| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/cert_verify_proc_win.h" | 5 #include "net/cert/cert_verify_proc_win.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
| (...skipping 316 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 327 const char* algorithm = cert->pCertInfo->SignatureAlgorithm.pszObjId; | 327 const char* algorithm = cert->pCertInfo->SignatureAlgorithm.pszObjId; |
| 328 if (strcmp(algorithm, szOID_RSA_MD5RSA) == 0) { | 328 if (strcmp(algorithm, szOID_RSA_MD5RSA) == 0) { |
| 329 // md5WithRSAEncryption: 1.2.840.113549.1.1.4 | 329 // md5WithRSAEncryption: 1.2.840.113549.1.1.4 |
| 330 verify_result->has_md5 = true; | 330 verify_result->has_md5 = true; |
| 331 } else if (strcmp(algorithm, szOID_RSA_MD2RSA) == 0) { | 331 } else if (strcmp(algorithm, szOID_RSA_MD2RSA) == 0) { |
| 332 // md2WithRSAEncryption: 1.2.840.113549.1.1.2 | 332 // md2WithRSAEncryption: 1.2.840.113549.1.1.2 |
| 333 verify_result->has_md2 = true; | 333 verify_result->has_md2 = true; |
| 334 } else if (strcmp(algorithm, szOID_RSA_MD4RSA) == 0) { | 334 } else if (strcmp(algorithm, szOID_RSA_MD4RSA) == 0) { |
| 335 // md4WithRSAEncryption: 1.2.840.113549.1.1.3 | 335 // md4WithRSAEncryption: 1.2.840.113549.1.1.3 |
| 336 verify_result->has_md4 = true; | 336 verify_result->has_md4 = true; |
| 337 } else if (strcmp(algorithm, szOID_RSA_SHA1RSA) == 0 || |
| 338 strcmp(algorithm, szOID_X957_SHA1DSA) == 0 || |
| 339 strcmp(algorithm, szOID_ECDSA_SHA1) == 0) { |
| 340 // sha1WithRSAEncryption: 1.2.840.113549.1.1.5 |
| 341 // id-dsa-with-sha1: 1.2.840.10040.4.3 |
| 342 // ecdsa-with-SHA1: 1.2.840.10045.4.1 |
| 343 verify_result->has_sha1 = true; |
| 337 } | 344 } |
| 338 } | 345 } |
| 339 | 346 |
| 340 if (verified_cert) { | 347 if (verified_cert) { |
| 341 // Add the root certificate, if present, as it was not added above. | 348 // Add the root certificate, if present, as it was not added above. |
| 342 if (has_root_ca) | 349 if (has_root_ca) |
| 343 verified_chain.push_back(element[num_elements]->pCertContext); | 350 verified_chain.push_back(element[num_elements]->pCertContext); |
| 344 verify_result->verified_cert = | 351 verify_result->verified_cert = |
| 345 X509Certificate::CreateFromHandle(verified_cert, verified_chain); | 352 X509Certificate::CreateFromHandle(verified_cert, verified_chain); |
| 346 } | 353 } |
| (...skipping 449 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 796 return MapCertStatusToNetError(verify_result->cert_status); | 803 return MapCertStatusToNetError(verify_result->cert_status); |
| 797 | 804 |
| 798 if (ev_policy_oid && | 805 if (ev_policy_oid && |
| 799 CheckEV(chain_context, rev_checking_enabled, ev_policy_oid)) { | 806 CheckEV(chain_context, rev_checking_enabled, ev_policy_oid)) { |
| 800 verify_result->cert_status |= CERT_STATUS_IS_EV; | 807 verify_result->cert_status |= CERT_STATUS_IS_EV; |
| 801 } | 808 } |
| 802 return OK; | 809 return OK; |
| 803 } | 810 } |
| 804 | 811 |
| 805 } // namespace net | 812 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 509273002:
Detect SHA-1 when it appears in certificate chains (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@cert_status_extended