Adding iOS OpenSSL Implementation

net/cert/test_root_certs_openssl_ios.cc

Index: net/cert/test_root_certs_openssl_ios.cc
diff --git a/net/cert/test_root_certs_mac.cc b/net/cert/test_root_certs_openssl_ios.cc
similarity index 55%
copy from net/cert/test_root_certs_mac.cc
copy to net/cert/test_root_certs_openssl_ios.cc
index 87824d4c9ed19dd67177903c6ae69f6961b9480f..40d8407845621b9706bab8a5759992f6039dbc43 100644
--- a/net/cert/test_root_certs_mac.cc
+++ b/net/cert/test_root_certs_openssl_ios.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Copyright (c) 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -7,7 +7,6 @@
 #include <Security/Security.h>
 
 #include "base/logging.h"
-#include "base/mac/mac_util.h"
 #include "base/mac/scoped_cftyperef.h"
 #include "net/cert/x509_certificate.h"
 
@@ -39,11 +38,11 @@ void ReleaseWrapper(CFAllocatorRef unused, const void* value) {
 // rather than checking if they were the same (logical) certificate, so a
 // custom structure is used for the array callbacks.
 const CFArrayCallBacks kCertArrayCallbacks = {
-  0,  // version
-  RetainWrapper,
-  ReleaseWrapper,
-  CFCopyDescription,
-  OurSecCertificateEqual,
+    0,  // version
+    RetainWrapper,
+    ReleaseWrapper,
+    CFCopyDescription,
+    OurSecCertificateEqual,
 };
 
 }  // namespace
@@ -69,37 +68,10 @@ OSStatus TestRootCerts::FixupSecTrustRef(SecTrustRef trust_ref) const {
   if (IsEmpty())
     return noErr;
 
-  // Despite SecTrustSetAnchorCertificatesOnly existing in OS X 10.6, and
-  // being documented as available, it is not actually implemented. On 10.7+,
-  // however, it always works.
-  if (base::mac::IsOSLionOrLater()) {
-    OSStatus status = SecTrustSetAnchorCertificates(trust_ref,
-                                                    temporary_roots_);
-    if (status)
-      return status;
-    return SecTrustSetAnchorCertificatesOnly(trust_ref, !allow_system_trust_);
-  }
-
-  if (!allow_system_trust_) {
-    // Avoid any copying if system roots are not to be trusted. This acts as
-    // an exclusive list on 10.6, replacing the built-ins.
-    return SecTrustSetAnchorCertificates(trust_ref, temporary_roots_);
-  }
-
-  // Otherwise, both system trust and temporary_roots_ must be trusted.
-  // Emulate the functionality of SecTrustSetAnchorCertificatesOnly by
-  // creating a copy of the system roots and merging with temporary_roots_.
-  CFArrayRef system_roots = NULL;
-  OSStatus status = SecTrustCopyAnchorCertificates(&system_roots);
+  OSStatus status = SecTrustSetAnchorCertificates(trust_ref, temporary_roots_);
   if (status)
     return status;
-
-  base::ScopedCFTypeRef<CFArrayRef> scoped_system_roots(system_roots);
-  base::ScopedCFTypeRef<CFMutableArrayRef> scoped_roots(
-      CFArrayCreateMutableCopy(kCFAllocatorDefault, 0, scoped_system_roots));
-  CFArrayAppendArray(scoped_roots, temporary_roots_,
-                     CFRangeMake(0, CFArrayGetCount(temporary_roots_)));
-  return SecTrustSetAnchorCertificates(trust_ref, scoped_roots);
+  return SecTrustSetAnchorCertificatesOnly(trust_ref, !allow_system_trust_);
 }
 
 void TestRootCerts::SetAllowSystemTrust(bool allow_system_trust) {
@@ -109,8 +81,8 @@ void TestRootCerts::SetAllowSystemTrust(bool allow_system_trust) {
 TestRootCerts::~TestRootCerts() {}
 
 void TestRootCerts::Init() {
-  temporary_roots_.reset(CFArrayCreateMutable(kCFAllocatorDefault, 0,
-                                              &kCertArrayCallbacks));
+  temporary_roots_.reset(
+      CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCertArrayCallbacks));
   allow_system_trust_ = true;
 }