Bug 418958, Enable Go Daddy root CA certificates for EV use r=rrelyea, a1.9b4=beltzner

This commit is contained in:
kaie@kuix.de 2008-02-28 10:00:57 -08:00
parent 477f888852
commit dde03743df

View File

@ -79,6 +79,38 @@ struct nsMyTrustedEVInfo
};
static struct nsMyTrustedEVInfo myTrustedEVInfos[] = {
{
"2.16.840.1.114413.1.7.23.3",
"Go Daddy EV OID a",
SEC_OID_UNKNOWN,
"OU=Go Daddy Class 2 Certification Authority,O=\"The Go Daddy Group, Inc.\",C=US",
"OU=Go Daddy Class 2 Certification Authority,O=\"The Go Daddy Group, Inc.\",C=US",
"27:96:BA:E6:3F:18:01:E2:77:26:1B:A0:D7:77:70:02:8F:20:EE:E4",
},
{
"2.16.840.1.114413.1.7.23.3",
"Go Daddy EV OID a",
SEC_OID_UNKNOWN,
"E=info@valicert.com,CN=http://www.valicert.com/,OU=ValiCert Class 2 Policy Validation Authority,O=\"ValiCert, Inc.\",L=ValiCert Validation Network",
"E=info@valicert.com,CN=http://www.valicert.com/,OU=ValiCert Class 2 Policy Validation Authority,O=\"ValiCert, Inc.\",L=ValiCert Validation Network",
"31:7A:2A:D0:7F:2B:33:5E:F5:A1:C3:4E:4B:57:E8:B7:D8:F1:FC:A6",
},
{
"2.16.840.1.114414.1.7.23.3",
"Go Daddy EV OID b",
SEC_OID_UNKNOWN,
"E=info@valicert.com,CN=http://www.valicert.com/,OU=ValiCert Class 2 Policy Validation Authority,O=\"ValiCert, Inc.\",L=ValiCert Validation Network",
"E=info@valicert.com,CN=http://www.valicert.com/,OU=ValiCert Class 2 Policy Validation Authority,O=\"ValiCert, Inc.\",L=ValiCert Validation Network",
"31:7A:2A:D0:7F:2B:33:5E:F5:A1:C3:4E:4B:57:E8:B7:D8:F1:FC:A6",
},
{
"2.16.840.1.114414.1.7.23.3",
"Go Daddy EV OID b",
SEC_OID_UNKNOWN,
"OU=Starfield Class 2 Certification Authority,O=\"Starfield Technologies, Inc.\",C=US",
"OU=Starfield Class 2 Certification Authority,O=\"Starfield Technologies, Inc.\",C=US",
"AD:7E:1C:28:B0:64:EF:8F:60:03:40:20:14:C3:D0:E3:37:0E:B5:8A",
},
{
"2.16.840.1.114412.2.1",
"DigiCert EV OID",
@ -626,6 +658,9 @@ nsNSSCertificate::hasValidEVOidTag(SECOidTag &resultOidTag, PRBool &validEV)
CERTCertificate *issuerCert = cvout[0].value.pointer.cert;
CERTCertificateCleaner issuerCleaner(issuerCert);
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("CERT_PKIXVerifyCert returned success, issuer: %s\n",
issuerCert->subjectName));
validEV = isApprovedForEV(oid_tag, issuerCert);
if (validEV)
resultOidTag = oid_tag;