projects / platform / upstream / dotnet / runtime.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6aac613) | patch
Handle CriticalExtensions and WeakSignature on 509Chain for macOS (#35548)
authorKevin Jones <kevin@vcsjones.com>
Tue, 28 Apr 2020 14:19:00 +0000 (10:19 -0400)
committerGitHub <noreply@github.com>
Tue, 28 Apr 2020 14:19:00 +0000 (07:19 -0700)
commite301ec16723437561c84f7b9a8c773def67b81fd
tree2435f9f9fa00c1ba1ed8371842c2cd45095decdetree | snapshot
parent6aac6134afa809eb01ee8ebe4b90ac051d20adb3commit | diff
Handle CriticalExtensions and WeakSignature on 509Chain for macOS (#35548)

* Support unknown critical extensions on macOS.

If a certificate contains an unprocessable critical extension
in a certificate, map the "CriticalExtensions" status to
HasNotSupportedCriticalExtension instead of throwing an exception.

* Ignore WeakSignature chain status on macOS.

X509Chain on Windows will not check for modern signatures, so we
will let macOS do the same thing.
src/libraries/Native/Unix/System.Security.Cryptography.Native.Apple/pal_x509chain.c diff | blob | history
src/libraries/System.Security.Cryptography.X509Certificates/tests/ChainTests.cs diff | blob | history
src/libraries/System.Security.Cryptography.X509Certificates/tests/DynamicChainTests.cs diff | blob | history
Domain: Dotnet / Core;