Do not treat weak keys (<1024 bits || MD5) as fatal errors

net/base/cert_verify_proc_win.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/cert_verify_proc_win.h"
 
 #include "base/memory/scoped_ptr.h"
 #include "base/sha1.h"
 #include "base/string_util.h"
 #include "base/utf_string_conversions.h"
 #include "crypto/capi_util.h"
 #include "crypto/scoped_capi_types.h"
 #include "crypto/sha2.h"
 #include "net/base/asn1_util.h"
 #include "net/base/cert_status_flags.h"
 #include "net/base/cert_verify_result.h"
 #include "net/base/crl_set.h"
 #include "net/base/ev_root_ca_metadata.h"
 #include "net/base/net_errors.h"
 #include "net/base/test_root_certs.h"
 #include "net/base/x509_certificate.h"
 #include "net/base/x509_certificate_known_roots_win.h"
 
 #pragma comment(lib, "crypt32.lib")
 
+#if !defined(CERT_TRUST_HAS_WEAK_SIGNATURE)
+// This was introduced in Windows 8 / Windows Server 2012, but retroactively
+// ported as far back as Windows XP via system update.
+#define CERT_TRUST_HAS_WEAK_SIGNATURE 0x00100000
+#endif
+
 namespace net {
 
 namespace {
 
 struct FreeChainEngineFunctor {
   void operator()(HCERTCHAINENGINE engine) const {
     if (engine)
       CertFreeCertificateChainEngine(engine);
   }
 };
@@ skipping 97 matching lines @@
   if (error_status & CERT_TRUST_IS_REVOKED)
     cert_status |= CERT_STATUS_REVOKED;
 
   const DWORD kWrongUsageErrors = CERT_TRUST_IS_NOT_VALID_FOR_USAGE |
                                   CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE;
   if (error_status & kWrongUsageErrors) {
     // TODO(wtc): Should we add CERT_STATUS_WRONG_USAGE?
     cert_status |= CERT_STATUS_INVALID;
   }
 
+  if (error_status & CERT_TRUST_IS_NOT_SIGNATURE_VALID) {
+    // Check for a signature that does not meet the OS criteria for strong
+    // signatures.
+    // Note: These checks may be more restrictive than the current weak key
+    // criteria implemented within CertVerifier, such as excluding SHA-1 or
+    // excluding RSA keys < 2048 bits. However, if the user has configured

[wtc, 2012/06/14 00:33:16]

This comment is a little confusing because it's not clear
whether "such as excluding SHA-1 ..." is modifying
"These checks" or "the current weak key criteria implemented
within CertVerifier".

In my first reading I thought it was talking about our current
weak key criteria.

+    // these more stringent checks, respect that configuration and err on the
+    // more restrictive criteria.
+    if (error_status & CERT_TRUST_HAS_WEAK_SIGNATURE) {
+      cert_status |= CERT_STATUS_WEAK_KEY;

[wtc, 2012/06/14 00:33:16]

Could also be CERT_STATUS_WEAK_SIGNATURE_ALGORITHM...
Not sure which is the better cert status bit to set here.

+    } else {
+      cert_status |= CERT_STATUS_INVALID;
+    }
+  }
+
   // The rest of the errors.
   const DWORD kCertInvalidErrors =
-      CERT_TRUST_IS_NOT_SIGNATURE_VALID |
       CERT_TRUST_IS_CYCLIC |
       CERT_TRUST_INVALID_EXTENSION |
       CERT_TRUST_INVALID_POLICY_CONSTRAINTS |
       CERT_TRUST_INVALID_BASIC_CONSTRAINTS |
       CERT_TRUST_INVALID_NAME_CONSTRAINTS |
       CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID |
       CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT |
       CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT |
       CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT |
       CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT |
@@ skipping 557 matching lines @@
   verify_result->is_issued_by_known_root = IsIssuedByKnownRoot(chain_context);
 
   if (ev_policy_oid &&
       CheckEV(chain_context, rev_checking_enabled, ev_policy_oid)) {
     verify_result->cert_status |= CERT_STATUS_IS_EV;
   }
   return OK;
 }
 
 }  // namespace net