OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/asn1_util.h" | 5 #include "net/cert/asn1_util.h" |
6 | 6 |
7 #include "net/der/input.h" | 7 #include "net/der/input.h" |
8 #include "net/der/parser.h" | 8 #include "net/der/parser.h" |
9 | 9 |
10 namespace net { | 10 namespace net { |
(...skipping 322 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
333 // X.509 TLS Feature Extension. | 333 // X.509 TLS Feature Extension. |
334 static const uint8_t kTLSFeatureExtensionOID[] = {0x2B, 0x06, 0x01, 0x05, | 334 static const uint8_t kTLSFeatureExtensionOID[] = {0x2B, 0x06, 0x01, 0x05, |
335 0x05, 0x07, 0x01, 0x18}; | 335 0x05, 0x07, 0x01, 0x18}; |
336 if (oid == der::Input(kTLSFeatureExtensionOID)) | 336 if (oid == der::Input(kTLSFeatureExtensionOID)) |
337 return true; | 337 return true; |
338 } | 338 } |
339 | 339 |
340 return false; | 340 return false; |
341 } | 341 } |
342 | 342 |
| 343 bool ExtractSignatureAlgorithmsFromDERCert( |
| 344 base::StringPiece cert, |
| 345 base::StringPiece* cert_signature_algorithm_sequence, |
| 346 base::StringPiece* tbs_signature_algorithm_sequence) { |
| 347 // From RFC 5280, section 4.1 |
| 348 // Certificate ::= SEQUENCE { |
| 349 // tbsCertificate TBSCertificate, |
| 350 // signatureAlgorithm AlgorithmIdentifier, |
| 351 // signatureValue BIT STRING } |
| 352 |
| 353 // TBSCertificate ::= SEQUENCE { |
| 354 // version [0] EXPLICIT Version DEFAULT v1, |
| 355 // serialNumber CertificateSerialNumber, |
| 356 // signature AlgorithmIdentifier, |
| 357 // issuer Name, |
| 358 // validity Validity, |
| 359 // subject Name, |
| 360 // subjectPublicKeyInfo SubjectPublicKeyInfo, |
| 361 // ... } |
| 362 |
| 363 der::Parser parser((der::Input(cert))); |
| 364 der::Parser certificate; |
| 365 if (!parser.ReadSequence(&certificate)) |
| 366 return false; |
| 367 |
| 368 der::Parser tbs_certificate; |
| 369 if (!certificate.ReadSequence(&tbs_certificate)) |
| 370 return false; |
| 371 |
| 372 bool unused; |
| 373 if (!tbs_certificate.SkipOptionalTag( |
| 374 der::kTagConstructed | der::kTagContextSpecific | 0, &unused)) { |
| 375 return false; |
| 376 } |
| 377 |
| 378 // serialNumber |
| 379 if (!tbs_certificate.SkipTag(der::kInteger)) |
| 380 return false; |
| 381 // signature |
| 382 der::Input tbs_algorithm; |
| 383 if (!tbs_certificate.ReadRawTLV(&tbs_algorithm)) |
| 384 return false; |
| 385 |
| 386 der::Input cert_algorithm; |
| 387 if (!certificate.ReadRawTLV(&cert_algorithm)) |
| 388 return false; |
| 389 |
| 390 *cert_signature_algorithm_sequence = cert_algorithm.AsStringPiece(); |
| 391 *tbs_signature_algorithm_sequence = tbs_algorithm.AsStringPiece(); |
| 392 return true; |
| 393 } |
| 394 |
343 } // namespace asn1 | 395 } // namespace asn1 |
344 | 396 |
345 } // namespace net | 397 } // namespace net |
OLD | NEW |