Add DER parsing of AlgorithmId for signatures.

net/cert/internal/signature_algorithm.h

Index: net/cert/internal/signature_algorithm.h
diff --git a/net/cert/internal/signature_algorithm.h b/net/cert/internal/signature_algorithm.h
new file mode 100644
index 0000000000000000000000000000000000000000..d5d8eff9d4911f27197d529078a3b2b50a2731af
--- /dev/null
+++ b/net/cert/internal/signature_algorithm.h
@@ -0,0 +1,49 @@
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_CERT_INTERNAL_SIGNATURE_ALGORITHM_H_
+#define NET_CERT_INTERNAL_SIGNATURE_ALGORITHM_H_
+
+#include "base/compiler_specific.h"
+#include "net/base/net_export.h"
+
+namespace net {
+
+namespace der {
+class Input;
+}
+
+enum class SignatureAlgorithmId {
+  RsaPkcs1_5,
+  Ecdsa,
+};
+
+enum class DigestAlgorithmId {
+  Sha1,
+  Sha256,
+  Sha384,
+  Sha512,
+};
+
+// SignatureAlgorithm describes a signature algorithm and its parameters. This
+// corresponds to "AlgorithmIdentifier" from RFC 5280.
+struct NET_EXPORT SignatureAlgorithm {
+  // Assigns the SignatureAlgorithm by parsing a DER-encoded
+  // "AlgorithmIdentifier" (RFC 5280).
+  //
+  // Returns true on success.
+  WARN_UNUSED_RESULT bool AssignFromDer(const der::Input& signature_algorithm);

[Ryan Sleevi, 2015/06/29 14:45:24]

WARN_UNUSED_RESULT historically goes on the end of the line, rather than the
beginning. It also makes things more readable :)

+
+  // Returns true if |*this| is equivalent to |other|.
+  WARN_UNUSED_RESULT bool Equals(const SignatureAlgorithm& other) const;

[Ryan Sleevi, 2015/06/29 14:45:24]

Ditto

+
+  SignatureAlgorithmId algorithm;
+  DigestAlgorithmId digest;
+
+  // TODO(eroman): Add support for RSASSA-PSS.
+};
+
+}  // namespace net
+
+#endif  // NET_CERT_INTERNAL_SIGNATURE_ALGORITHM_H_