Skip to content

Commit

Permalink
Add initial code for verifying a certificate chain.
Browse files Browse the repository at this point in the history 
The code handles many of RFC 5280's requirements: BasicConstraints, KeyUsage, Signature, Validity.

But is lacking Revocation checks, subjectAltName, ExtendedKeyUsage and name constraints.

The unit-tests depend on data that was reviewed separately in https://codereview.chromium.org/1414393008/

BUG=410574

Review URL: https://codereview.chromium.org/1414923007

Cr-Commit-Position: refs/heads/master@{#365987}
  • Loading branch information
eroman authored and Commit bot committed Dec 18, 2015
1 parent 9e17d40 commit c1aac5a
Show file tree
Hide file tree
Showing 6 changed files with 869 additions and 2 deletions.
3 changes: 2 additions & 1 deletion net/BUILD.gn
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1582,11 +1582,12 @@ test("net_unittests") {
# 'test_data_files': [
# 'data/certificate_policies_unittest/',
# 'data/name_constraints_unittest/',
# 'data/parse_certificate_unittest/',
# 'data/ssl/certificates/',
# 'data/test.html',
# 'data/url_request_unittest/',
# 'data/verify_certificate_chain_unittest/',
# 'data/verify_name_match_unittest/names/',
# 'data/parse_certificate_unittest/',
# ],
# 'test_data_prefix': 'net',
# },
Expand Down
Loading

0 comments on commit c1aac5a

Please sign in to comment.