1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_
#define CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_
#include "net/cert/cert_type.h"
#include "net/cert/x509_certificate.h"
// This namespace defines a set of functions to be used in UI-related bits of
// X509 certificates. It decouples the UI from the underlying crypto library
// (currently NSS or OpenSSL - in development).
// This is currently only used by linux, as mac / windows use their own native
// certificate viewers and crypto libraries.
namespace x509_certificate_model {
std::string GetCertNameOrNickname(
net::X509Certificate::OSCertHandle cert_handle);
std::string GetNickname(net::X509Certificate::OSCertHandle cert_handle);
std::string GetTokenName(net::X509Certificate::OSCertHandle cert_handle);
std::string GetVersion(net::X509Certificate::OSCertHandle cert_handle);
net::CertType GetType(net::X509Certificate::OSCertHandle cert_handle);
std::string GetEmailAddress(net::X509Certificate::OSCertHandle cert_handle);
void GetUsageStrings(
net::X509Certificate::OSCertHandle cert_handle,
std::vector<std::string>* usages);
std::string GetKeyUsageString(net::X509Certificate::OSCertHandle cert_handle);
std::string GetSerialNumberHexified(
net::X509Certificate::OSCertHandle cert_handle,
const std::string& alternative_text);
std::string GetIssuerCommonName(
net::X509Certificate::OSCertHandle cert_handle,
const std::string& alternative_text);
std::string GetIssuerOrgName(
net::X509Certificate::OSCertHandle cert_handle,
const std::string& alternative_text);
std::string GetIssuerOrgUnitName(
net::X509Certificate::OSCertHandle cert_handle,
const std::string& alternative_text);
std::string GetSubjectOrgName(
net::X509Certificate::OSCertHandle cert_handle,
const std::string& alternative_text);
std::string GetSubjectOrgUnitName(
net::X509Certificate::OSCertHandle cert_handle,
const std::string& alternative_text);
std::string GetSubjectCommonName(
net::X509Certificate::OSCertHandle cert_handle,
const std::string& alternative_text);
bool GetTimes(net::X509Certificate::OSCertHandle cert_handle,
base::Time* issued, base::Time* expires);
std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle);
std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle);
std::string GetSubjectName(net::X509Certificate::OSCertHandle cert_handle);
void GetEmailAddresses(net::X509Certificate::OSCertHandle cert_handle,
std::vector<std::string>* email_addresses);
void GetNicknameStringsFromCertList(const net::CertificateList& certs,
const std::string& cert_expired,
const std::string& cert_not_yet_valid,
std::vector<std::string>* nick_names);
// Returns the PKCS#11 attribute CKA_ID for a certificate as an upper-case
// hex string, or the empty string if none is found.
std::string GetPkcs11Id(net::X509Certificate::OSCertHandle cert_handle);
struct Extension {
std::string name;
std::string value;
};
typedef std::vector<Extension> Extensions;
void GetExtensions(
const std::string& critical_label,
const std::string& non_critical_label,
net::X509Certificate::OSCertHandle cert_handle,
Extensions* extensions);
// Hash a certificate using the given algorithm, return the result as a
// colon-seperated hex string.
std::string HashCertSHA256(net::X509Certificate::OSCertHandle cert_handle);
std::string HashCertSHA1(net::X509Certificate::OSCertHandle cert_handle);
// For host values, if they contain IDN Punycode-encoded A-labels, this will
// return a string suitable for display that contains both the original and the
// decoded U-label form. Otherwise, the string will be returned as is.
std::string ProcessIDN(const std::string& input);
void GetCertChainFromCert(net::X509Certificate::OSCertHandle cert_handle,
net::X509Certificate::OSCertHandles* cert_handles);
void DestroyCertChain(net::X509Certificate::OSCertHandles* cert_handles);
std::string GetDerString(net::X509Certificate::OSCertHandle cert_handle);
std::string GetCMSString(const net::X509Certificate::OSCertHandles& cert_chain,
size_t start, size_t end);
std::string ProcessSecAlgorithmSignature(
net::X509Certificate::OSCertHandle cert_handle);
std::string ProcessSecAlgorithmSubjectPublicKey(
net::X509Certificate::OSCertHandle cert_handle);
std::string ProcessSecAlgorithmSignatureWrap(
net::X509Certificate::OSCertHandle cert_handle);
std::string ProcessSubjectPublicKeyInfo(
net::X509Certificate::OSCertHandle cert_handle);
std::string ProcessRawBitsSignatureWrap(
net::X509Certificate::OSCertHandle cert_handle);
void RegisterDynamicOids();
// Format a buffer as |hex_separator| separated string, with 16 bytes on each
// line separated using |line_separator|.
std::string ProcessRawBytesWithSeparators(const unsigned char* data,
size_t data_length,
char hex_separator,
char line_separator);
// Format a buffer as a space separated string, with 16 bytes on each line.
std::string ProcessRawBytes(const unsigned char* data,
size_t data_length);
#if defined(USE_NSS)
// Format a buffer as a space separated string, with 16 bytes on each line.
// |data_length| is the length in bits.
std::string ProcessRawBits(const unsigned char* data,
size_t data_length);
#endif // USE_NSS
} // namespace x509_certificate_model
#endif // CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_
|
