Index: net/base/x509_certificate_win.cc |
diff --git a/net/base/x509_certificate_win.cc b/net/base/x509_certificate_win.cc |
index 26ebb57a16347e3dc8c2dc7d1f79c704294f0b29..c1cac2023885caf7bda994fa2ecaa02f1b71db18 100644 |
--- a/net/base/x509_certificate_win.cc |
+++ b/net/base/x509_certificate_win.cc |
@@ -122,6 +122,25 @@ X509Certificate::OSCertHandles ParsePKCS7(const char* data, size_t length) { |
return results; |
} |
+// Given a CERT_NAME_BLOB, returns true if it appears in a given list, |
+// formatted as a vector of strings holding DER-encoded X.509 |
+// DistinguishedName entries. |
+bool IsCertNameBlobInIssuerList(CERT_NAME_BLOB* name_blob, |
+ const std::vector<std::string>& issuer_names) { |
Ryan Sleevi
2012/12/13 19:49:05
STYLE: Indenting is wrong
bool IsCertNameBlobInIs
digit1
2012/12/14 17:54:33
Done.
|
+ for (std::vector<std::string>::const_iterator it = issuer_names.begin(); |
+ it != issuer_names.end(); ++it) { |
+ CERT_NAME_BLOB issuer_blob; |
+ issuer_blob.pbData = reinterpret_cast<BYTE*>(it->data()); |
+ issuer_blob.cbData = static_cast<DWORD>(it->length()); |
+ |
+ BOOL rb = CertCompareCertificateName( |
+ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, &issuer_blob, name_blob); |
+ if (rb) |
+ return true; |
+ } |
+ return false; |
+} |
+ |
} // namespace |
void X509Certificate::Initialize() { |
@@ -462,4 +481,25 @@ void X509Certificate::GetPublicKeyInfo(OSCertHandle cert_handle, |
} |
} |
+bool X509Certificate::IsIssuedByEncoded( |
+ const std::vector<std::string>& valid_issuers) { |
+ |
+ // If the certificate's issuer in the list? |
+ if (IsCertNameBlobInIssuerList( |
+ &cert_handle_->pCertInfo->Issuer, |
+ valid_issuers)) |
Ryan Sleevi
2012/12/13 19:49:05
STYLE: Indenting is messy here
if (IsCertNameBlob
digit1
2012/12/14 17:54:33
Done.
|
+ return true; |
+ |
+ // Otherwise, is any of the intermediate CA subjects in the list? |
+ for (OSCertHandles::iterator it = intermediate_ca_certs_.begin(); |
+ it != intermediate_ca_certs_.end(); ++it) { |
+ if (IsCertNameBlobInIssuerList( |
+ &it->pCertInfo->Subject, |
+ valid_issuers)) |
+ return true; |
+ } |
+ |
+ return false; |
+} |
+ |
} // namespace net |