components/cast_certificate/cast_cert_reader.cc - chromium/src - Git at Google

 // Copyright 2020 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "components/cast_certificate/cast_cert_reader.h"
 #include "base/files/file_util.h"
 #include "base/logging.h"
 #include "base/no_destructor.h"
 #include "base/path_service.h"
 #include "net/cert/internal/common_cert_errors.h"
 #include "net/cert/pem.h"
 #include "net/cert/x509_util.h"

 namespace cast_certificate {

 bool PopulateStoreWithCertsFromPath(net::TrustStoreInMemory* store,
                                     const base::FilePath& path) {
   const std::vector<std::string> trusted_roots =
       ReadCertificateChainFromFile(path);

   for (const auto& trusted_root : trusted_roots) {
     net::CertErrors errors;
     scoped_refptr<net::ParsedCertificate> cert(net::ParsedCertificate::Create(
         net::x509_util::CreateCryptoBuffer(trusted_root), {}, &errors));

     if (errors.ContainsAnyErrorWithSeverity(
             net::CertError::Severity::SEVERITY_HIGH)) {
       LOG(ERROR) << "Failed to load cert due to following error(s): "
                  << errors.ToDebugString();
       return false;
     }
     store->AddTrustAnchorWithConstraints(cert);
   }
   return true;
 }

 std::vector<std::string> ReadCertificateChainFromFile(
     const base::FilePath& path) {
   std::string file_data;
   if (!base::ReadFileToString(path, &file_data)) {
     LOG(ERROR) << "Failed to read certificate chain from file: " << path;
     return {};
   }

   return ReadCertificateChainFromString(file_data.data());
 }

 std::vector<std::string> ReadCertificateChainFromString(const char* str) {
   std::vector<std::string> certs;
   net::PEMTokenizer pem_tokenizer(str, {"CERTIFICATE"});
   while (pem_tokenizer.GetNext())
     certs.push_back(pem_tokenizer.data());

   if (certs.empty()) {
     LOG(WARNING) << "Certificate chain is empty.";
   }
   return certs;
 }

 }  // namespace cast_certificate
	// Copyright 2020 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "components/cast_certificate/cast_cert_reader.h"
	#include "base/files/file_util.h"
	#include "base/logging.h"
	#include "base/no_destructor.h"
	#include "base/path_service.h"
	#include "net/cert/internal/common_cert_errors.h"
	#include "net/cert/pem.h"
	#include "net/cert/x509_util.h"

	namespace cast_certificate {

	bool PopulateStoreWithCertsFromPath(net::TrustStoreInMemory* store,
	const base::FilePath& path) {
	const std::vector<std::string> trusted_roots =
	ReadCertificateChainFromFile(path);

	for (const auto& trusted_root : trusted_roots) {
	net::CertErrors errors;
	scoped_refptr<net::ParsedCertificate> cert(net::ParsedCertificate::Create(
	net::x509_util::CreateCryptoBuffer(trusted_root), {}, &errors));

	if (errors.ContainsAnyErrorWithSeverity(
	net::CertError::Severity::SEVERITY_HIGH)) {
	LOG(ERROR) << "Failed to load cert due to following error(s): "
	<< errors.ToDebugString();
	return false;
	}
	store->AddTrustAnchorWithConstraints(cert);
	}
	return true;
	}

	std::vector<std::string> ReadCertificateChainFromFile(
	const base::FilePath& path) {
	std::string file_data;
	if (!base::ReadFileToString(path, &file_data)) {
	LOG(ERROR) << "Failed to read certificate chain from file: " << path;
	return {};
	}

	return ReadCertificateChainFromString(file_data.data());
	}

	std::vector<std::string> ReadCertificateChainFromString(const char* str) {
	std::vector<std::string> certs;
	net::PEMTokenizer pem_tokenizer(str, {"CERTIFICATE"});
	while (pem_tokenizer.GetNext())
	certs.push_back(pem_tokenizer.data());

	if (certs.empty()) {
	LOG(WARNING) << "Certificate chain is empty.";
	}
	return certs;
	}

	} // namespace cast_certificate