From a17cd387e5ba36ff3e06995ce49da273b13f2b82 Mon Sep 17 00:00:00 2001 From: "snej@chromium.org" Date: Mon, 19 Apr 2010 23:09:54 +0000 Subject: Mac: Generate valid data if challenge string is empty This works around an apparent bug in Apple's ASN.1 encoder. BUG=41679 TEST=Manual testing with comodo.com or a local test site Review URL: http://codereview.chromium.org/1549047 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@44980 0039d316-1c4b-4281-b951-d872f2087c98 --- net/base/keygen_handler_mac.cc | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'net/base/keygen_handler_mac.cc') diff --git a/net/base/keygen_handler_mac.cc b/net/base/keygen_handler_mac.cc index 35e4714..a604035 100644 --- a/net/base/keygen_handler_mac.cc +++ b/net/base/keygen_handler_mac.cc @@ -25,6 +25,12 @@ struct PublicKeyAndChallenge { CSSM_DATA challenge_string; }; +// This is a copy of the built-in kSecAsn1IA5StringTemplate, but without the +// 'streamable' flag, which was causing bogus data to be written. +const SecAsn1Template kIA5StringTemplate[] = { + { SEC_ASN1_IA5_STRING, 0, NULL, sizeof(CSSM_DATA) } +}; + static const SecAsn1Template kPublicKeyAndChallengeTemplate[] = { { SEC_ASN1_SEQUENCE, @@ -40,7 +46,7 @@ static const SecAsn1Template kPublicKeyAndChallengeTemplate[] = { { SEC_ASN1_INLINE, offsetof(PublicKeyAndChallenge, challenge_string), - kSecAsn1IA5StringTemplate + kIA5StringTemplate }, { 0 -- cgit v1.1