OLD | NEW |
| (Empty) |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "net/cert/internal/trust_store.h" | |
6 | |
7 namespace net { | |
8 | |
9 TrustStore::TrustStore() {} | |
10 TrustStore::~TrustStore() {} | |
11 | |
12 void TrustStore::Clear() { | |
13 anchors_.clear(); | |
14 } | |
15 | |
16 void TrustStore::AddTrustedCertificate( | |
17 scoped_refptr<ParsedCertificate> anchor) { | |
18 // TODO(mattm): should this check for duplicate certs? | |
19 anchors_.insert(std::make_pair(anchor->normalized_subject().AsStringPiece(), | |
20 std::move(anchor))); | |
21 } | |
22 | |
23 void TrustStore::FindTrustAnchorsByNormalizedName( | |
24 const der::Input& normalized_name, | |
25 ParsedCertificateList* matches) const { | |
26 auto range = anchors_.equal_range(normalized_name.AsStringPiece()); | |
27 for (auto it = range.first; it != range.second; ++it) | |
28 matches->push_back(it->second); | |
29 } | |
30 | |
31 bool TrustStore::IsTrustedCertificate(const ParsedCertificate* cert) const { | |
32 auto range = anchors_.equal_range(cert->normalized_subject().AsStringPiece()); | |
33 for (auto it = range.first; it != range.second; ++it) { | |
34 // First compare the ParsedCertificate pointers as an optimization. | |
35 if (it->second == cert || | |
36 // Trust check is based on Name+SPKI match. This could match the same | |
37 // certificate stored in a different ParsedCertificate object, or a | |
38 // different cert that has the same Name+SPKI. | |
39 (it->second->normalized_subject() == cert->normalized_subject() && | |
40 it->second->tbs().spki_tlv == cert->tbs().spki_tlv)) | |
41 return true; | |
42 } | |
43 return false; | |
44 } | |
45 | |
46 } // namespace net | |
OLD | NEW |