Quite large reworking of signer/cert handling.

[libdcp.git] / src / certificates.cc

diff --git a/src/certificates.cc b/src/certificates.cc
index b331c6b6d00ab4fccd6257407e781661f82d56a9..46c60d6beb2e27477a774fec265142b16d288b0f 100644 (file)
--- a/src/certificates.cc
+++ b/src/certificates.cc
@@ -294,7 +294,7 @@ Certificate::public_key () const
 }
 
 /** @return Root certificate */
-shared_ptr<Certificate>
+shared_ptr<const Certificate>
 CertificateChain::root () const
 {
        assert (!_certificates.empty());
@@ -302,7 +302,7 @@ CertificateChain::root () const
 }
 
 /** @return Leaf certificate */
-shared_ptr<Certificate>
+shared_ptr<const Certificate>
 CertificateChain::leaf () const
 {
        assert (_certificates.size() >= 2);
@@ -329,13 +329,13 @@ CertificateChain::leaf_to_root () const
  *  @param c Certificate to add.
  */
 void
-CertificateChain::add (shared_ptr<Certificate> c)
+CertificateChain::add (shared_ptr<const Certificate> c)
 {
        _certificates.push_back (c);
 }
 
 void
-CertificateChain::remove (shared_ptr<Certificate> c)
+CertificateChain::remove (shared_ptr<const Certificate> c)
 {
        _certificates.remove (c);
 }
@@ -357,11 +357,12 @@ CertificateChain::remove (int i)
        }
 }
 
-/** Verify the chain.
+/** Check to see if the chain is valid (i.e. root signs the intermediate, intermediate
+ *  signs the leaf and so on).
  *  @return true if it's ok, false if not.
  */
 bool
-CertificateChain::verify () const
+CertificateChain::valid () const
 {
        X509_STORE* store = X509_STORE_new ();
        if (!store) {
@@ -416,7 +417,7 @@ CertificateChain::attempt_reorder ()
        List original = _certificates;
        _certificates.sort ();
        do {
-               if (verify ()) {
+               if (valid ()) {
                        return true;
                }
        } while (std::next_permutation (_certificates.begin(), _certificates.end ()));