| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/path_builder.h" | 5 #include "net/cert/internal/path_builder.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <unordered_set> | 8 #include <unordered_set> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 502 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 513 CertPathBuilder::ResultPath::ResultPath() = default; | 513 CertPathBuilder::ResultPath::ResultPath() = default; |
| 514 CertPathBuilder::ResultPath::~ResultPath() = default; | 514 CertPathBuilder::ResultPath::~ResultPath() = default; |
| 515 | 515 |
| 516 bool CertPathBuilder::ResultPath::IsValid() const { | 516 bool CertPathBuilder::ResultPath::IsValid() const { |
| 517 return path.GetTrustedCert() && !errors.ContainsHighSeverityErrors(); | 517 return path.GetTrustedCert() && !errors.ContainsHighSeverityErrors(); |
| 518 } | 518 } |
| 519 | 519 |
| 520 CertPathBuilder::Result::Result() = default; | 520 CertPathBuilder::Result::Result() = default; |
| 521 CertPathBuilder::Result::~Result() = default; | 521 CertPathBuilder::Result::~Result() = default; |
| 522 | 522 |
| 523 bool CertPathBuilder::Result::HasValidPath() const { |
| 524 return GetBestValidPath() != nullptr; |
| 525 } |
| 526 |
| 523 const CertPathBuilder::ResultPath* CertPathBuilder::Result::GetBestValidPath() | 527 const CertPathBuilder::ResultPath* CertPathBuilder::Result::GetBestValidPath() |
| 524 const { | 528 const { |
| 525 DCHECK((paths.empty() && best_result_index == 0) || | 529 DCHECK((paths.empty() && best_result_index == 0) || |
| 526 best_result_index < paths.size()); | 530 best_result_index < paths.size()); |
| 527 | 531 |
| 528 if (best_result_index >= paths.size()) | 532 if (best_result_index >= paths.size()) |
| 529 return nullptr; | 533 return nullptr; |
| 530 | 534 |
| 531 const ResultPath* result_path = paths[best_result_index].get(); | 535 const ResultPath* result_path = paths[best_result_index].get(); |
| 532 if (result_path->IsValid()) | 536 if (result_path->IsValid()) |
| 533 return result_path; | 537 return result_path; |
| 534 | 538 |
| 535 return nullptr; | 539 return nullptr; |
| 536 } | 540 } |
| 537 | 541 |
| 538 bool CertPathBuilder::Result::HasValidPath() const { | 542 void CertPathBuilder::Result::Clear() { |
| 539 return GetBestValidPath() != nullptr; | 543 paths.clear(); |
| 544 best_result_index = 0; |
| 540 } | 545 } |
| 541 | 546 |
| 542 CertPathBuilder::CertPathBuilder(scoped_refptr<ParsedCertificate> cert, | 547 CertPathBuilder::CertPathBuilder(scoped_refptr<ParsedCertificate> cert, |
| 543 TrustStore* trust_store, | 548 TrustStore* trust_store, |
| 544 const SignaturePolicy* signature_policy, | 549 const SignaturePolicy* signature_policy, |
| 545 const der::GeneralizedTime& time, | 550 const der::GeneralizedTime& time, |
| 546 KeyPurpose key_purpose, | 551 KeyPurpose key_purpose, |
| 547 Result* result) | 552 Result* result) |
| 548 : cert_path_iter_(new CertPathIter(std::move(cert), trust_store)), | 553 : cert_path_iter_(new CertPathIter(std::move(cert), trust_store)), |
| 549 signature_policy_(signature_policy), | 554 signature_policy_(signature_policy), |
| 550 time_(time), | 555 time_(time), |
| 551 key_purpose_(key_purpose), | 556 key_purpose_(key_purpose), |
| 552 next_state_(STATE_NONE), | 557 next_state_(STATE_NONE), |
| 553 out_result_(result) { | 558 out_result_(result) { |
| 559 result->Clear(); |
| 554 // The TrustStore also implements the CertIssuerSource interface. | 560 // The TrustStore also implements the CertIssuerSource interface. |
| 555 AddCertIssuerSource(trust_store); | 561 AddCertIssuerSource(trust_store); |
| 556 } | 562 } |
| 557 | 563 |
| 558 CertPathBuilder::~CertPathBuilder() {} | 564 CertPathBuilder::~CertPathBuilder() {} |
| 559 | 565 |
| 560 void CertPathBuilder::AddCertIssuerSource( | 566 void CertPathBuilder::AddCertIssuerSource( |
| 561 CertIssuerSource* cert_issuer_source) { | 567 CertIssuerSource* cert_issuer_source) { |
| 562 cert_path_iter_->AddCertIssuerSource(cert_issuer_source); | 568 cert_path_iter_->AddCertIssuerSource(cert_issuer_source); |
| 563 } | 569 } |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 624 | 630 |
| 625 void CertPathBuilder::AddResultPath(std::unique_ptr<ResultPath> result_path) { | 631 void CertPathBuilder::AddResultPath(std::unique_ptr<ResultPath> result_path) { |
| 626 // TODO(mattm): set best_result_index based on number or severity of errors. | 632 // TODO(mattm): set best_result_index based on number or severity of errors. |
| 627 if (result_path->IsValid()) | 633 if (result_path->IsValid()) |
| 628 out_result_->best_result_index = out_result_->paths.size(); | 634 out_result_->best_result_index = out_result_->paths.size(); |
| 629 // TODO(mattm): add flag to only return a single path or all attempted paths? | 635 // TODO(mattm): add flag to only return a single path or all attempted paths? |
| 630 out_result_->paths.push_back(std::move(result_path)); | 636 out_result_->paths.push_back(std::move(result_path)); |
| 631 } | 637 } |
| 632 | 638 |
| 633 } // namespace net | 639 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2854263004:
Add tests for PathBuilder when certificates are distrusted. (Closed)
