summaryrefslogtreecommitdiff
path: root/chromium/chrome/browser/extensions/api
diff options
context:
space:
mode:
Diffstat (limited to 'chromium/chrome/browser/extensions/api')
-rw-r--r--chromium/chrome/browser/extensions/api/certificate_provider/certificate_provider_api.cc8
-rw-r--r--chromium/chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc14
-rw-r--r--chromium/chrome/browser/extensions/api/platform_keys/platform_keys_api.cc15
3 files changed, 30 insertions, 7 deletions
diff --git a/chromium/chrome/browser/extensions/api/certificate_provider/certificate_provider_api.cc b/chromium/chrome/browser/extensions/api/certificate_provider/certificate_provider_api.cc
index b324f2171dc..7e26990ca4b 100644
--- a/chromium/chrome/browser/extensions/api/certificate_provider/certificate_provider_api.cc
+++ b/chromium/chrome/browser/extensions/api/certificate_provider/certificate_provider_api.cc
@@ -124,8 +124,12 @@ bool CertificateProviderInternalReportCertificatesFunction::
return false;
}
- out_info->certificate =
- net::X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size());
+ // Allow UTF-8 inside PrintableStrings in client certificates. See
+ // crbug.com/770323 and crbug.com/788655.
+ net::X509Certificate::UnsafeCreateOptions options;
+ options.printable_string_is_utf8 = true;
+ out_info->certificate = net::X509Certificate::CreateFromBytesUnsafeOptions(
+ cert_der.data(), cert_der.size(), options);
if (!out_info->certificate) {
WriteToConsole(content::CONSOLE_MESSAGE_LEVEL_ERROR, kErrorInvalidX509Cert);
return false;
diff --git a/chromium/chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc b/chromium/chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc
index 3a0a01ad53a..d20974aad2d 100644
--- a/chromium/chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc
+++ b/chromium/chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc
@@ -142,8 +142,13 @@ EnterprisePlatformKeysImportCertificateFunction::Run() {
return RespondNow(Error(platform_keys::kErrorInvalidToken));
const std::vector<char>& cert_der = params->certificate;
+ // Allow UTF-8 inside PrintableStrings in client certificates. See
+ // crbug.com/770323 and crbug.com/788655.
+ net::X509Certificate::UnsafeCreateOptions options;
+ options.printable_string_is_utf8 = true;
scoped_refptr<net::X509Certificate> cert_x509 =
- net::X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size());
+ net::X509Certificate::CreateFromBytesUnsafeOptions(
+ cert_der.data(), cert_der.size(), options);
if (!cert_x509.get())
return RespondNow(Error(kErrorInvalidX509Cert));
@@ -180,8 +185,13 @@ EnterprisePlatformKeysRemoveCertificateFunction::Run() {
return RespondNow(Error(platform_keys::kErrorInvalidToken));
const std::vector<char>& cert_der = params->certificate;
+ // Allow UTF-8 inside PrintableStrings in client certificates. See
+ // crbug.com/770323 and crbug.com/788655.
+ net::X509Certificate::UnsafeCreateOptions options;
+ options.printable_string_is_utf8 = true;
scoped_refptr<net::X509Certificate> cert_x509 =
- net::X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size());
+ net::X509Certificate::CreateFromBytesUnsafeOptions(
+ cert_der.data(), cert_der.size(), options);
if (!cert_x509.get())
return RespondNow(Error(kErrorInvalidX509Cert));
diff --git a/chromium/chrome/browser/extensions/api/platform_keys/platform_keys_api.cc b/chromium/chrome/browser/extensions/api/platform_keys/platform_keys_api.cc
index 4372d80fa7b..7fd7ef4dced 100644
--- a/chromium/chrome/browser/extensions/api/platform_keys/platform_keys_api.cc
+++ b/chromium/chrome/browser/extensions/api/platform_keys/platform_keys_api.cc
@@ -131,8 +131,13 @@ PlatformKeysInternalGetPublicKeyFunction::Run() {
const std::vector<char>& cert_der = params->certificate;
if (cert_der.empty())
return RespondNow(Error(platform_keys::kErrorInvalidX509Cert));
+ // Allow UTF-8 inside PrintableStrings in client certificates. See
+ // crbug.com/770323 and crbug.com/788655.
+ net::X509Certificate::UnsafeCreateOptions options;
+ options.printable_string_is_utf8 = true;
scoped_refptr<net::X509Certificate> cert_x509 =
- net::X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size());
+ net::X509Certificate::CreateFromBytesUnsafeOptions(
+ cert_der.data(), cert_der.size(), options);
if (!cert_x509)
return RespondNow(Error(platform_keys::kErrorInvalidX509Cert));
@@ -206,9 +211,13 @@ PlatformKeysInternalSelectClientCertificatesFunction::Run() {
*params->details.client_certs) {
if (client_cert_der.empty())
return RespondNow(Error(platform_keys::kErrorInvalidX509Cert));
+ // Allow UTF-8 inside PrintableStrings in client certificates. See
+ // crbug.com/770323 and crbug.com/788655.
+ net::X509Certificate::UnsafeCreateOptions options;
+ options.printable_string_is_utf8 = true;
scoped_refptr<net::X509Certificate> client_cert_x509 =
- net::X509Certificate::CreateFromBytes(client_cert_der.data(),
- client_cert_der.size());
+ net::X509Certificate::CreateFromBytesUnsafeOptions(
+ client_cert_der.data(), client_cert_der.size(), options);
if (!client_cert_x509)
return RespondNow(Error(platform_keys::kErrorInvalidX509Cert));
client_certs->push_back(client_cert_x509);
View Lorry Controller Status