Add a new ExtractSubjectPublicKeyFromSPKI method to asn1_utils.

net/base/asn1_util.cc

Index: net/base/asn1_util.cc
diff --git a/net/base/asn1_util.cc b/net/base/asn1_util.cc
index a1e8637f8706a95f0aacdc8ad295e6f785322952..833ec1a1bec48bf8aff77c32208a5b1a82777a08 100644
--- a/net/base/asn1_util.cc
+++ b/net/base/asn1_util.cc
@@ -157,6 +157,34 @@ bool ExtractSPKIFromDERCert(base::StringPiece cert,
   return true;
 }
 
+bool ExtractSubjectPublicKeyFromSPKI(base::StringPiece spki,
+                                     base::StringPiece* spk_out) {
+  // From RFC 5280, Section 4.1
+  //   SubjectPublicKeyInfo  ::=  SEQUENCE  {
+  //     algorithm            AlgorithmIdentifier,
+  //     subjectPublicKey     BIT STRING  }
+  //
+  //   AlgorithmIdentifier  ::=  SEQUENCE  {
+  //     algorithm               OBJECT IDENTIFIER,
+  //     parameters              ANY DEFINED BY algorithm OPTIONAL  }
+
+  // Step into SubjectPublicKeyInfo sequence.
+  base::StringPiece spki_contents;
+  if (!asn1::GetElement(&spki, asn1::kSEQUENCE, &spki_contents))
+    return false;
+
+  // Step over algorithm field (a SEQUENCE).
+  base::StringPiece algorithm;
+  if (!asn1::GetElement(&spki_contents, asn1::kSEQUENCE, &algorithm))
+    return false;
+
+  // Extract the subjectPublicKey field.
+  if (!asn1::GetElement(&spki_contents, asn1::kBITSTRING, spk_out))
+    return false;
+  return true;
+}
+
+
 bool ExtractCRLURLsFromDERCert(base::StringPiece cert,
                                std::vector<base::StringPiece>* urls_out) {
   urls_out->clear();