Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1242)

Unified Diff: net/cert/internal/certificate_policies.h

Issue 2907523002: Add parsing for RFC 5280's PolicyMappings certificate extension. (Closed)
Patch Set: Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | net/cert/internal/certificate_policies.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/internal/certificate_policies.h
diff --git a/net/cert/internal/certificate_policies.h b/net/cert/internal/certificate_policies.h
index 03041f9884043812f6e15c746378a50663b5580c..ab9af9f40f0f1aa473287d39f6c51f8a5e7e62e6 100644
--- a/net/cert/internal/certificate_policies.h
+++ b/net/cert/internal/certificate_policies.h
@@ -11,13 +11,10 @@
#include "base/compiler_specific.h"
#include "net/base/net_export.h"
+#include "net/der/input.h"
namespace net {
-namespace der {
-class Input;
-} // namespace der
-
// Returns the DER-encoded OID, without tag or length, of the anyPolicy
// certificate policy defined in RFC 5280 section 4.2.1.4.
NET_EXPORT const der::Input AnyPolicy();
@@ -29,6 +26,13 @@ NET_EXPORT const der::Input AnyPolicy();
// In dotted notation: 2.5.29.54
NET_EXPORT der::Input InhibitAnyPolicyOid();
+// From RFC 5280:
+//
+// id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 }
+//
+// In dotted notation: 2.5.29.33
+NET_EXPORT der::Input PolicyMappingsOid();
+
// Parses a certificatePolicies extension and stores the policy OIDs in
// |*policies|, in sorted order. If policyQualifiers are present,
// they are ignored. (RFC 5280 section 4.2.1.4 says "optional qualifiers, which
@@ -56,10 +60,21 @@ NET_EXPORT bool ParsePolicyConstraints(const der::Input& policy_constraints_tlv,
WARN_UNUSED_RESULT;
// Parses an InhibitAnyPolicy as defined by RFC 5280. Returns true on success,
-// and sets |out|.
+// and sets |num_certs|.
NET_EXPORT bool ParseInhibitAnyPolicy(const der::Input& inhibit_any_policy_tlv,
uint8_t* num_certs) WARN_UNUSED_RESULT;
+struct ParsedPolicyMapping {
+ der::Input issuer_domain_policy;
+ der::Input subject_domain_policy;
+};
+
+// Parses a PolicyMappings SEQUENCE as defined by RFC 5280. Returns true on
+// success, and sets |mappings|.
+NET_EXPORT bool ParsePolicyMappings(const der::Input& policy_mappings_tlv,
+ std::vector<ParsedPolicyMapping>* mappings)
+ WARN_UNUSED_RESULT;
+
} // namespace net
#endif // NET_CERT_INTERNAL_CERTIFICATE_POLICIES_H_
« no previous file with comments | « no previous file | net/cert/internal/certificate_policies.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698