Index: net/base/x509_certificate_ios.cc |
diff --git a/net/base/x509_certificate_ios.cc b/net/base/x509_certificate_ios.cc |
index 0286203ebb41aa255278c2ca85e87e8c38325707..5e5cc15140d45899fb4f253c1086f372cc8ea04b 100644 |
--- a/net/base/x509_certificate_ios.cc |
+++ b/net/base/x509_certificate_ios.cc |
@@ -69,6 +69,21 @@ void X509Certificate::Initialize() { |
ca_fingerprint_ = CalculateCAFingerprint(intermediate_ca_certs_); |
} |
+bool X509Certificate::IsIssuedByEncoded( |
+ const std::vector<std::string>& valid_issuers) { |
+ if (x509_util::IsCertNameItemInIssuerList(&cert_handle_->derIssuer, |
+ valid_issuers)) |
Ryan Sleevi
2012/12/13 19:49:05
It's a shame to have to reparse the CERTName here
digit1
2012/12/14 17:54:33
I know, but cert_handle->issuer is a CertPrincipal
Ryan Sleevi
2012/12/14 18:16:42
cert_handle->issuer is a CERTName, which is the ca
digit1
2012/12/18 16:19:24
Thank you so much for this, I've implemented this
|
+ return true; |
+ |
+ for (OSCertHandles::iterator it = intermediate_ca_certs_.begin(); |
+ it != intermediate_ca_certs_.end(); ++it) { |
+ if (x509_util::IsCertNameItemInIssuerList(&(*it)->derSubject, |
+ valid_issuers)) |
+ return true; |
Ryan Sleevi
2012/12/13 19:49:05
BUG: Rather then checking the subject, you should
digit1
2012/12/14 17:54:33
That makes sense, I'll fix all checks.
|
+ } |
+ return false; |
+} |
+ |
// static |
X509Certificate* X509Certificate::CreateSelfSigned( |
crypto::RSAPrivateKey* key, |