| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/cert_verify_proc.h" | 5 #include "net/cert/cert_verify_proc.h" |
| 6 | 6 |
| 7 #include "base/metrics/histogram.h" | 7 #include "base/metrics/histogram.h" |
| 8 #include "base/sha1.h" | 8 #include "base/sha1.h" |
| 9 #include "base/strings/stringprintf.h" | 9 #include "base/strings/stringprintf.h" |
| 10 #include "build/build_config.h" | 10 #include "build/build_config.h" |
| (...skipping 356 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 367 // Issuer: CN=Trustwave Organization Issuing CA, Level 2 | 367 // Issuer: CN=Trustwave Organization Issuing CA, Level 2 |
| 368 // Covers two certificates, the latter of which expires Apr 15 21:09:30 | 368 // Covers two certificates, the latter of which expires Apr 15 21:09:30 |
| 369 // 2021 GMT. | 369 // 2021 GMT. |
| 370 {0xe1, 0x2d, 0x89, 0xf5, 0x6d, 0x22, 0x76, 0xf8, 0x30, 0xe6, | 370 {0xe1, 0x2d, 0x89, 0xf5, 0x6d, 0x22, 0x76, 0xf8, 0x30, 0xe6, |
| 371 0xce, 0xaf, 0xa6, 0x6c, 0x72, 0x5c, 0x0b, 0x41, 0xa9, 0x32}, | 371 0xce, 0xaf, 0xa6, 0x6c, 0x72, 0x5c, 0x0b, 0x41, 0xa9, 0x32}, |
| 372 // Cyberoam CA certificate. Private key leaked, but this certificate would | 372 // Cyberoam CA certificate. Private key leaked, but this certificate would |
| 373 // only have been installed by Cyberoam customers. The certificate expires | 373 // only have been installed by Cyberoam customers. The certificate expires |
| 374 // in 2036, but we can probably remove in a couple of years (2014). | 374 // in 2036, but we can probably remove in a couple of years (2014). |
| 375 {0xd9, 0xf5, 0xc6, 0xce, 0x57, 0xff, 0xaa, 0x39, 0xcc, 0x7e, | 375 {0xd9, 0xf5, 0xc6, 0xce, 0x57, 0xff, 0xaa, 0x39, 0xcc, 0x7e, |
| 376 0xd1, 0x72, 0xbd, 0x53, 0xe0, 0xd3, 0x07, 0x83, 0x4b, 0xd1}, | 376 0xd1, 0x72, 0xbd, 0x53, 0xe0, 0xd3, 0x07, 0x83, 0x4b, 0xd1}, |
| 377 // Win32/Sirefef.gen!C generates fake certifciates with this public key. | 377 // Win32/Sirefef.gen!C generates fake certificates with this public key. |
| 378 {0xa4, 0xf5, 0x6e, 0x9e, 0x1d, 0x9a, 0x3b, 0x7b, 0x1a, 0xc3, | 378 {0xa4, 0xf5, 0x6e, 0x9e, 0x1d, 0x9a, 0x3b, 0x7b, 0x1a, 0xc3, |
| 379 0x31, 0xcf, 0x64, 0xfc, 0x76, 0x2c, 0xd0, 0x51, 0xfb, 0xa4}, | 379 0x31, 0xcf, 0x64, 0xfc, 0x76, 0x2c, 0xd0, 0x51, 0xfb, 0xa4}, |
| 380 }; | 380 }; |
| 381 | 381 |
| 382 for (unsigned i = 0; i < kNumHashes; i++) { | 382 for (unsigned i = 0; i < kNumHashes; i++) { |
| 383 for (HashValueVector::const_iterator j = public_key_hashes.begin(); | 383 for (HashValueVector::const_iterator j = public_key_hashes.begin(); |
| 384 j != public_key_hashes.end(); ++j) { | 384 j != public_key_hashes.end(); ++j) { |
| 385 if (j->tag == HASH_VALUE_SHA1 && | 385 if (j->tag == HASH_VALUE_SHA1 && |
| 386 memcmp(j->data(), kHashes[i], base::kSHA1Length) == 0) { | 386 memcmp(j->data(), kHashes[i], base::kSHA1Length) == 0) { |
| 387 return true; | 387 return true; |
| 388 } | 388 } |
| 389 } | 389 } |
| 390 } | 390 } |
| 391 | 391 |
| 392 return false; | 392 return false; |
| 393 } | 393 } |
| 394 | 394 |
| 395 } // namespace net | 395 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 23523051:
Blacklist semi-private intermediate issuers from issuing for Google domains. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src