Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(145)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/base/x509_certificate_win.cc

Issue 11579002: Add X509Certificate::IsIssuedByEncoded() (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: Add missing base files (damn you git cl upload) Created 8 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/base/x509_certificate_openssl.cc ('K') | « net/base/x509_certificate_openssl.cc ('k') | net/base/x509_util_nss.h » ('j') | net/base/x509_util_nss.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/base/x509_certificate_win.cc
diff --git a/net/base/x509_certificate_win.cc b/net/base/x509_certificate_win.cc
index 26ebb57a16347e3dc8c2dc7d1f79c704294f0b29..c1cac2023885caf7bda994fa2ecaa02f1b71db18 100644
--- a/net/base/x509_certificate_win.cc
+++ b/net/base/x509_certificate_win.cc
@@ -122,6 +122,25 @@ X509Certificate::OSCertHandles ParsePKCS7(const char* data, size_t length) {
return results;
}
+// Given a CERT_NAME_BLOB, returns true if it appears in a given list,
+// formatted as a vector of strings holding DER-encoded X.509
+// DistinguishedName entries.
+bool IsCertNameBlobInIssuerList(CERT_NAME_BLOB* name_blob,
+ const std::vector<std::string>& issuer_names) {
Ryan Sleevi 2012/12/13 19:49:05 STYLE: Indenting is wrong bool IsCertNameBlobInIs
digit1 2012/12/14 17:54:33 Done.
+ for (std::vector<std::string>::const_iterator it = issuer_names.begin();
+ it != issuer_names.end(); ++it) {
+ CERT_NAME_BLOB issuer_blob;
+ issuer_blob.pbData = reinterpret_cast<BYTE*>(it->data());
+ issuer_blob.cbData = static_cast<DWORD>(it->length());
+
+ BOOL rb = CertCompareCertificateName(
+ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, &issuer_blob, name_blob);
+ if (rb)
+ return true;
+ }
+ return false;
+}
+
} // namespace
void X509Certificate::Initialize() {
@@ -462,4 +481,25 @@ void X509Certificate::GetPublicKeyInfo(OSCertHandle cert_handle,
}
}
+bool X509Certificate::IsIssuedByEncoded(
+ const std::vector<std::string>& valid_issuers) {
+
+ // If the certificate's issuer in the list?
+ if (IsCertNameBlobInIssuerList(
+ &cert_handle_->pCertInfo->Issuer,
+ valid_issuers))
Ryan Sleevi 2012/12/13 19:49:05 STYLE: Indenting is messy here if (IsCertNameBlob
digit1 2012/12/14 17:54:33 Done.
+ return true;
+
+ // Otherwise, is any of the intermediate CA subjects in the list?
+ for (OSCertHandles::iterator it = intermediate_ca_certs_.begin();
+ it != intermediate_ca_certs_.end(); ++it) {
+ if (IsCertNameBlobInIssuerList(
+ &it->pCertInfo->Subject,
+ valid_issuers))
+ return true;
+ }
+
+ return false;
+}
+
} // namespace net
« net/base/x509_certificate_openssl.cc ('K') | « net/base/x509_certificate_openssl.cc ('k') | net/base/x509_util_nss.h » ('j') | net/base/x509_util_nss.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698