| OLD | NEW |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_CERT_INTERNAL_PARSED_CERTIFICATE_H_ | 5 #ifndef NET_CERT_INTERNAL_PARSED_CERTIFICATE_H_ |
| 6 #define NET_CERT_INTERNAL_PARSED_CERTIFICATE_H_ | 6 #define NET_CERT_INTERNAL_PARSED_CERTIFICATE_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <memory> | 9 #include <memory> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 135 // Returns true if the certificate has a KeyUsage extension. | 135 // Returns true if the certificate has a KeyUsage extension. |
| 136 bool has_key_usage() const { return has_key_usage_; } | 136 bool has_key_usage() const { return has_key_usage_; } |
| 137 | 137 |
| 138 // Returns the KeyUsage BitString. Caller must check | 138 // Returns the KeyUsage BitString. Caller must check |
| 139 // has_key_usage() before accessing this. | 139 // has_key_usage() before accessing this. |
| 140 const der::BitString& key_usage() const { | 140 const der::BitString& key_usage() const { |
| 141 DCHECK(has_key_usage_); | 141 DCHECK(has_key_usage_); |
| 142 return key_usage_; | 142 return key_usage_; |
| 143 } | 143 } |
| 144 | 144 |
| 145 // Returns true if the certificate has a ExtendedKeyUsage extension. |
| 146 bool has_extended_key_usage() const { return has_extended_key_usage_; } |
| 147 |
| 148 // Returns the ExtendedKeyUsage key purpose OIDs. Caller must check |
| 149 // has_extended_key_usage() before accessing this. |
| 150 const std::vector<der::Input>& extended_key_usage() const { |
| 151 DCHECK(has_extended_key_usage_); |
| 152 return extended_key_usage_; |
| 153 } |
| 154 |
| 145 // Returns true if the certificate has a SubjectAltName extension. | 155 // Returns true if the certificate has a SubjectAltName extension. |
| 146 bool has_subject_alt_names() const { return subject_alt_names_ != nullptr; } | 156 bool has_subject_alt_names() const { return subject_alt_names_ != nullptr; } |
| 147 | 157 |
| 148 // Returns the ParsedExtension struct for the SubjectAltName extension. | 158 // Returns the ParsedExtension struct for the SubjectAltName extension. |
| 149 // If the cert did not have a SubjectAltName extension, this will be a | 159 // If the cert did not have a SubjectAltName extension, this will be a |
| 150 // default-initialized ParsedExtension struct. | 160 // default-initialized ParsedExtension struct. |
| 151 const ParsedExtension& subject_alt_names_extension() const { | 161 const ParsedExtension& subject_alt_names_extension() const { |
| 152 return subject_alt_names_extension_; | 162 return subject_alt_names_extension_; |
| 153 } | 163 } |
| 154 | 164 |
| (...skipping 22 matching lines...) Expand all Loading... |
| 177 } | 187 } |
| 178 | 188 |
| 179 // Returns any caIssuers URIs from the AuthorityInfoAccess extension. | 189 // Returns any caIssuers URIs from the AuthorityInfoAccess extension. |
| 180 const std::vector<base::StringPiece>& ca_issuers_uris() const { | 190 const std::vector<base::StringPiece>& ca_issuers_uris() const { |
| 181 return ca_issuers_uris_; | 191 return ca_issuers_uris_; |
| 182 } | 192 } |
| 183 | 193 |
| 184 // Returns any OCSP URIs from the AuthorityInfoAccess extension. | 194 // Returns any OCSP URIs from the AuthorityInfoAccess extension. |
| 185 const std::vector<base::StringPiece>& ocsp_uris() const { return ocsp_uris_; } | 195 const std::vector<base::StringPiece>& ocsp_uris() const { return ocsp_uris_; } |
| 186 | 196 |
| 187 // Returns a map of unhandled extensions (excludes the ones above). | 197 // Returns true if the certificate has a Policies extension. |
| 188 const ExtensionsMap& unparsed_extensions() const { | 198 bool has_policy_oids() const { return has_policy_oids_; } |
| 189 return unparsed_extensions_; | 199 |
| 200 // Returns the policy OIDs. Caller must check has_policy_oids() before |
| 201 // accessing this. |
| 202 const std::vector<der::Input>& policy_oids() const { |
| 203 DCHECK(has_policy_oids()); |
| 204 return policy_oids_; |
| 190 } | 205 } |
| 191 | 206 |
| 207 // Returns a map of all the extensions in the certificate. |
| 208 const ExtensionsMap& extensions() const { return extensions_; } |
| 209 |
| 210 // Gets the value for extension matching |extension_oid|. Returns false if the |
| 211 // extension is not present. |
| 212 bool GetExtension(const der::Input& extension_oid, |
| 213 ParsedExtension* parsed_extension) const; |
| 214 |
| 192 private: | 215 private: |
| 193 friend class base::RefCountedThreadSafe<ParsedCertificate>; | 216 friend class base::RefCountedThreadSafe<ParsedCertificate>; |
| 194 ParsedCertificate(); | 217 ParsedCertificate(); |
| 195 ~ParsedCertificate(); | 218 ~ParsedCertificate(); |
| 196 | 219 |
| 197 // Creates a ParsedCertificate. If |backing_data| is non-null, the | 220 // Creates a ParsedCertificate. If |backing_data| is non-null, the |
| 198 // certificate's DER-encoded data will be referenced from here. Otherwise the | 221 // certificate's DER-encoded data will be referenced from here. Otherwise the |
| 199 // certificate's data will be |static_data|, and the pointer MUST remain | 222 // certificate's data will be |static_data|, and the pointer MUST remain |
| 200 // valid and its data unmodified for the entirety of the program. | 223 // valid and its data unmodified for the entirety of the program. |
| 201 static scoped_refptr<ParsedCertificate> CreateInternal( | 224 static scoped_refptr<ParsedCertificate> CreateInternal( |
| (...skipping 23 matching lines...) Expand all Loading... |
| 225 std::string normalized_issuer_; | 248 std::string normalized_issuer_; |
| 226 | 249 |
| 227 // BasicConstraints extension. | 250 // BasicConstraints extension. |
| 228 bool has_basic_constraints_ = false; | 251 bool has_basic_constraints_ = false; |
| 229 ParsedBasicConstraints basic_constraints_; | 252 ParsedBasicConstraints basic_constraints_; |
| 230 | 253 |
| 231 // KeyUsage extension. | 254 // KeyUsage extension. |
| 232 bool has_key_usage_ = false; | 255 bool has_key_usage_ = false; |
| 233 der::BitString key_usage_; | 256 der::BitString key_usage_; |
| 234 | 257 |
| 258 // ExtendedKeyUsage extension. |
| 259 bool has_extended_key_usage_ = false; |
| 260 std::vector<der::Input> extended_key_usage_; |
| 261 |
| 235 // Raw SubjectAltName extension. | 262 // Raw SubjectAltName extension. |
| 236 ParsedExtension subject_alt_names_extension_; | 263 ParsedExtension subject_alt_names_extension_; |
| 237 // Parsed SubjectAltName extension. | 264 // Parsed SubjectAltName extension. |
| 238 std::unique_ptr<GeneralNames> subject_alt_names_; | 265 std::unique_ptr<GeneralNames> subject_alt_names_; |
| 239 | 266 |
| 240 // NameConstraints extension. | 267 // NameConstraints extension. |
| 241 std::unique_ptr<NameConstraints> name_constraints_; | 268 std::unique_ptr<NameConstraints> name_constraints_; |
| 242 | 269 |
| 243 // AuthorityInfoAccess extension. | 270 // AuthorityInfoAccess extension. |
| 244 bool has_authority_info_access_ = false; | 271 bool has_authority_info_access_ = false; |
| 245 ParsedExtension authority_info_access_extension_; | 272 ParsedExtension authority_info_access_extension_; |
| 246 // CaIssuers and Ocsp URIs parsed from the AuthorityInfoAccess extension. Note | 273 // CaIssuers and Ocsp URIs parsed from the AuthorityInfoAccess extension. Note |
| 247 // that the AuthorityInfoAccess may have contained other AccessDescriptions | 274 // that the AuthorityInfoAccess may have contained other AccessDescriptions |
| 248 // which are not represented here. | 275 // which are not represented here. |
| 249 std::vector<base::StringPiece> ca_issuers_uris_; | 276 std::vector<base::StringPiece> ca_issuers_uris_; |
| 250 std::vector<base::StringPiece> ocsp_uris_; | 277 std::vector<base::StringPiece> ocsp_uris_; |
| 251 | 278 |
| 252 // The remaining extensions (excludes the standard ones above). | 279 // Policies extension. |
| 253 ExtensionsMap unparsed_extensions_; | 280 bool has_policy_oids_ = false; |
| 281 std::vector<der::Input> policy_oids_; |
| 282 |
| 283 // All of the extensions. |
| 284 ExtensionsMap extensions_; |
| 254 | 285 |
| 255 DISALLOW_COPY_AND_ASSIGN(ParsedCertificate); | 286 DISALLOW_COPY_AND_ASSIGN(ParsedCertificate); |
| 256 }; | 287 }; |
| 257 | 288 |
| 258 } // namespace net | 289 } // namespace net |
| 259 | 290 |
| 260 #endif // NET_CERT_INTERNAL_PARSED_CERTIFICATE_H_ | 291 #endif // NET_CERT_INTERNAL_PARSED_CERTIFICATE_H_ |
| OLD | NEW |