Change certificate store infrastructure to key off of the Subject Key

Id rather than sha1 hash, since that is rarely used in modern
certs. The previous form was storing trusted certs using an empty sha1
hash value as the key, which meant most certificates matched... not good.

Modify the LLCertException to pass certificate information back as
LLSD rather than an LLPointer<LLCertificate>, because when the
exception is being thown from the certificate constructor that results
in one of a couple of other exceptions (even refcounting won't save
you when the problem is that the thing you're pointing to never
finished coming into being properly).

Update the certificates in the llsechandler_basic_test to modern
conventions, and extend the classes to allow for an optional
validation date so that the test can use a fixed date. Also make all
the certificates include the plain text form for ease of reference.

1 files changed, 3 insertions, 2 deletions

diff --git a/indra/newview/llsechandler_basic.h b/indra/newview/llsechandler_basic.h
index 1ce5a87c75..c35617f564 100644
--- a/indra/newview/llsechandler_basic.h
+++ b/indra/newview/llsechandler_basic.h
@@ -47,8 +47,9 @@ class LLBasicCertificate : public LLCertificate
 public:		
 	LOG_CLASS(LLBasicCertificate);
 
-	LLBasicCertificate(const std::string& pem_cert);
-	LLBasicCertificate(X509* openSSLX509);
+    // The optional validation_params allow us to make the unit test time-invariant
+	LLBasicCertificate(const std::string& pem_cert, const LLSD* validation_params = NULL);
+	LLBasicCertificate(X509* openSSLX509, const LLSD* validation_params = NULL);
 	
 	virtual ~LLBasicCertificate();