Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(953)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/cert_verify_proc_mac.cc

Issue 2951343002: Remove residual support for SHA-1 public key pins. (Closed)
Patch Set: Remove more code, use SHA-256 for the blacklist, and include the original FRST and India CCA certs. Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/cert/cert_verify_proc_builtin.cc ('K') | « net/cert/cert_verify_proc_ios.cc ('k') | net/cert/cert_verify_proc_nss.cc » ('j') | net/data/ssl/blacklist/README.md » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/cert_verify_proc_mac.cc
diff --git a/net/cert/cert_verify_proc_mac.cc b/net/cert/cert_verify_proc_mac.cc
index bd6d819e702af52ece7e926d4fd1d59d2bc3fd44..269316ce69c4a20f6d674a07b6ea952790262b51 100644
--- a/net/cert/cert_verify_proc_mac.cc
+++ b/net/cert/cert_verify_proc_mac.cc
@@ -382,10 +382,6 @@ void AppendPublicKeyHashes(CFArrayRef chain,
if (!asn1::ExtractSPKIFromDERCert(der_bytes, &spki_bytes))
continue;
- HashValue sha1(HASH_VALUE_SHA1);
- CC_SHA1(spki_bytes.data(), spki_bytes.size(), sha1.data());
- hashes->push_back(sha1);
-
HashValue sha256(HASH_VALUE_SHA256);
CC_SHA256(spki_bytes.data(), spki_bytes.size(), sha256.data());
hashes->push_back(sha256);
« net/cert/cert_verify_proc_builtin.cc ('K') | « net/cert/cert_verify_proc_ios.cc ('k') | net/cert/cert_verify_proc_nss.cc » ('j') | net/data/ssl/blacklist/README.md » ('J')

Powered by Google App Engine
This is Rietveld 408576698