/*
* Search based on the contents of a DN entry
*/
bool DN_Check::match(const X509_Certificate& cert) const
{
std::vector<std::string> info = cert.subject_info(dn_entry);
for(u32bit j = 0; j != info.size(); ++j)
if(compare(info[j], looking_for))
return true;
return false;
}
GeneralName::MatchResult GeneralName::matches(const X509_Certificate& cert) const
{
std::vector<std::string> nam;
std::function<bool(const GeneralName*,const std::string&)> match_fn;
if(type() == "DNS")
{
match_fn = std::mem_fn(&GeneralName::matches_dns);
nam = cert.subject_info("DNS");
if(nam.empty())
{
nam = cert.subject_info("CN");
}
}
else if(type() == "DN")
{
match_fn = std::mem_fn(&GeneralName::matches_dn);
std::stringstream ss;
ss << cert.subject_dn();
nam.push_back(ss.str());
}
else if(type() == "IP")
{
match_fn = std::mem_fn(&GeneralName::matches_ip);
nam = cert.subject_info("IP");
}
else
{
return MatchResult::UnknownType;
}
if(nam.empty())
{
return MatchResult::NotFound;
}
bool some = false;
bool all = true;
for(const std::string& n: nam)
{
bool m = match_fn(this,n);
some |= m;
all &= m;
}
if(all)
{
return MatchResult::All;
}
else if(some)
{
return MatchResult::Some;
}
else
{
return MatchResult::None;
}
}
