diff options
Diffstat (limited to 'chromium/net/cert/pki/trust_store_collection.cc')
-rw-r--r-- | chromium/net/cert/pki/trust_store_collection.cc | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/chromium/net/cert/pki/trust_store_collection.cc b/chromium/net/cert/pki/trust_store_collection.cc new file mode 100644 index 00000000000..03657c4d4a0 --- /dev/null +++ b/chromium/net/cert/pki/trust_store_collection.cc @@ -0,0 +1,46 @@ +// Copyright 2016 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "net/cert/pki/trust_store_collection.h" + +namespace net { + +TrustStoreCollection::TrustStoreCollection() = default; +TrustStoreCollection::~TrustStoreCollection() = default; + +void TrustStoreCollection::AddTrustStore(TrustStore* store) { + DCHECK(store); + stores_.push_back(store); +} + +void TrustStoreCollection::SyncGetIssuersOf(const ParsedCertificate* cert, + ParsedCertificateList* issuers) { + for (auto* store : stores_) { + store->SyncGetIssuersOf(cert, issuers); + } +} + +CertificateTrust TrustStoreCollection::GetTrust( + const ParsedCertificate* cert, + base::SupportsUserData* debug_data) const { + // The current aggregate result. + CertificateTrust result = CertificateTrust::ForUnspecified(); + + for (auto* store : stores_) { + CertificateTrust cur_trust = store->GetTrust(cert, debug_data); + + // * If any stores distrust the certificate, consider it untrusted. + // * If multiple stores consider it trusted, use the trust result from the + // last one + if (!cur_trust.HasUnspecifiedTrust()) { + result = cur_trust; + if (result.IsDistrusted()) + break; + } + } + + return result; +} + +} // namespace net |