Allow Cast certificates to have serial numbers greater than 20 bytes, as well as non-minimal INTEGE…

net/cert/internal/parse_certificate.h

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_
 #define NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_
 
 #include <stdint.h>
 
 #include <map>
@@ skipping 27 matching lines @@
 //     Given the uniqueness requirements above, serial numbers can be
 //     expected to contain long integers.  Certificate users MUST be able to
 //     handle serialNumber values up to 20 octets.  Conforming CAs MUST NOT
 //     use serialNumber values longer than 20 octets.
 //
 //     Note: Non-conforming CAs may issue certificates with serial numbers
 //     that are negative or zero.  Certificate users SHOULD be prepared to
 //     gracefully handle such certificates.
 NET_EXPORT bool VerifySerialNumber(const der::Input& value) WARN_UNUSED_RESULT;
 
+struct NET_EXPORT ParseCertificateOptions {
+  // If set to true, then parsing will skip checks on the certificate's serial
+  // number. The only requirement will be that the serial number is an INTEGER,
+  // however it is not required to be a valid DER-encoding (i.e. minimal
+  // encoding), nor is it required to be constrained to any particular length.
+  bool allow_invalid_serial_numbers = false;
+};
+
 // Parses a DER-encoded "Certificate" as specified by RFC 5280. Returns true on
 // success and sets the results in the |out_*| parameters.
 //
 // Note that on success the out parameters alias data from the input
 // |certificate_tlv|.  Hence the output values are only valid as long as
 // |certificate_tlv| remains valid.
 //
 // On failure the out parameters have an undefined state. Some of them may have
 // been updated during parsing, whereas others may not have been changed.
 //
@@ skipping 21 matching lines @@
 //         signatureValue       BIT STRING  }
 //
 // Parsing guarantees that this is a valid BIT STRING.
 NET_EXPORT bool ParseCertificate(const der::Input& certificate_tlv,
                                  der::Input* out_tbs_certificate_tlv,
                                  der::Input* out_signature_algorithm_tlv,
                                  der::BitString* out_signature_value)
     WARN_UNUSED_RESULT;
 
 // Parses a DER-encoded "TBSCertificate" as specified by RFC 5280. Returns true
-// on success and sets the results in |out|.
+// on success and sets the results in |out|. Certain invalid inputs may
+// be accepted based on the provided |options|.
 //
 // Note that on success |out| aliases data from the input |tbs_tlv|.
 // Hence the fields of the ParsedTbsCertificate are only valid as long as
 // |tbs_tlv| remains valid.
 //
 // On failure |out| has an undefined state. Some of its fields may have been
 // updated during parsing, whereas others may not have been changed.
 //
 // Refer to the per-field documentation of ParsedTbsCertificate for details on
 // what validity checks parsing performs.
 //
 //       TBSCertificate  ::=  SEQUENCE  {
 //            version         [0]  EXPLICIT Version DEFAULT v1,
 //            serialNumber         CertificateSerialNumber,
 //            signature            AlgorithmIdentifier,
 //            issuer               Name,
 //            validity             Validity,
 //            subject              Name,
 //            subjectPublicKeyInfo SubjectPublicKeyInfo,
 //            issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
 //                                 -- If present, version MUST be v2 or v3
 //            subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
 //                                 -- If present, version MUST be v2 or v3
 //            extensions      [3]  EXPLICIT Extensions OPTIONAL
 //                                 -- If present, version MUST be v3
 //            }
 NET_EXPORT bool ParseTbsCertificate(const der::Input& tbs_tlv,
+                                    const ParseCertificateOptions& options,
                                     ParsedTbsCertificate* out)
     WARN_UNUSED_RESULT;
 
 // Represents a "Version" from RFC 5280:
 //         Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
 enum class CertificateVersion {
   V1,
   V2,
   V3,
 };
@@ skipping 14 matching lines @@
   // Parsing guarantees that the version is one of v1, v2, or v3.
   CertificateVersion version = CertificateVersion::V1;
 
   // Corresponds with "serialNumber" from RFC 5280:
   //         serialNumber         CertificateSerialNumber,
   //
   // This field specifically contains the content bytes of the INTEGER. So for
   // instance if the serial number was 1000 then this would contain bytes
   // {0x03, 0xE8}.
   //
-  // In addition to being a valid DER-encoded INTEGER, parsing guarantees that
+  // The serial number may or may not be a valid DER-encoded INTEGER:
+  //
+  // If the option |allow_invalid_serial_numbers=true| was used during
+  // parsing, then nothing further can be assumed about these bytes.
+  //
+  // Otherwise if |allow_invalid_serial_numbers=false| then in addition
+  // to being a valid DER-encoded INTEGER, parsing guarantees that
   // the serial number is at most 20 bytes long. Parsing does NOT guarantee
   // that the integer is positive (might be zero or negative).
   der::Input serial_number;
 
   // Corresponds with "signatureAlgorithm" from RFC 5280:
   //         signatureAlgorithm   AlgorithmIdentifier,
   //
   // This contains the full (unverified) Tag-Length-Value for a SEQUENCE. No
   // guarantees are made regarding the value of this SEQUENCE.
   //
@@ skipping 217 matching lines @@
 // be set.
 //
 // To test if a particular key usage is set, call, e.g.:
 //     key_usage->AssertsBit(KEY_USAGE_BIT_DIGITAL_SIGNATURE);
 NET_EXPORT bool ParseKeyUsage(const der::Input& key_usage_tlv,
                               der::BitString* key_usage) WARN_UNUSED_RESULT;
 
 }  // namespace net
 
 #endif  // NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_