| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
| 6 | 6 |
| 7 #include "base/lazy_instance.h" | 7 #include "base/lazy_instance.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/pickle.h" | 9 #include "base/pickle.h" |
| 10 #include "base/sha1.h" | 10 #include "base/sha1.h" |
| (...skipping 859 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 870 verify_result->cert_status &= ~CERT_STATUS_NO_REVOCATION_MECHANISM; | 870 verify_result->cert_status &= ~CERT_STATUS_NO_REVOCATION_MECHANISM; |
| 871 | 871 |
| 872 if (IsCertStatusError(verify_result->cert_status)) | 872 if (IsCertStatusError(verify_result->cert_status)) |
| 873 return MapCertStatusToNetError(verify_result->cert_status); | 873 return MapCertStatusToNetError(verify_result->cert_status); |
| 874 | 874 |
| 875 AppendPublicKeyHashes(chain_context, &verify_result->public_key_hashes); | 875 AppendPublicKeyHashes(chain_context, &verify_result->public_key_hashes); |
| 876 verify_result->is_issued_by_known_root = IsIssuedByKnownRoot(chain_context); | 876 verify_result->is_issued_by_known_root = IsIssuedByKnownRoot(chain_context); |
| 877 | 877 |
| 878 if (ev_policy_oid && CheckEV(chain_context, ev_policy_oid)) | 878 if (ev_policy_oid && CheckEV(chain_context, ev_policy_oid)) |
| 879 verify_result->cert_status |= CERT_STATUS_IS_EV; | 879 verify_result->cert_status |= CERT_STATUS_IS_EV; |
| 880 |
| 881 if (IsPublicKeyBlacklisted(verify_result->public_key_hashes)) { |
| 882 verify_result->cert_status |= CERT_STATUS_AUTHORITY_INVALID; |
| 883 return MapCertStatusToNetError(verify_result->cert_status); |
| 884 } |
| 885 |
| 880 return OK; | 886 return OK; |
| 881 } | 887 } |
| 882 | 888 |
| 883 bool X509Certificate::GetDEREncoded(std::string* encoded) { | 889 bool X509Certificate::GetDEREncoded(std::string* encoded) { |
| 884 if (!cert_handle_->pbCertEncoded || !cert_handle_->cbCertEncoded) | 890 if (!cert_handle_->pbCertEncoded || !cert_handle_->cbCertEncoded) |
| 885 return false; | 891 return false; |
| 886 encoded->clear(); | 892 encoded->clear(); |
| 887 encoded->append(reinterpret_cast<char*>(cert_handle_->pbCertEncoded), | 893 encoded->append(reinterpret_cast<char*>(cert_handle_->pbCertEncoded), |
| 888 cert_handle_->cbCertEncoded); | 894 cert_handle_->cbCertEncoded); |
| 889 return true; | 895 return true; |
| (...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1039 if (!CertSerializeCertificateStoreElement(cert_handle, 0, &buffer[0], | 1045 if (!CertSerializeCertificateStoreElement(cert_handle, 0, &buffer[0], |
| 1040 &length)) { | 1046 &length)) { |
| 1041 return false; | 1047 return false; |
| 1042 } | 1048 } |
| 1043 | 1049 |
| 1044 return pickle->WriteData(reinterpret_cast<const char*>(&buffer[0]), | 1050 return pickle->WriteData(reinterpret_cast<const char*>(&buffer[0]), |
| 1045 length); | 1051 length); |
| 1046 } | 1052 } |
| 1047 | 1053 |
| 1048 } // namespace net | 1054 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7792023:
Merge 98741 to 782: Mark DigiNotar as untrusted (Closed)
Base URL: svn://svn.chromium.org/chrome/branches/782/src