Skip to content

GitLab

T
tangled
Commit e368e465 authored by Matt Mueller's avatar Matt Mueller Committed by Commit Bot
Browse files
Options

[pki library] remove a few obsolete TODOs 

Change-Id: Ic7c38924c3c1fc441566aa85dd6c99cc75243810
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1898100Reviewed-by: default avatarEric Roman <eroman@chromium.org>
Commit-Queue: Matt Mueller <mattm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#712393}
parent ee8ad682
Hide whitespace changes
Inline Side-by-side
Showing with 4 additions and 5 deletions
net/cert/internal/ocsp.h
View file @ e368e465
...@@ -285,8 +285,6 @@ NET_EXPORT_PRIVATE bool ParseOCSPResponse(const der::Input& raw_tlv, ...@@ -285,8 +285,6 @@ NET_EXPORT_PRIVATE bool ParseOCSPResponse(const der::Input& raw_tlv,
// the |this_update| field in OCSPSingleResponse. Responses older than // the |this_update| field in OCSPSingleResponse. Responses older than
// |max_age| will be considered invalid. // |max_age| will be considered invalid.
// * |response_details|: Additional details about failures. // * |response_details|: Additional details about failures.
// TODO(eroman): This is only being used for logging of Expect-Staple, can
// remove if that gets pulled out.
NET_EXPORT OCSPRevocationStatus CheckOCSP( NET_EXPORT OCSPRevocationStatus CheckOCSP(
base::StringPiece raw_response, base::StringPiece raw_response,
base::StringPiece certificate_der, base::StringPiece certificate_der,
......
net/cert/internal/parsed_certificate_unittest.cc
View file @ e368e465
...@@ -135,8 +135,6 @@ TEST(ParsedCertificateTest, ExtensionsDuplicateKeyUsage) { ...@@ -135,8 +135,6 @@ TEST(ParsedCertificateTest, ExtensionsDuplicateKeyUsage) {
// Parses a certificate with a bad key usage extension (BIT STRING with zero // Parses a certificate with a bad key usage extension (BIT STRING with zero
// elements). // elements).
//
// TODO(eroman): This should be a verification failure not a parsing failure.
TEST(ParsedCertificateTest, BadKeyUsage) { TEST(ParsedCertificateTest, BadKeyUsage) {
ASSERT_FALSE(ParseCertificateFromFile("bad_key_usage.pem", {})); ASSERT_FALSE(ParseCertificateFromFile("bad_key_usage.pem", {}));
} }
......
net/cert/internal/verify_certificate_chain.cc
View file @ e368e465
...@@ -817,7 +817,9 @@ void PathVerifier::BasicCertificateProcessing( ...@@ -817,7 +817,9 @@ void PathVerifier::BasicCertificateProcessing(
// (RFC 5280 section 6.1.3 step a.2) // (RFC 5280 section 6.1.3 step a.2)
VerifyTimeValidity(cert, time, errors); VerifyTimeValidity(cert, time, errors);
// TODO(eroman): Check revocation (RFC 5280 section 6.1.3 step a.3) // RFC 5280 section 6.1.3 step a.3 calls for checking the certificate's
// revocation status here. In this implementation revocation checking is
// implemented separately from path validation.
// Verify the certificate's issuer name matches the issuing certificate's // Verify the certificate's issuer name matches the issuing certificate's
// subject name. (RFC 5280 section 6.1.3 step a.4) // subject name. (RFC 5280 section 6.1.3 step a.4)
......
net/cert/internal/verify_certificate_chain.h
View file @ e368e465
...@@ -78,6 +78,7 @@ class NET_EXPORT VerifyCertificateChainDelegate { ...@@ -78,6 +78,7 @@ class NET_EXPORT VerifyCertificateChainDelegate {
// //
// * If Extended Key Usage appears on intermediates, it is treated as // * If Extended Key Usage appears on intermediates, it is treated as
// a restriction on subordinate certificates. // a restriction on subordinate certificates.
// * No revocation checking is performed.
// //
// ----------------------------------------- // -----------------------------------------
// Additional responsibilities of the caller // Additional responsibilities of the caller
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment