OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/cert_verify_proc_nss.h" | 5 #include "net/cert/cert_verify_proc_nss.h" |
6 | 6 |
7 #include <cert.h> | 7 #include <cert.h> |
8 #include <nss.h> | 8 #include <nss.h> |
9 #include <prerror.h> | 9 #include <prerror.h> |
10 #include <secerr.h> | 10 #include <secerr.h> |
(...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
188 &next_cert->derPublicKey)) { | 188 &next_cert->derPublicKey)) { |
189 continue; | 189 continue; |
190 } | 190 } |
191 } | 191 } |
192 verified_chain.push_back(node->cert); | 192 verified_chain.push_back(node->cert); |
193 } | 193 } |
194 } | 194 } |
195 | 195 |
196 if (root_cert) | 196 if (root_cert) |
197 verified_chain.push_back(root_cert); | 197 verified_chain.push_back(root_cert); |
198 verify_result->verified_cert = | 198 |
| 199 scoped_refptr<X509Certificate> verified_cert_with_chain = |
199 X509Certificate::CreateFromHandle(verified_cert, verified_chain); | 200 X509Certificate::CreateFromHandle(verified_cert, verified_chain); |
| 201 if (verified_cert_with_chain) |
| 202 verify_result->verified_cert = std::move(verified_cert_with_chain); |
| 203 else |
| 204 verify_result->cert_status |= CERT_STATUS_INVALID; |
200 } | 205 } |
201 | 206 |
202 // IsKnownRoot returns true if the given certificate is one that we believe | 207 // IsKnownRoot returns true if the given certificate is one that we believe |
203 // is a standard (as opposed to user-installed) root. | 208 // is a standard (as opposed to user-installed) root. |
204 bool IsKnownRoot(CERTCertificate* root) { | 209 bool IsKnownRoot(CERTCertificate* root) { |
205 if (!root || !root->slot) | 210 if (!root || !root->slot) |
206 return false; | 211 return false; |
207 | 212 |
208 // This magic name is taken from | 213 // This magic name is taken from |
209 // http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/ckfw/b
uiltins/constants.c&rev=1.13&mark=86,89#79 | 214 // http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/ckfw/b
uiltins/constants.c&rev=1.13&mark=86,89#79 |
(...skipping 744 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
954 CRLSet* crl_set, | 959 CRLSet* crl_set, |
955 const CertificateList& additional_trust_anchors, | 960 const CertificateList& additional_trust_anchors, |
956 CertVerifyResult* verify_result) { | 961 CertVerifyResult* verify_result) { |
957 return VerifyInternalImpl(cert, hostname, ocsp_response, flags, crl_set, | 962 return VerifyInternalImpl(cert, hostname, ocsp_response, flags, crl_set, |
958 additional_trust_anchors, | 963 additional_trust_anchors, |
959 NULL, // chain_verify_callback | 964 NULL, // chain_verify_callback |
960 verify_result); | 965 verify_result); |
961 } | 966 } |
962 | 967 |
963 } // namespace net | 968 } // namespace net |
OLD | NEW |