Bug 945349 - CertVerifier should check early for bad usages. r=briansmith

security/manager/ssl/src/CertVerifier.cpp

@@ -138,6 +138,21 @@ CertVerifier::VerifyCert(CERTCertificate * cert,
     *evOidPolicy = SEC_OID_UNKNOWN;
   }
 
+  switch(usage){
+    case certificateUsageSSLClient:
+    case certificateUsageSSLServer:
+    case certificateUsageSSLCA:
+    case certificateUsageEmailSigner:
+    case certificateUsageEmailRecipient:
+    case certificateUsageObjectSigner:
+    case certificateUsageStatusResponder:
+      break;
+    default:
+      NS_WARNING("Calling VerifyCert with invalid usage");
+      PORT_SetError(SEC_ERROR_INVALID_ARGS);
+      return SECFailure;
+  }
+
   ScopedCERTCertList trustAnchors;
   SECStatus rv;
   SECOidTag evPolicy = SEC_OID_UNKNOWN;

security/manager/ssl/src/CertVerifier.h

@@ -25,6 +25,7 @@ public:
   // XXX: The localonly flag is ignored in the classic verification case
 
   // *evOidPolicy == SEC_OID_UNKNOWN means the cert is NOT EV
+  // Only one usage per verification is supported.
   SECStatus VerifyCert(CERTCertificate * cert,
                        const SECCertificateUsage usage,
                        const PRTime time,