From 49684c749a9b96c701ec7c8f7ec17915d9d411e3 Mon Sep 17 00:00:00 2001
From: "rsleevi@chromium.org"
 <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Wed, 14 Dec 2011 16:08:19 +0000
Subject: When encountering certificates signed with md2/md4, make it a fatal
 error.

When encountering certificates signed with md5, interstitial the page with an error about md5 being a weak signing algorithm.

This excludes checking the signatures of root certificates (trust anchors), as their self-signed signatures are not relevant to the security of the chain.

R=wtc@chromium.org
BUG=101123

Review URL: http://codereview.chromium.org/8374020

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@114432 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/base/x509_certificate_win.cc | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

(limited to 'net/base/x509_certificate_win.cc')

diff --git a/net/base/x509_certificate_win.cc b/net/base/x509_certificate_win.cc
index c04ff4d0..c672dfc 100644
--- a/net/base/x509_certificate_win.cc
+++ b/net/base/x509_certificate_win.cc
@@ -866,6 +866,7 @@ int X509Certificate::VerifyInternal(const std::string& hostname,
            chain_flags,
            NULL,  // reserved
            &chain_context)) {
+    verify_result->cert_status |= CERT_STATUS_INVALID;
     return MapSecurityError(GetLastError());
   }
 
@@ -884,6 +885,7 @@ int X509Certificate::VerifyInternal(const std::string& hostname,
              chain_flags,
              NULL,  // reserved
              &chain_context)) {
+      verify_result->cert_status |= CERT_STATUS_INVALID;
       return MapSecurityError(GetLastError());
     }
   }
@@ -894,14 +896,6 @@ int X509Certificate::VerifyInternal(const std::string& hostname,
   verify_result->cert_status |= MapCertChainErrorStatusToCertStatus(
       chain_context->TrustStatus.dwErrorStatus);
 
-  // Treat certificates signed using broken signature algorithms as invalid.
-  if (verify_result->has_md4)
-    verify_result->cert_status |= CERT_STATUS_INVALID;
-
-  // Flag certificates signed using weak signature algorithms.
-  if (verify_result->has_md2)
-    verify_result->cert_status |= CERT_STATUS_WEAK_SIGNATURE_ALGORITHM;
-
   // Flag certificates that have a Subject common name with a NULL character.
   if (CertSubjectCommonNameHasNull(cert_handle_))
     verify_result->cert_status |= CERT_STATUS_INVALID;
-- 
cgit v1.1