Add error details to TBSCertificate parsing function and tests.

net/cert/internal/parse_certificate.h

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_
 #define NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_
 
 #include <stdint.h>
 
 #include <map>
@@ skipping 84 matching lines @@
 NET_EXPORT bool ParseCertificate(const der::Input& certificate_tlv,
                                  der::Input* out_tbs_certificate_tlv,
                                  der::Input* out_signature_algorithm_tlv,
                                  der::BitString* out_signature_value,
                                  CertErrors* out_errors) WARN_UNUSED_RESULT;
 
 // Parses a DER-encoded "TBSCertificate" as specified by RFC 5280. Returns true
 // on success and sets the results in |out|. Certain invalid inputs may
 // be accepted based on the provided |options|.
 //
+// If |errors| was non-null then any warnings/errors that occur during parsing
+// are added to it.
+//
 // Note that on success |out| aliases data from the input |tbs_tlv|.
 // Hence the fields of the ParsedTbsCertificate are only valid as long as
 // |tbs_tlv| remains valid.
 //
 // On failure |out| has an undefined state. Some of its fields may have been
 // updated during parsing, whereas others may not have been changed.
 //
 // Refer to the per-field documentation of ParsedTbsCertificate for details on
 // what validity checks parsing performs.
 //
 //       TBSCertificate  ::=  SEQUENCE  {
 //            version         [0]  EXPLICIT Version DEFAULT v1,
 //            serialNumber         CertificateSerialNumber,
 //            signature            AlgorithmIdentifier,
 //            issuer               Name,
 //            validity             Validity,
 //            subject              Name,
 //            subjectPublicKeyInfo SubjectPublicKeyInfo,
 //            issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
 //                                 -- If present, version MUST be v2 or v3
 //            subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
 //                                 -- If present, version MUST be v2 or v3
 //            extensions      [3]  EXPLICIT Extensions OPTIONAL
 //                                 -- If present, version MUST be v3
 //            }
 NET_EXPORT bool ParseTbsCertificate(const der::Input& tbs_tlv,
                                     const ParseCertificateOptions& options,
-                                    ParsedTbsCertificate* out)
-    WARN_UNUSED_RESULT;
+                                    ParsedTbsCertificate* out,
+                                    CertErrors* errors) WARN_UNUSED_RESULT;
 
 // Represents a "Version" from RFC 5280:
 //         Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
 enum class CertificateVersion {
   V1,
   V2,
   V3,
 };
 
 // ParsedTbsCertificate contains pointers to the main fields of a DER-encoded
@@ skipping 306 matching lines @@
 // accessLocation types other than uniformResourceIdentifier are silently
 // ignored.
 NET_EXPORT bool ParseAuthorityInfoAccess(
     const der::Input& authority_info_access_tlv,
     std::vector<base::StringPiece>* out_ca_issuers_uris,
     std::vector<base::StringPiece>* out_ocsp_uris) WARN_UNUSED_RESULT;
 
 }  // namespace net
 
 #endif  // NET_CERT_INTERNAL_PARSE_CERTIFICATE_H_