| Index: net/cert/internal/parse_certificate.cc
|
| diff --git a/net/cert/internal/parse_certificate.cc b/net/cert/internal/parse_certificate.cc
|
| index 2a699268c12c5d65da8aee863c73fe43255baec6..d9413b3b4d310a812d198b5be4c12f307df6d748 100644
|
| --- a/net/cert/internal/parse_certificate.cc
|
| +++ b/net/cert/internal/parse_certificate.cc
|
| @@ -6,6 +6,7 @@
|
|
|
| #include <utility>
|
|
|
| +#include "base/strings/string_util.h"
|
| #include "net/der/input.h"
|
| #include "net/der/parse_values.h"
|
| #include "net/der/parser.h"
|
| @@ -465,6 +466,36 @@ der::Input ExtKeyUsageOid() {
|
| return der::Input(oid);
|
| }
|
|
|
| +der::Input AuthorityInfoAccessOid() {
|
| + // From RFC 5280:
|
| + //
|
| + // id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 }
|
| + //
|
| + // In dotted notation: 1.3.6.1.5.5.7.1.1
|
| + static const uint8_t oid[] = {0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01};
|
| + return der::Input(oid);
|
| +}
|
| +
|
| +der::Input AdCaIssuersOid() {
|
| + // From RFC 5280:
|
| + //
|
| + // id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 }
|
| + //
|
| + // In dotted notation: 1.3.6.1.5.5.7.48.2
|
| + static const uint8_t oid[] = {0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02};
|
| + return der::Input(oid);
|
| +}
|
| +
|
| +der::Input AdOcspOid() {
|
| + // From RFC 5280:
|
| + //
|
| + // id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 }
|
| + //
|
| + // In dotted notation: 1.3.6.1.5.5.7.48.1
|
| + static const uint8_t oid[] = {0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01};
|
| + return der::Input(oid);
|
| +}
|
| +
|
| NET_EXPORT bool ParseExtensions(
|
| const der::Input& extensions_tlv,
|
| std::map<der::Input, ParsedExtension>* extensions) {
|
| @@ -590,4 +621,57 @@ bool ParseKeyUsage(const der::Input& key_usage_tlv, der::BitString* key_usage) {
|
| return true;
|
| }
|
|
|
| +bool ParseAuthorityInfoAccess(
|
| + const der::Input& authority_info_access_tlv,
|
| + std::vector<base::StringPiece>* out_ca_issuers_uris,
|
| + std::vector<base::StringPiece>* out_ocsp_uris) {
|
| + der::Parser parser(authority_info_access_tlv);
|
| +
|
| + out_ca_issuers_uris->clear();
|
| + out_ocsp_uris->clear();
|
| +
|
| + // AuthorityInfoAccessSyntax ::=
|
| + // SEQUENCE SIZE (1..MAX) OF AccessDescription
|
| + der::Parser sequence_parser;
|
| + if (!parser.ReadSequence(&sequence_parser))
|
| + return false;
|
| + if (!sequence_parser.HasMore())
|
| + return false;
|
| +
|
| + while (sequence_parser.HasMore()) {
|
| + // AccessDescription ::= SEQUENCE {
|
| + der::Parser access_description_sequence_parser;
|
| + if (!sequence_parser.ReadSequence(&access_description_sequence_parser))
|
| + return false;
|
| +
|
| + // accessMethod OBJECT IDENTIFIER,
|
| + der::Input access_method_oid;
|
| + if (!access_description_sequence_parser.ReadTag(der::kOid,
|
| + &access_method_oid))
|
| + return false;
|
| +
|
| + // accessLocation GeneralName }
|
| + der::Tag access_location_tag;
|
| + der::Input access_location_value;
|
| + if (!access_description_sequence_parser.ReadTagAndValue(
|
| + &access_location_tag, &access_location_value))
|
| + return false;
|
| +
|
| + // GeneralName ::= CHOICE {
|
| + if (access_location_tag == der::ContextSpecificPrimitive(6)) {
|
| + // uniformResourceIdentifier [6] IA5String,
|
| + base::StringPiece uri = access_location_value.AsStringPiece();
|
| + if (!base::IsStringASCII(uri))
|
| + return false;
|
| +
|
| + if (access_method_oid == AdCaIssuersOid())
|
| + out_ca_issuers_uris->push_back(uri);
|
| + else if (access_method_oid == AdOcspOid())
|
| + out_ocsp_uris->push_back(uri);
|
| + }
|
| + }
|
| +
|
| + return true;
|
| +}
|
| +
|
| } // namespace net
|
|
|
Chromium Code Reviews
Issue 2036033002:
Add CertIssuerSourceAia: authorityInfoAccess fetching for CertPathBuilder. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@cert-parsing-path-building