1 // Copyright 2016 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "trust_store_collection.h" 6 7 #include <openssl/base.h> 8 9 namespace bssl { 10 11 TrustStoreCollection::TrustStoreCollection() = default; 12 TrustStoreCollection::~TrustStoreCollection() = default; 13 AddTrustStore(TrustStore * store)14void TrustStoreCollection::AddTrustStore(TrustStore* store) { 15 BSSL_CHECK(store); 16 stores_.push_back(store); 17 } 18 SyncGetIssuersOf(const ParsedCertificate * cert,ParsedCertificateList * issuers)19void TrustStoreCollection::SyncGetIssuersOf(const ParsedCertificate* cert, 20 ParsedCertificateList* issuers) { 21 for (auto* store : stores_) { 22 store->SyncGetIssuersOf(cert, issuers); 23 } 24 } 25 GetTrust(const ParsedCertificate * cert)26CertificateTrust TrustStoreCollection::GetTrust(const ParsedCertificate* cert) { 27 // The current aggregate result. 28 CertificateTrust result = CertificateTrust::ForUnspecified(); 29 30 for (auto* store : stores_) { 31 CertificateTrust cur_trust = store->GetTrust(cert); 32 33 // * If any stores distrust the certificate, consider it untrusted. 34 // * If multiple stores consider it trusted, use the trust result from the 35 // last one 36 if (!cur_trust.HasUnspecifiedTrust()) { 37 result = cur_trust; 38 if (result.IsDistrusted()) 39 break; 40 } 41 } 42 43 return result; 44 } 45 46 } // namespace net 47