Add new functions to handle UPN and email addresses

net/cert/x509_util_nss_certs.cc

Index: net/cert/x509_util_nss_certs.cc
diff --git a/net/cert/x509_util_nss_certs.cc b/net/cert/x509_util_nss_certs.cc
index 1ec360d31e6d81d013a6ae56154826cd72840160..b0058895def32886273623811d1bb0de9bd4ab99 100644
--- a/net/cert/x509_util_nss_certs.cc
+++ b/net/cert/x509_util_nss_certs.cc
@@ -33,6 +33,10 @@ namespace net {
 
 namespace {
 
+// Microsoft User Principal Name: 1.3.6.1.4.1.311.20.2.3
+const uint8_t kUpnOid[] = {0x2b, 0x6,  0x1,  0x4, 0x1,
+                           0x82, 0x37, 0x14, 0x2, 0x3};
+
 // Callback for CERT_DecodeCertPackage(), used in
 // CreateOSCertHandlesFromBytes().
 SECStatus PR_CALLBACK
@@ -200,6 +204,74 @@ void GetSubjectAltName(CERTCertificate* cert_handle,
   PORT_FreeArena(arena, PR_FALSE);
 }
 
+void GetRFC822SubjectAltNames(CERTCertificate* cert_handle,
+                              std::vector<std::string>* names) {
+  crypto::ScopedSECItem alt_name(SECITEM_AllocItem(NULL, NULL, 0));
+  DCHECK(alt_name.get());
+
+  names->clear();
+  SECStatus rv = CERT_FindCertExtension(
+      cert_handle, SEC_OID_X509_SUBJECT_ALT_NAME, alt_name.get());
+  if (rv != SECSuccess)
+    return;
+
+  crypto::ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
+  DCHECK(arena.get());
+
+  CERTGeneralName* alt_name_list;
+  alt_name_list = CERT_DecodeAltNameExtension(arena.get(), alt_name.get());
+
+  CERTGeneralName* name = alt_name_list;
+  while (name) {
+    if (name->type == certRFC822Name) {
+      names->push_back(
+          std::string(reinterpret_cast<char*>(name->name.other.data),
+                      name->name.other.len));
+    }
+    name = CERT_GetNextGeneralName(name);
+    if (name == alt_name_list)
+      break;
+  }
+}
+
+void GetUPNSubjectAltNames(CERTCertificate* cert_handle,
+                           std::vector<std::string>* names) {
+  crypto::ScopedSECItem alt_name(SECITEM_AllocItem(NULL, NULL, 0));
+  DCHECK(alt_name.get());
+
+  names->clear();
+  SECStatus rv = CERT_FindCertExtension(
+      cert_handle, SEC_OID_X509_SUBJECT_ALT_NAME, alt_name.get());
+  if (rv != SECSuccess)
+    return;
+
+  crypto::ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
+  DCHECK(arena.get());
+
+  CERTGeneralName* alt_name_list;
+  alt_name_list = CERT_DecodeAltNameExtension(arena.get(), alt_name.get());
+
+  CERTGeneralName* name = alt_name_list;
+  while (name) {
+    if (name->type == certOtherName) {
+      OtherName* on = &name->name.OthName;
+      if (on->oid.len == sizeof(kUpnOid) &&
+          memcmp(on->oid.data, kUpnOid, sizeof(kUpnOid)) == 0) {
+        SECItem decoded;
+        if (SEC_QuickDERDecodeItem(arena.get(), &decoded,
+                                   SEC_ASN1_GET(SEC_UTF8StringTemplate),
+                                   &name->name.OthName.name) == SECSuccess) {
+          names->push_back(
+              std::string(reinterpret_cast<char*>(decoded.data), decoded.len));
+        }
+      }
+    }
+    name = CERT_GetNextGeneralName(name);
+    if (name == alt_name_list)
+      break;
+  }
+}
+
 X509Certificate::OSCertHandles CreateOSCertHandlesFromBytes(
     const char* data,
     size_t length,