OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <algorithm> | 5 #include <algorithm> |
6 | 6 |
7 #include "net/cert/internal/certificate_policies.h" | 7 #include "net/cert/internal/certificate_policies.h" |
8 | 8 |
9 #include "net/der/input.h" | 9 #include "net/der/input.h" |
10 #include "net/der/parse_values.h" | 10 #include "net/der/parse_values.h" |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
79 // | 79 // |
80 // id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } | 80 // id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } |
81 // | 81 // |
82 // anyPolicy OBJECT IDENTIFIER ::= { id-ce-certificatePolicies 0 } | 82 // anyPolicy OBJECT IDENTIFIER ::= { id-ce-certificatePolicies 0 } |
83 // | 83 // |
84 // In dotted decimal form: 2.5.29.32.0 | 84 // In dotted decimal form: 2.5.29.32.0 |
85 static const uint8_t any_policy[] = {0x55, 0x1D, 0x20, 0x00}; | 85 static const uint8_t any_policy[] = {0x55, 0x1D, 0x20, 0x00}; |
86 return der::Input(any_policy); | 86 return der::Input(any_policy); |
87 } | 87 } |
88 | 88 |
| 89 der::Input InhibitAnyPolicyOid() { |
| 90 // From RFC 5280: |
| 91 // |
| 92 // id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } |
| 93 // |
| 94 // In dotted notation: 2.5.29.54 |
| 95 static const uint8_t oid[] = {0x55, 0x1d, 0x36}; |
| 96 return der::Input(oid); |
| 97 } |
| 98 |
89 // RFC 5280 section 4.2.1.4. Certificate Policies: | 99 // RFC 5280 section 4.2.1.4. Certificate Policies: |
90 // | 100 // |
91 // certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation | 101 // certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation |
92 // | 102 // |
93 // PolicyInformation ::= SEQUENCE { | 103 // PolicyInformation ::= SEQUENCE { |
94 // policyIdentifier CertPolicyId, | 104 // policyIdentifier CertPolicyId, |
95 // policyQualifiers SEQUENCE SIZE (1..MAX) OF | 105 // policyQualifiers SEQUENCE SIZE (1..MAX) OF |
96 // PolicyQualifierInfo OPTIONAL } | 106 // PolicyQualifierInfo OPTIONAL } |
97 // | 107 // |
98 // CertPolicyId ::= OBJECT IDENTIFIER | 108 // CertPolicyId ::= OBJECT IDENTIFIER |
(...skipping 133 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
232 out->inhibit_policy_mapping = 0; | 242 out->inhibit_policy_mapping = 0; |
233 } | 243 } |
234 | 244 |
235 // There should be no remaining data. | 245 // There should be no remaining data. |
236 if (sequence_parser.HasMore() || parser.HasMore()) | 246 if (sequence_parser.HasMore() || parser.HasMore()) |
237 return false; | 247 return false; |
238 | 248 |
239 return true; | 249 return true; |
240 } | 250 } |
241 | 251 |
| 252 // From RFC 5280: |
| 253 // |
| 254 // InhibitAnyPolicy ::= SkipCerts |
| 255 // |
| 256 // SkipCerts ::= INTEGER (0..MAX) |
| 257 bool ParseInhibitAnyPolicy(const der::Input& inhibit_any_policy_tlv, |
| 258 uint8_t* num_certs) { |
| 259 der::Parser parser(inhibit_any_policy_tlv); |
| 260 |
| 261 // TODO(eroman): Surface reason for failure if length was longer than uint8. |
| 262 if (!parser.ReadUint8(num_certs)) |
| 263 return false; |
| 264 |
| 265 // There should be no remaining data. |
| 266 if (parser.HasMore()) |
| 267 return false; |
| 268 |
| 269 return true; |
| 270 } |
| 271 |
242 } // namespace net | 272 } // namespace net |
OLD | NEW |