Mirror of BoringSSL (grpc依赖)
https://boringssl.googlesource.com/boringssl
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
46 lines
1.3 KiB
46 lines
1.3 KiB
// Copyright 2016 The Chromium Authors |
|
// Use of this source code is governed by a BSD-style license that can be |
|
// found in the LICENSE file. |
|
|
|
#include "trust_store_collection.h" |
|
|
|
namespace bssl { |
|
|
|
TrustStoreCollection::TrustStoreCollection() = default; |
|
TrustStoreCollection::~TrustStoreCollection() = default; |
|
|
|
void TrustStoreCollection::AddTrustStore(TrustStore* store) { |
|
DCHECK(store); |
|
stores_.push_back(store); |
|
} |
|
|
|
void TrustStoreCollection::SyncGetIssuersOf(const ParsedCertificate* cert, |
|
ParsedCertificateList* issuers) { |
|
for (auto* store : stores_) { |
|
store->SyncGetIssuersOf(cert, issuers); |
|
} |
|
} |
|
|
|
CertificateTrust TrustStoreCollection::GetTrust( |
|
const ParsedCertificate* cert, |
|
void* debug_data) { |
|
// The current aggregate result. |
|
CertificateTrust result = CertificateTrust::ForUnspecified(); |
|
|
|
for (auto* store : stores_) { |
|
CertificateTrust cur_trust = store->GetTrust(cert, debug_data); |
|
|
|
// * If any stores distrust the certificate, consider it untrusted. |
|
// * If multiple stores consider it trusted, use the trust result from the |
|
// last one |
|
if (!cur_trust.HasUnspecifiedTrust()) { |
|
result = cur_trust; |
|
if (result.IsDistrusted()) |
|
break; |
|
} |
|
} |
|
|
|
return result; |
|
} |
|
|
|
} // namespace net
|
|
|