rust: bssl-x509: Stop reporting partially constructed cert chain ... after a failed certificate verifiction. The reason is that returning a partial chain from a failed verification attempt does not seem to provide a lot of value for the application. Signed-off-by: Xiangfei Ding <xfding@google.com> Change-Id: Ib051a753e3e1bff6bda9e361e4adf2b26a6a6964 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/93427 Reviewed-by: Adam Langley <agl@google.com> Presubmit-BoringSSL-Verified: boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
diff --git a/rust/bssl-x509/src/verify.rs b/rust/bssl-x509/src/verify.rs index c8ea2cb..8075874 100644 --- a/rust/bssl-x509/src/verify.rs +++ b/rust/bssl-x509/src/verify.rs
@@ -119,11 +119,11 @@ /// Returns `Ok(())` if verification succeeds. /// Returns `Err(X509VerifyResult)` if verification fails. pub fn verify(&mut self) -> Result<(), X509VerifyResult> { - self.verified = true; if unsafe { // Safety: `self.0` is valid. The context must have been initialized. bssl_sys::X509_verify_cert(self.ptr()) == 1 } { + self.verified = true; Ok(()) } else { Err(self.get_error()) @@ -138,12 +138,12 @@ X509VerifyResult::try_from(error_code as i32).unwrap_or(X509VerifyResult::Unspecified) } - /// Returns the verified certificate chain. + /// Return a possibly valid certificate chain. /// - /// The first certificate will be the leaf certificate and the last certificate will be one of - /// the trust anchor. + /// The first certificate will be the leaf certificate and the last certificate should be one of + /// the trusted certificate authorities, if the method returns `Some(chain)`. /// - /// This method returns [`None`] if [`Self::verify`] has not been called. + /// This method also returns [`None`] if [`Self::verify`] has not been successfully completed. pub fn chain(&self) -> Option<Vec<X509Certificate>> { if !self.verified { return None;