Parse an application/x-x509-user-cert response with

net/base/x509_certificate.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/x509_certificate.h"
 
 #include <stdlib.h>
 
 #include <algorithm>
 #include <map>
@@ skipping 396 matching lines @@
     std::string decoded(pem_tok.data());
 
     OSCertHandle handle = NULL;
     if (format & FORMAT_PEM_CERT_SEQUENCE)
       handle = CreateOSCertHandleFromBytes(decoded.c_str(), decoded.size());
     if (handle != NULL) {
       // Parsed a DER encoded certificate. All PEM blocks that follow must
       // also be DER encoded certificates wrapped inside of PEM blocks.
       format = FORMAT_PEM_CERT_SEQUENCE;
       certificates.push_back(handle);
+      fprintf(stderr, "PEM: format %d\n", (int)format);
       continue;
     }
 
     // If the first block failed to parse as a DER certificate, and
     // formats other than PEM are acceptable, check to see if the decoded
     // data is one of the accepted formats.
     if (format & ~FORMAT_PEM_CERT_SEQUENCE) {
       for (size_t i = 0; certificates.empty() &&
            i < arraysize(kFormatDecodePriority); ++i) {
         if (format & kFormatDecodePriority[i]) {
           certificates = CreateOSCertHandlesFromBytes(decoded.c_str(),
               decoded.size(), kFormatDecodePriority[i]);
+          if (!certificates.empty())
+            fprintf(stderr, "PEM: format %d\n", (int)kFormatDecodePriority[i]);
         }
       }
     }
 
     // Stop parsing after the first block for any format but a sequence of
     // PEM-encoded DER certificates. The case of FORMAT_PEM_CERT_SEQUENCE
     // is handled above, and continues processing until a certificate fails
     // to parse.
     break;
   }
 
   // Try each of the formats, in order of parse preference, to see if |data|
   // contains the binary representation of a Format, if it failed to parse
   // as a PEM certificate/chain.
   for (size_t i = 0; certificates.empty() &&
        i < arraysize(kFormatDecodePriority); ++i) {
-    if (format & kFormatDecodePriority[i])
+    if (format & kFormatDecodePriority[i]) {
       certificates = CreateOSCertHandlesFromBytes(data, length,
                                                   kFormatDecodePriority[i]);
+      if (!certificates.empty())
+        fprintf(stderr, "Binary: format %d\n", (int)kFormatDecodePriority[i]);
+    }
   }
 
   CertificateList results;
   // No certificates parsed.
   if (certificates.empty())
     return results;
 
   for (OSCertHandles::iterator it = certificates.begin();
        it != certificates.end(); ++it) {
     X509Certificate* result = CreateFromHandle(*it, OSCertHandles());
     results.push_back(scoped_refptr<X509Certificate>(result));
     FreeOSCertHandle(*it);
+    fprintf(stderr, "Certificate: %s issued by %s\n",
+            result->subject().common_name.c_str(),
+            result->issuer().common_name.c_str());
   }
 
   return results;
 }
 
 void X509Certificate::Persist(Pickle* pickle) {
   DCHECK(cert_handle_);
   // This would be an absolutely insane number of intermediates.
   if (intermediate_ca_certs_.size() > static_cast<size_t>(INT_MAX) - 1) {
     NOTREACHED();
@@ skipping 222 matching lines @@
     RemoveFromCache(cert_handle_);
     FreeOSCertHandle(cert_handle_);
   }
   for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) {
     RemoveFromCache(intermediate_ca_certs_[i]);
     FreeOSCertHandle(intermediate_ca_certs_[i]);
   }
 }
 
 }  // namespace net