| Index: net/tools/cert_verify_tool/verify_using_path_builder.cc
|
| diff --git a/net/tools/cert_verify_tool/verify_using_path_builder.cc b/net/tools/cert_verify_tool/verify_using_path_builder.cc
|
| index 45dec38f3e158978ad0f4bed05a5c0dec0d65807..53c11adeca6fef081bc3f6f8bdd668248142dd16 100644
|
| --- a/net/tools/cert_verify_tool/verify_using_path_builder.cc
|
| +++ b/net/tools/cert_verify_tool/verify_using_path_builder.cc
|
| @@ -74,12 +74,6 @@ bool DumpParsedCertificateChain(const base::FilePath& file_path,
|
| return false;
|
| }
|
|
|
| - if (chain.trust_anchor && chain.trust_anchor->cert()) {
|
| - if (!AddPemEncodedCert(chain.trust_anchor->cert().get(),
|
| - &pem_encoded_chain))
|
| - return false;
|
| - }
|
| -
|
| return WriteToFile(file_path, base::JoinString(pem_encoded_chain, ""));
|
| }
|
|
|
| @@ -104,19 +98,6 @@ std::string SubjectFromParsedCertificate(const net::ParsedCertificate* cert) {
|
| return SubjectToString(parsed_subject);
|
| }
|
|
|
| -// Returns a textual representation of the Subject of |trust_anchor|.
|
| -std::string SubjectFromTrustAnchor(const net::TrustAnchor* trust_anchor) {
|
| - // If the cert is present, display the original subject from that rather than
|
| - // the normalized subject.
|
| - if (trust_anchor->cert())
|
| - return SubjectFromParsedCertificate(trust_anchor->cert().get());
|
| -
|
| - net::RDNSequence parsed_subject;
|
| - if (!net::ParseNameValue(trust_anchor->normalized_subject(), &parsed_subject))
|
| - return std::string();
|
| - return SubjectToString(parsed_subject);
|
| -}
|
| -
|
| // Dumps a ResultPath to std::cout.
|
| void PrintResultPath(const net::CertPathBuilder::ResultPath* result_path,
|
| size_t index,
|
| @@ -131,18 +112,6 @@ void PrintResultPath(const net::CertPathBuilder::ResultPath* result_path,
|
| << SubjectFromParsedCertificate(cert.get()) << "\n";
|
| }
|
|
|
| - // Print the trust anchor (if there was one).
|
| - const auto& trust_anchor = result_path->path.trust_anchor;
|
| - if (trust_anchor) {
|
| - std::string trust_anchor_cert_fingerprint = "<no cert>";
|
| - if (trust_anchor->cert()) {
|
| - trust_anchor_cert_fingerprint =
|
| - FingerPrintParsedCertificate(trust_anchor->cert().get());
|
| - }
|
| - std::cout << " " << trust_anchor_cert_fingerprint << " "
|
| - << SubjectFromTrustAnchor(trust_anchor.get()) << "\n";
|
| - }
|
| -
|
| // Print the errors/warnings if there were any.
|
| std::string errors_str =
|
| result_path->errors.ToDebugString(result_path->path.certs);
|
| @@ -215,8 +184,7 @@ bool VerifyUsingPathBuilder(
|
| for (const auto& der_cert : root_der_certs) {
|
| scoped_refptr<net::ParsedCertificate> cert = ParseCertificate(der_cert);
|
| if (cert) {
|
| - ssl_trust_store->AddTrustAnchor(
|
| - net::TrustAnchor::CreateFromCertificateNoConstraints(cert));
|
| + ssl_trust_store->AddTrustAnchor(cert);
|
| }
|
| }
|
|
|
| @@ -244,9 +212,6 @@ bool VerifyUsingPathBuilder(
|
| net::KeyPurpose::SERVER_AUTH, &result);
|
| path_builder.AddCertIssuerSource(&intermediate_cert_issuer_source);
|
|
|
| - if (ssl_trust_store->GetCertIssuerSource())
|
| - path_builder.AddCertIssuerSource(ssl_trust_store->GetCertIssuerSource());
|
| -
|
| // Create a network thread to be used for AIA fetches, and wait for a
|
| // CertNetFetcher to be constructed on that thread.
|
| base::Thread::Options options(base::MessageLoop::TYPE_IO, 0);
|
|
|
Chromium Code Reviews
Issue 2832703002:
Allow the TrustStore interface to return matching intermediates, and identify distrusted certs. (Closed)
