diff options
Diffstat (limited to 'cast/common/certificate/cast_cert_validator.cc')
-rw-r--r-- | cast/common/certificate/cast_cert_validator.cc | 36 |
1 files changed, 16 insertions, 20 deletions
diff --git a/cast/common/certificate/cast_cert_validator.cc b/cast/common/certificate/cast_cert_validator.cc index 6fe95821..5645c9d6 100644 --- a/cast/common/certificate/cast_cert_validator.cc +++ b/cast/common/certificate/cast_cert_validator.cc @@ -18,12 +18,10 @@ #include "cast/common/certificate/cast_cert_validator_internal.h" #include "cast/common/certificate/cast_crl.h" +namespace openscreen { namespace cast { -namespace certificate { namespace { -using CastCertError = openscreen::Error::Code; - // ------------------------------------------------------------------------- // Cast trust anchors. // ------------------------------------------------------------------------- @@ -49,8 +47,8 @@ const ConstDataSpan& AudioOnlyPolicyOid() { class CertVerificationContextImpl final : public CertVerificationContext { public: - CertVerificationContextImpl(bssl::UniquePtr<EVP_PKEY>&& cert, - std::string&& common_name) + CertVerificationContextImpl(bssl::UniquePtr<EVP_PKEY> cert, + std::string common_name) : public_key_{std::move(cert)}, common_name_(std::move(common_name)) {} ~CertVerificationContextImpl() override = default; @@ -164,33 +162,31 @@ class CastTrustStore { OSP_DISALLOW_COPY_AND_ASSIGN(CastTrustStore); }; -openscreen::Error VerifyDeviceCert( - const std::vector<std::string>& der_certs, - const DateTime& time, - std::unique_ptr<CertVerificationContext>* context, - CastDeviceCertPolicy* policy, - const CastCRL* crl, - CRLPolicy crl_policy, - TrustStore* trust_store) { +Error VerifyDeviceCert(const std::vector<std::string>& der_certs, + const DateTime& time, + std::unique_ptr<CertVerificationContext>* context, + CastDeviceCertPolicy* policy, + const CastCRL* crl, + CRLPolicy crl_policy, + TrustStore* trust_store) { if (!trust_store) { trust_store = CastTrustStore::GetInstance()->trust_store(); } // Fail early if CRL is required but not provided. if (!crl && crl_policy == CRLPolicy::kCrlRequired) { - return CastCertError::kErrCrlInvalid; + return Error::Code::kErrCrlInvalid; } CertificatePathResult result_path = {}; - openscreen::Error error = - FindCertificatePath(der_certs, time, &result_path, trust_store); + Error error = FindCertificatePath(der_certs, time, &result_path, trust_store); if (!error.ok()) { return error; } if (crl_policy == CRLPolicy::kCrlRequired && !crl->CheckRevocation(result_path.path, time)) { - return CastCertError::kErrCertsRevoked; + return Error::Code::kErrCertsRevoked; } *policy = GetAudioPolicy(result_path.path); @@ -203,7 +199,7 @@ openscreen::Error VerifyDeviceCert( int len = X509_NAME_get_text_by_NID(target_subject, NID_commonName, &common_name[0], common_name.size()); if (len == 0) { - return CastCertError::kErrCertsRestrictions; + return Error::Code::kErrCertsRestrictions; } common_name.resize(len); @@ -211,8 +207,8 @@ openscreen::Error VerifyDeviceCert( bssl::UniquePtr<EVP_PKEY>{X509_get_pubkey(result_path.target_cert.get())}, std::move(common_name))); - return CastCertError::kNone; + return Error::Code::kNone; } -} // namespace certificate } // namespace cast +} // namespace openscreen |