600 // No more paths to check, signal completion. | 600 // No more paths to check, signal completion. |
| 601 next_state_ = STATE_NONE; | 601 next_state_ = STATE_NONE; |
| 602 return; | 602 return; |
| 603 } | 603 } |
| 604 | 604 |
| 605 // Verify the entire certificate chain. | 605 // Verify the entire certificate chain. |
| 606 auto result_path = base::MakeUnique<ResultPath>(); | 606 auto result_path = base::MakeUnique<ResultPath>(); |
| 607 // TODO(eroman): don't pass placeholder for policy. | 607 VerifyCertificateChain(next_path_.certs, next_path_.last_cert_trust, |
| 608 VerifyCertificateChain( | 608 signature_policy_, time_, key_purpose_, |
| 609 next_path_.certs, next_path_.last_cert_trust, signature_policy_, time_, | 609 &result_path->errors); |
| 610 key_purpose_, InitialExplicitPolicy::kFalse, {AnyPolicy()}, | |
| 611 InitialPolicyMappingInhibit::kFalse, InitialAnyPolicyInhibit::kFalse, | |
| 612 nullptr /*user_constrained_policy_set*/, &result_path->errors); | |
| 613 bool verify_result = !result_path->errors.ContainsHighSeverityErrors(); | 610 bool verify_result = !result_path->errors.ContainsHighSeverityErrors(); |
| 614 | 611 |
| 615 DVLOG(1) << "CertPathBuilder VerifyCertificateChain result = " | 612 DVLOG(1) << "CertPathBuilder VerifyCertificateChain result = " |
| 616 << verify_result << "\n" | 613 << verify_result << "\n" |
| 617 << result_path->errors.ToDebugString(next_path_.certs); | 614 << result_path->errors.ToDebugString(next_path_.certs); |
| 618 result_path->path = next_path_; | 615 result_path->path = next_path_; |
| 619 AddResultPath(std::move(result_path)); | 616 AddResultPath(std::move(result_path)); |
| 620 | 617 |
| 621 if (verify_result) { | 618 if (verify_result) { |
| 622 // Found a valid path, return immediately. | 619 // Found a valid path, return immediately. |
| (...skipping 10 matching lines...) Expand all Loading... |
| 633 | 630 |
| 634 void CertPathBuilder::AddResultPath(std::unique_ptr<ResultPath> result_path) { | 631 void CertPathBuilder::AddResultPath(std::unique_ptr<ResultPath> result_path) { |
| 635 // TODO(mattm): set best_result_index based on number or severity of errors. | 632 // TODO(mattm): set best_result_index based on number or severity of errors. |
| 636 if (result_path->IsValid()) | 633 if (result_path->IsValid()) |
| 637 out_result_->best_result_index = out_result_->paths.size(); | 634 out_result_->best_result_index = out_result_->paths.size(); |
| 638 // TODO(mattm): add flag to only return a single path or all attempted paths? | 635 // TODO(mattm): add flag to only return a single path or all attempted paths? |
| 639 out_result_->paths.push_back(std::move(result_path)); | 636 out_result_->paths.push_back(std::move(result_path)); |
| 640 } | 637 } |
| 641 | 638 |
| 642 } // namespace net | 639 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2918063002:
Revert of Add policies support to VerifyCertificateChain(). (Closed)
