| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/trust_store.h" | 5 #include "net/cert/internal/trust_store.h" |
| 6 | 6 |
| 7 namespace net { | 7 namespace net { |
| 8 | 8 |
| 9 scoped_refptr<TrustAnchor> TrustAnchor::CreateFromCertificateNoConstraints( | 9 CertificateTrust CertificateTrust::ForTrustAnchor() { |
| 10 scoped_refptr<ParsedCertificate> cert) { | 10 CertificateTrust result; |
| 11 return scoped_refptr<TrustAnchor>(new TrustAnchor(std::move(cert), false)); | 11 result.type = CertificateTrustType::TRUSTED_ANCHOR; |
| 12 return result; |
| 12 } | 13 } |
| 13 | 14 |
| 14 scoped_refptr<TrustAnchor> TrustAnchor::CreateFromCertificateWithConstraints( | 15 CertificateTrust CertificateTrust::ForTrustAnchorEnforcingConstraints() { |
| 15 scoped_refptr<ParsedCertificate> cert) { | 16 CertificateTrust result; |
| 16 return scoped_refptr<TrustAnchor>(new TrustAnchor(std::move(cert), true)); | 17 result.type = CertificateTrustType::TRUSTED_ANCHOR_WITH_CONSTRAINTS; |
| 18 return result; |
| 17 } | 19 } |
| 18 | 20 |
| 19 der::Input TrustAnchor::spki() const { | 21 CertificateTrust CertificateTrust::ForUnspecified() { |
| 20 return cert_->tbs().spki_tlv; | 22 CertificateTrust result; |
| 23 result.type = CertificateTrustType::UNSPECIFIED; |
| 24 return result; |
| 21 } | 25 } |
| 22 | 26 |
| 23 der::Input TrustAnchor::normalized_subject() const { | 27 CertificateTrust CertificateTrust::ForDistrusted() { |
| 24 return cert_->normalized_subject(); | 28 CertificateTrust result; |
| 29 result.type = CertificateTrustType::DISTRUSTED; |
| 30 return result; |
| 25 } | 31 } |
| 26 | 32 |
| 27 const scoped_refptr<ParsedCertificate>& TrustAnchor::cert() const { | 33 bool CertificateTrust::IsTrustAnchor() const { |
| 28 return cert_; | 34 switch (type) { |
| 35 case CertificateTrustType::DISTRUSTED: |
| 36 case CertificateTrustType::UNSPECIFIED: |
| 37 return false; |
| 38 case CertificateTrustType::TRUSTED_ANCHOR: |
| 39 case CertificateTrustType::TRUSTED_ANCHOR_WITH_CONSTRAINTS: |
| 40 return true; |
| 41 } |
| 42 |
| 43 NOTREACHED(); |
| 44 return false; |
| 29 } | 45 } |
| 30 | 46 |
| 31 TrustAnchor::TrustAnchor(scoped_refptr<ParsedCertificate> cert, | 47 bool CertificateTrust::IsDistrusted() const { |
| 32 bool enforces_constraints) | 48 switch (type) { |
| 33 : cert_(std::move(cert)), enforces_constraints_(enforces_constraints) { | 49 case CertificateTrustType::DISTRUSTED: |
| 34 DCHECK(cert_); | 50 return true; |
| 51 case CertificateTrustType::UNSPECIFIED: |
| 52 case CertificateTrustType::TRUSTED_ANCHOR: |
| 53 case CertificateTrustType::TRUSTED_ANCHOR_WITH_CONSTRAINTS: |
| 54 return false; |
| 55 } |
| 56 |
| 57 NOTREACHED(); |
| 58 return false; |
| 35 } | 59 } |
| 36 | 60 |
| 37 TrustAnchor::~TrustAnchor() = default; | 61 bool CertificateTrust::HasUnspecifiedTrust() const { |
| 62 switch (type) { |
| 63 case CertificateTrustType::UNSPECIFIED: |
| 64 return true; |
| 65 case CertificateTrustType::DISTRUSTED: |
| 66 case CertificateTrustType::TRUSTED_ANCHOR: |
| 67 case CertificateTrustType::TRUSTED_ANCHOR_WITH_CONSTRAINTS: |
| 68 return false; |
| 69 } |
| 70 |
| 71 NOTREACHED(); |
| 72 return true; |
| 73 } |
| 38 | 74 |
| 39 TrustStore::TrustStore() = default; | 75 TrustStore::TrustStore() = default; |
| 40 TrustStore::~TrustStore() = default; | 76 |
| 77 void TrustStore::AsyncGetIssuersOf(const ParsedCertificate* cert, |
| 78 std::unique_ptr<Request>* out_req) { |
| 79 out_req->reset(); |
| 80 } |
| 41 | 81 |
| 42 } // namespace net | 82 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2832703002:
Allow the TrustStore interface to return matching intermediates, and identify distrusted certs. (Closed)
