Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(923)

Unified Diff: net/base/x509_util_nss.h

Issue 11579002: Add X509Certificate::IsIssuedByEncoded() (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: add X509CertificateTest.IsIssuedByEncoded unit test Created 7 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/base/x509_util_nss.h
diff --git a/net/base/x509_util_nss.h b/net/base/x509_util_nss.h
index f00c4abbf3d90f4bf06bce9d75bee61db975737a..f40c503b2efcadfbdff0a1dd79c1317027c5c79b 100644
--- a/net/base/x509_util_nss.h
+++ b/net/base/x509_util_nss.h
@@ -15,6 +15,7 @@ class PickleIterator;
typedef struct CERTCertificateStr CERTCertificate;
typedef struct CERTNameStr CERTName;
+typedef struct PLArenaPool PLArenaPool;
typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey;
typedef struct SECItemStr SECItem;
typedef struct SECKEYPublicKeyStr SECKEYPublicKey;
@@ -70,6 +71,27 @@ X509Certificate::OSCertHandle ReadOSCertHandleFromPickle(
void GetPublicKeyInfo(CERTCertificate* handle,
size_t* size_bits,
X509Certificate::PublicKeyType* type);
+
+// Create a list of CERTName objects from a list of DER-encoded X.509
+// DistinguishedName items. All objects are created in a given arena.
+// |encoded_issuers| is the list of encoded DNs.
+// |arena| is the arena used for all allocations.
+// |out| will receive the result list on success.
+// Return true on success. On failure, the caller must free the
+// intermediate CERTName objects pushed to |out|.
+bool GetIssuersFromEncodedList(
+ const std::vector<std::string>& issuers,
+ PLArenaPool* arena,
+ std::vector<CERTName*>* out);
+
+// Returns true iff a certificate is issued by any of the issuers listed
+// by name in |valid_issuers|.
+// |cert_chain| is the certificate's chain.
+// |valid_issuers| is a list of strings, where each string contains
+// a DER-encoded X.509 Distinguished Name.
+bool IsCertificateIssuedBy(const std::vector<CERTCertificate*>& cert_chain,
+ const std::vector<CERTName*>& valid_issuers);
+
#endif // defined(USE_NSS) || defined(OS_IOS)
} // namespace x509_util

Powered by Google App Engine
This is Rietveld 408576698