Make Cast certificate verification enforce constraints specified in the trusted root certificate.
* Hardcode the 2 Chromecast root certificates. Previously we included their Subject+SPKI, now it includes the full certificates.
* Change the net::TrustStore to take full-blown certificates rather than (subjet, spki) tuples.
* During verification all checks are done on the root certificate except for signature and issuer check.
Review URL: https://codereview.chromium.org/1890193003
Cr-Commit-Position: refs/heads/master@{#388905}
17 files changed
