OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_X509_CERTIFICATE_H_ | 5 #ifndef NET_CERT_X509_CERTIFICATE_H_ |
6 #define NET_CERT_X509_CERTIFICATE_H_ | 6 #define NET_CERT_X509_CERTIFICATE_H_ |
7 | 7 |
8 #include <stddef.h> | 8 #include <stddef.h> |
9 #include <string.h> | 9 #include <string.h> |
10 | 10 |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
73 | 73 |
74 enum PublicKeyType { | 74 enum PublicKeyType { |
75 kPublicKeyTypeUnknown, | 75 kPublicKeyTypeUnknown, |
76 kPublicKeyTypeRSA, | 76 kPublicKeyTypeRSA, |
77 kPublicKeyTypeDSA, | 77 kPublicKeyTypeDSA, |
78 kPublicKeyTypeECDSA, | 78 kPublicKeyTypeECDSA, |
79 kPublicKeyTypeDH, | 79 kPublicKeyTypeDH, |
80 kPublicKeyTypeECDH | 80 kPublicKeyTypeECDH |
81 }; | 81 }; |
82 | 82 |
83 enum SignatureHashAlgorithm { | |
84 kSignatureHashAlgorithmMd2, | |
85 kSignatureHashAlgorithmMd4, | |
86 kSignatureHashAlgorithmMd5, | |
87 kSignatureHashAlgorithmSha1, | |
88 kSignatureHashAlgorithmOther, | |
89 }; | |
90 | |
91 enum Format { | 83 enum Format { |
92 // The data contains a single DER-encoded certificate, or a PEM-encoded | 84 // The data contains a single DER-encoded certificate, or a PEM-encoded |
93 // DER certificate with the PEM encoding block name of "CERTIFICATE". | 85 // DER certificate with the PEM encoding block name of "CERTIFICATE". |
94 // Any subsequent blocks will be ignored. | 86 // Any subsequent blocks will be ignored. |
95 FORMAT_SINGLE_CERTIFICATE = 1 << 0, | 87 FORMAT_SINGLE_CERTIFICATE = 1 << 0, |
96 | 88 |
97 // The data contains a sequence of one or more PEM-encoded, DER | 89 // The data contains a sequence of one or more PEM-encoded, DER |
98 // certificates, with the PEM encoding block name of "CERTIFICATE". | 90 // certificates, with the PEM encoding block name of "CERTIFICATE". |
99 // All PEM blocks will be parsed, until the first error is encountered. | 91 // All PEM blocks will be parsed, until the first error is encountered. |
100 FORMAT_PEM_CERT_SEQUENCE = 1 << 1, | 92 FORMAT_PEM_CERT_SEQUENCE = 1 << 1, |
(...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
316 // the first element. | 308 // the first element. |
317 bool GetPEMEncodedChain(std::vector<std::string>* pem_encoded) const; | 309 bool GetPEMEncodedChain(std::vector<std::string>* pem_encoded) const; |
318 | 310 |
319 // Sets |*size_bits| to be the length of the public key in bits, and sets | 311 // Sets |*size_bits| to be the length of the public key in bits, and sets |
320 // |*type| to one of the |PublicKeyType| values. In case of | 312 // |*type| to one of the |PublicKeyType| values. In case of |
321 // |kPublicKeyTypeUnknown|, |*size_bits| will be set to 0. | 313 // |kPublicKeyTypeUnknown|, |*size_bits| will be set to 0. |
322 static void GetPublicKeyInfo(OSCertHandle cert_handle, | 314 static void GetPublicKeyInfo(OSCertHandle cert_handle, |
323 size_t* size_bits, | 315 size_t* size_bits, |
324 PublicKeyType* type); | 316 PublicKeyType* type); |
325 | 317 |
326 // Returns the digest algorithm used in |cert_handle|'s signature. | |
327 // If the digest algorithm cannot be determined, or if it is not one | |
328 // of the explicitly enumerated values, kSignatureHashAlgorithmOther | |
329 // will be returned. | |
330 // NOTE: No validation of the signature is performed, and thus invalid | |
331 // signatures may result in seemingly meaningful values. | |
332 static SignatureHashAlgorithm GetSignatureHashAlgorithm( | |
333 OSCertHandle cert_handle); | |
334 | |
335 // Returns the OSCertHandle of this object. Because of caching, this may | 318 // Returns the OSCertHandle of this object. Because of caching, this may |
336 // differ from the OSCertHandle originally supplied during initialization. | 319 // differ from the OSCertHandle originally supplied during initialization. |
337 // Note: On Windows, CryptoAPI may return unexpected results if this handle | 320 // Note: On Windows, CryptoAPI may return unexpected results if this handle |
338 // is used across multiple threads. For more details, see | 321 // is used across multiple threads. For more details, see |
339 // CreateOSCertChainForCert(). | 322 // CreateOSCertChainForCert(). |
340 OSCertHandle os_cert_handle() const { return cert_handle_; } | 323 OSCertHandle os_cert_handle() const { return cert_handle_; } |
341 | 324 |
342 // Returns true if two OSCertHandles refer to identical certificates. | 325 // Returns true if two OSCertHandles refer to identical certificates. |
343 static bool IsSameOSCert(OSCertHandle a, OSCertHandle b); | 326 static bool IsSameOSCert(OSCertHandle a, OSCertHandle b); |
344 | 327 |
(...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
465 // Untrusted intermediate certificates associated with this certificate | 448 // Untrusted intermediate certificates associated with this certificate |
466 // that may be needed for chain building. | 449 // that may be needed for chain building. |
467 OSCertHandles intermediate_ca_certs_; | 450 OSCertHandles intermediate_ca_certs_; |
468 | 451 |
469 DISALLOW_COPY_AND_ASSIGN(X509Certificate); | 452 DISALLOW_COPY_AND_ASSIGN(X509Certificate); |
470 }; | 453 }; |
471 | 454 |
472 } // namespace net | 455 } // namespace net |
473 | 456 |
474 #endif // NET_CERT_X509_CERTIFICATE_H_ | 457 #endif // NET_CERT_X509_CERTIFICATE_H_ |
OLD | NEW |