net/cert/internal/parse_certificate.h - Issue 1890193003: Make Cast certificate verification enforce constraints specified in the trusted root certificate.

Side by Side Diff: net/cert/internal/parse_certificate.h

Issue 1890193003: Make Cast certificate verification enforce constraints specified in the trusted root certificate. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: list datafiles for ios (needed following the rebase) Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_	5 #ifndef NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_

6 #define NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_	6 #define NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_

7	7

8 #include <stdint.h>	8 #include <stdint.h>

9	9

10 #include <map>	10 #include <map>

(...skipping 94 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
105 V2,	105 V2,

106 V3,	106 V3,

107 };	107 };

108	108

109 // ParsedCertificate contains pointers to the main fields of a DER-encoded RFC	109 // ParsedCertificate contains pointers to the main fields of a DER-encoded RFC

110 // 5280 "Certificate".	110 // 5280 "Certificate".

111 //	111 //

112 // ParsedCertificate is expected to be filled by ParseCertificate(), so	112 // ParsedCertificate is expected to be filled by ParseCertificate(), so

113 // subsequent field descriptions are in terms of what ParseCertificate() sets.	113 // subsequent field descriptions are in terms of what ParseCertificate() sets.

114 struct NET_EXPORT ParsedCertificate {	114 struct NET_EXPORT ParsedCertificate {

	115 ParsedCertificate();

	116 ~ParsedCertificate();

	117

115 // Corresponds with "tbsCertificate" from RFC 5280:	118 // Corresponds with "tbsCertificate" from RFC 5280:

116 // tbsCertificate TBSCertificate,	119 // tbsCertificate TBSCertificate,

117 //	120 //

118 // This contains the full (unverified) Tag-Length-Value for a SEQUENCE. No	121 // This contains the full (unverified) Tag-Length-Value for a SEQUENCE. No

119 // guarantees are made regarding the value of this SEQUENCE.	122 // guarantees are made regarding the value of this SEQUENCE.

120 //	123 //

121 // This can be further parsed using ParseTbsCertificate().	124 // This can be further parsed using ParseTbsCertificate().

122 der::Input tbs_certificate_tlv;	125 der::Input tbs_certificate_tlv;

123	126

124 // Corresponds with "signatureAlgorithm" from RFC 5280:	127 // Corresponds with "signatureAlgorithm" from RFC 5280:

(...skipping 266 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
391 // be set.	394 // be set.

392 //	395 //

393 // To test if a particular key usage is set, call, e.g.:	396 // To test if a particular key usage is set, call, e.g.:

394 // key_usage->AssertsBit(KEY_USAGE_BIT_DIGITAL_SIGNATURE);	397 // key_usage->AssertsBit(KEY_USAGE_BIT_DIGITAL_SIGNATURE);

395 NET_EXPORT bool ParseKeyUsage(const der::Input& key_usage_tlv,	398 NET_EXPORT bool ParseKeyUsage(const der::Input& key_usage_tlv,

396 der::BitString* key_usage) WARN_UNUSED_RESULT;	399 der::BitString* key_usage) WARN_UNUSED_RESULT;

397	400

398 } // namespace net	401 } // namespace net

399	402

400 #endif // NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_	403 #endif // NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_

OLD	NEW

« no previous file with comments | « extensions/extensions.gypi ('k') | net/cert/internal/parse_certificate.cc » ('j') | no next file with comments »