net/base/x509_certificate_mac.cc - Issue 11579002: Add X509Certificate::IsIssuedByEncoded()

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/base/x509_certificate_mac.cc

Issue 11579002: Add X509Certificate::IsIssuedByEncoded() (Closed) Base URL: http://git.chromium.org/chromium/src.git@master

Patch Set: fix bad indent Created 7 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/base/x509_certificate_mac.cc

diff --git a/net/base/x509_certificate_mac.cc b/net/base/x509_certificate_mac.cc

index 709b2cd4b6835c01fc7bab2ae71d7ba765351c25..f4aaf924b0cc979783c3f16e3c628d19522a3af3 100644

--- a/net/base/x509_certificate_mac.cc

+++ b/net/base/x509_certificate_mac.cc

@@ -18,6 +18,7 @@

#include "base/memory/singleton.h"

#include "base/pickle.h"

#include "base/sha1.h"

+#include "base/string_piece.h"

#include "base/synchronization/lock.h"

#include "base/sys_string_conversions.h"

#include "crypto/cssm_init.h"

@@ -46,6 +47,32 @@ void GetCertDistinguishedName(

distinguished_name.field()->Length);

}

+bool IsCertIssuerInEncodedList(X509Certificate::OSCertHandle cert_handle,

+ const std::vector<std::string>& issuers) {

+ x509_util::CSSMCachedCertificate cached_cert;

+ if (cached_cert.Init(cert_handle) != CSSM_OK)

+ return false;

+ x509_util::CSSMFieldValue distinguished_name;

+ OSStatus status = cached_cert.GetField(&CSSMOID_X509V1IssuerNameStd,

+ &distinguished_name);

+ if (status || !distinguished_name.field())

+ return false;

+ base::StringPiece name_piece(

+ reinterpret_cast<const char*>(distinguished_name.field()->Data),

+ static_cast<size_t>(distinguished_name.field()->Length));

+ for (std::vector<std::string>::const_iterator it = issuers.begin();

+ it != issuers.end(); ++it) {

+ base::StringPiece issuer_piece(*it);

+ if (name_piece == issuer_piece)

+ return true;

+ }

+ return false;

void GetCertDateForOID(const x509_util::CSSMCachedCertificate& cached_cert,

const CSSM_OID* oid,

Time* result) {

@@ -333,6 +360,19 @@ void X509Certificate::Initialize() {

ca_fingerprint_ = CalculateCAFingerprint(intermediate_ca_certs_);

}

+bool X509Certificate::IsIssuedByEncoded(

+ const std::vector<std::string>& valid_issuers) {

+ if (IsCertIssuerInEncodedList(cert_handle_, valid_issuers))

+ return true;

+ for (OSCertHandles::iterator it = intermediate_ca_certs_.begin();

+ it != intermediate_ca_certs_.end(); ++it) {

+ if (IsCertIssuerInEncodedList(*it, valid_issuers))

+ return true;

+ }

+ return false;

// static

X509Certificate* X509Certificate::CreateSelfSigned(

crypto::RSAPrivateKey* key,

« net/base/test_certificate_data.h ('K') | « net/base/x509_certificate_ios.cc ('k') | net/base/x509_certificate_nss.cc » ('j') | net/base/x509_certificate_unittest.cc » ('J')