Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(88)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/internal/parse_certificate.h

Issue 2036033002: Add CertIssuerSourceAia: authorityInfoAccess fetching for CertPathBuilder. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@cert-parsing-path-building
Patch Set: remove orphaned kw_args change, remove g_cur_path_id change from this cl Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/cert/internal/cert_issuer_source_aia_unittest.cc ('k') | net/cert/internal/parse_certificate.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/internal/parse_certificate.h
diff --git a/net/cert/internal/parse_certificate.h b/net/cert/internal/parse_certificate.h
index 1414d2e059d2435889b9891461399051412d655e..6fde44821c27bf86c7e7c9e1a0db7305d809beb1 100644
--- a/net/cert/internal/parse_certificate.h
+++ b/net/cert/internal/parse_certificate.h
@@ -8,6 +8,7 @@
#include <stdint.h>
#include <map>
+#include <vector>
#include "base/compiler_specific.h"
#include "net/base/net_export.h"
@@ -312,6 +313,27 @@ NET_EXPORT der::Input PolicyConstraintsOid();
// In dotted notation: 2.5.29.37
NET_EXPORT der::Input ExtKeyUsageOid();
+// From RFC 5280:
+//
+// id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 }
+//
+// In dotted notation: 1.3.6.1.5.5.7.1.1
+NET_EXPORT der::Input AuthorityInfoAccessOid();
+
+// From RFC 5280:
+//
+// id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 }
+//
+// In dotted notation: 1.3.6.1.5.5.7.48.2
+NET_EXPORT der::Input AdCaIssuersOid();
+
+// From RFC 5280:
+//
+// id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 }
+//
+// In dotted notation: 1.3.6.1.5.5.7.48.1
+NET_EXPORT der::Input AdOcspOid();
+
// Parses the Extensions sequence as defined by RFC 5280. Extensions are added
// to the map |extensions| keyed by the OID. Parsing guarantees that each OID
// is unique. Note that certificate verification must consume each extension
@@ -391,6 +413,27 @@ enum KeyUsageBit {
NET_EXPORT bool ParseKeyUsage(const der::Input& key_usage_tlv,
der::BitString* key_usage) WARN_UNUSED_RESULT;
+// Parses the Authority Information Access extension defined by RFC 5280.
+// Returns true on success, and |out_ca_issuers_uris| and |out_ocsp_uris| will
+// alias data in |authority_info_access_tlv|. On failure returns false, and
+// |out_ca_issuers_uris| and |out_ocsp_uris| may have been partially filled.
+//
+// |out_ca_issuers_uris| is filled with the accessLocations of type
+// uniformResourceIdentifier for the accessMethod id-ad-caIssuers.
+// |out_ocsp_uris| is filled with the accessLocations of type
+// uniformResourceIdentifier for the accessMethod id-ad-ocsp.
+//
+// The values in |out_ca_issuers_uris| and |out_ocsp_uris| are checked to be
+// IA5String (ASCII strings), but no other validation is performed on them.
+//
+// accessMethods other than id-ad-caIssuers and id-ad-ocsp are silently ignored.
+// accessLocation types other than uniformResourceIdentifier are silently
+// ignored.
+NET_EXPORT bool ParseAuthorityInfoAccess(
+ const der::Input& authority_info_access_tlv,
+ std::vector<base::StringPiece>* out_ca_issuers_uris,
+ std::vector<base::StringPiece>* out_ocsp_uris) WARN_UNUSED_RESULT;
+
} // namespace net
#endif // NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_
« no previous file with comments | « net/cert/internal/cert_issuer_source_aia_unittest.cc ('k') | net/cert/internal/parse_certificate.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698