From 453a17823de86dc75e39d0d24d271e953c9ffedb Mon Sep 17 00:00:00 2001
From: "joth@chromium.org"
 <joth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Tue, 21 Jun 2011 18:44:16 +0000
Subject: Factor out Verify into x509 base class

This allows common pre- and post- validation to happen in a location shared across all platforms. Hopefully more stuff can be factored into here in follow ups (e.g. verify names, EV check)

BUG=None
TEST=net_unittests


Review URL: http://codereview.chromium.org/7187018

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@89867 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/base/x509_certificate_win.cc | 21 +++------------------
 1 file changed, 3 insertions(+), 18 deletions(-)

(limited to 'net/base/x509_certificate_win.cc')

diff --git a/net/base/x509_certificate_win.cc b/net/base/x509_certificate_win.cc
index 9b3e923..a9c0f5e 100644
--- a/net/base/x509_certificate_win.cc
+++ b/net/base/x509_certificate_win.cc
@@ -663,20 +663,13 @@ HCERTSTORE X509Certificate::cert_store() {
   return g_cert_store.Get().cert_store();
 }
 
-int X509Certificate::Verify(const std::string& hostname,
-                            int flags,
-                            CertVerifyResult* verify_result) const {
-  verify_result->Reset();
+int X509Certificate::VerifyInternal(const std::string& hostname,
+                                    int flags,
+                                    CertVerifyResult* verify_result) const {
   if (!cert_handle_)
     return ERR_UNEXPECTED;
 
-  if (IsBlacklisted()) {
-    verify_result->cert_status |= CERT_STATUS_REVOKED;
-    return ERR_CERT_REVOKED;
-  }
-
   // Build and validate certificate chain.
-
   CERT_CHAIN_PARA chain_para;
   memset(&chain_para, 0, sizeof(chain_para));
   chain_para.cbSize = sizeof(chain_para);
@@ -921,14 +914,6 @@ bool X509Certificate::CheckEV(PCCERT_CHAIN_CONTEXT chain_context,
   return metadata->HasEVPolicyOID(fingerprint, policy_oid);
 }
 
-bool X509Certificate::VerifyEV() const {
-  // We don't call this private method, but we do need to implement it because
-  // it's defined in x509_certificate.h. We perform EV checking in the
-  // Verify() above.
-  NOTREACHED();
-  return false;
-}
-
 // static
 bool X509Certificate::IsSameOSCert(X509Certificate::OSCertHandle a,
                                    X509Certificate::OSCertHandle b) {
-- 
cgit v1.1