net/cert/internal/certificate_policies.h - Issue 2872113002: Add parsing code for RFC 5280 PolicyConstraints.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/cert/internal/certificate_policies.h

Issue 2872113002: Add parsing code for RFC 5280 PolicyConstraints. (Closed)

Patch Set: update ios bundle_data Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef NET_CERT_INTERNAL_CERTIFICATE_POLICIES_H_	5 #ifndef NET_CERT_INTERNAL_CERTIFICATE_POLICIES_H_

6 #define NET_CERT_INTERNAL_CERTIFICATE_POLICIES_H_	6 #define NET_CERT_INTERNAL_CERTIFICATE_POLICIES_H_

7	7

	8 #include <stdint.h>

	9

8 #include <vector>	10 #include <vector>

9	11

	12 #include "base/compiler_specific.h"

10 #include "net/base/net_export.h"	13 #include "net/base/net_export.h"

11	14

12 namespace net {	15 namespace net {

13	16

14 namespace der {	17 namespace der {

15 class Input;	18 class Input;

16 } // namespace der	19 } // namespace der

17	20

18 // Returns the DER-encoded OID, without tag or length, of the anyPolicy	21 // Returns the DER-encoded OID, without tag or length, of the anyPolicy

19 // certificate policy defined in RFC 5280 section 4.2.1.4.	22 // certificate policy defined in RFC 5280 section 4.2.1.4.

20 NET_EXPORT const der::Input AnyPolicy();	23 NET_EXPORT const der::Input AnyPolicy();

21	24

22 // Parses a certificatePolicies extension and stores the policy OIDs in	25 // Parses a certificatePolicies extension and stores the policy OIDs in

23 // \|*policies\|, in sorted order. If policyQualifiers are present,	26 // \|*policies\|, in sorted order. If policyQualifiers are present,

24 // they are ignored. (RFC 5280 section 4.2.1.4 says "optional qualifiers, which	27 // they are ignored. (RFC 5280 section 4.2.1.4 says "optional qualifiers, which

25 // MAY be present, are not expected to change the definition of the policy.",	28 // MAY be present, are not expected to change the definition of the policy.",

26 // furthermore policyQualifiers do not affect the success or failure of the	29 // furthermore policyQualifiers do not affect the success or failure of the

27 // section 6 Certification Path Validation algorithm.)	30 // section 6 Certification Path Validation algorithm.)

28 //	31 //

29 // The returned values is only valid as long as \|extension_value\| is.	32 // The returned values is only valid as long as \|extension_value\| is.

30 NET_EXPORT bool ParseCertificatePoliciesExtension(	33 NET_EXPORT bool ParseCertificatePoliciesExtension(

31 const der::Input& extension_value,	34 const der::Input& extension_value,

32 std::vector<der::Input>* policies);	35 std::vector<der::Input>* policies);

33	36

	37 struct ParsedPolicyConstraints {

	38 bool has_require_explicit_policy = false;

	39 uint8_t require_explicit_policy = 0;

	40

	41 bool has_inhibit_policy_mapping = false;

	42 uint8_t inhibit_policy_mapping = 0;

	43 };

	44

	45 // Parses a PolicyConstraints SEQUENCE as defined by RFC 5280. Returns true on

	46 // success, and sets \|out\|.

	47 NET_EXPORT bool ParsePolicyConstraints(const der::Input& policy_constraints_tlv,

	48 ParsedPolicyConstraints* out)

	49 WARN_UNUSED_RESULT;

	50

34 } // namespace net	51 } // namespace net

35	52

36 #endif // NET_CERT_INTERNAL_CERTIFICATE_POLICIES_H_	53 #endif // NET_CERT_INTERNAL_CERTIFICATE_POLICIES_H_

OLD	NEW

« no previous file with comments | « net/BUILD.gn ('k') | net/cert/internal/certificate_policies.cc » ('j') | no next file with comments »