Index: net/base/x509_certificate_mac.cc |
diff --git a/net/base/x509_certificate_mac.cc b/net/base/x509_certificate_mac.cc |
index 709b2cd4b6835c01fc7bab2ae71d7ba765351c25..dee8ca26f6ab930fdae4a0f69c60c4629dae206b 100644 |
--- a/net/base/x509_certificate_mac.cc |
+++ b/net/base/x509_certificate_mac.cc |
@@ -18,6 +18,7 @@ |
#include "base/memory/singleton.h" |
#include "base/pickle.h" |
#include "base/sha1.h" |
+#include "base/string_piece.h" |
#include "base/synchronization/lock.h" |
#include "base/sys_string_conversions.h" |
#include "crypto/cssm_init.h" |
@@ -46,6 +47,32 @@ void GetCertDistinguishedName( |
distinguished_name.field()->Length); |
} |
+bool IsCertDistinguishedNameInList( |
+ OSCertHandle* cert, |
+ const CSSM_OID* oid, |
+ const std::vector<std::string>& valid_issuers) { |
+ x509_util::CSSCachedCertificate cached_cert; |
+ if (cached_cert.Init(cert_handle) != CSSM_OK) |
+ return false; |
+ |
+ OSStatus status = cached_cert.GetField(oid, &distinguished_name); |
+ if (status || !distinguished_name.field()) |
+ return false; |
+ |
+ base::StringPiece name_piece( |
+ distinguished_name.field()->Data, |
+ distinguished_name.field()->Length); |
+ |
+ for (std::vector<std::string>::const_iterator it = issuers.begin(); |
+ it != issuers.end(); ++it) { |
+ base::StringPiece issuer_piece(*it); |
+ if (name_piece == issuer_piece) |
+ return true; |
+ } |
+ |
+ return false; |
+} |
+ |
void GetCertDateForOID(const x509_util::CSSMCachedCertificate& cached_cert, |
const CSSM_OID* oid, |
Time* result) { |
@@ -333,6 +360,23 @@ void X509Certificate::Initialize() { |
ca_fingerprint_ = CalculateCAFingerprint(intermediate_ca_certs_); |
} |
+bool X509Certificate::IsIssuedByEncoded( |
+ const std::vector<std::string>& valid_issuers) { |
+ { |
+ if (IsCertDistinguishedNameInList(cert_handle_, |
+ &CSSMOID_X509V1IssuerNameStd, |
+ valid_issuers)) |
Ryan Sleevi
2012/12/13 19:49:05
STYLE: multi-line conditionals should have braces
digit1
2012/12/14 17:54:33
Done.
|
+ return true; |
+ |
+ for (OSCertHandles::iterator it = intermediate_ca_certs_.begin(); |
+ it != intermediate_ca_certs_.end(); ++it) { |
+ if (IsCertDistinguishedNameInList(*it, &CSSMOID_X509V1SubjectNameStd, |
+ valid_issuers)) |
+ return true; |
+ } |
+ return false; |
+} |
+ |
// static |
X509Certificate* X509Certificate::CreateSelfSigned( |
crypto::RSAPrivateKey* key, |