OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_BASE_X509_UTIL_NSS_H_ | 5 #ifndef NET_BASE_X509_UTIL_NSS_H_ |
6 #define NET_BASE_X509_UTIL_NSS_H_ | 6 #define NET_BASE_X509_UTIL_NSS_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
| 9 #include <vector> |
9 | 10 |
10 #include "base/time.h" | 11 #include "base/time.h" |
| 12 #include "net/base/x509_certificate.h" |
| 13 |
| 14 class PickleIterator; |
11 | 15 |
12 typedef struct CERTCertificateStr CERTCertificate; | 16 typedef struct CERTCertificateStr CERTCertificate; |
| 17 typedef struct CERTNameStr CERTName; |
13 typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey; | 18 typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey; |
| 19 typedef struct SECItemStr SECItem; |
14 typedef struct SECKEYPublicKeyStr SECKEYPublicKey; | 20 typedef struct SECKEYPublicKeyStr SECKEYPublicKey; |
15 | 21 |
16 | |
17 namespace net { | 22 namespace net { |
18 | 23 |
19 namespace x509_util { | 24 namespace x509_util { |
20 | 25 |
21 // Creates a self-signed certificate containing |public_key|. Subject, serial | 26 // Creates a self-signed certificate containing |public_key|. Subject, serial |
22 // number and validity period are given as parameters. The certificate is | 27 // number and validity period are given as parameters. The certificate is |
23 // signed by |private_key|. The hashing algorithm for the signature is SHA-1. | 28 // signed by |private_key|. The hashing algorithm for the signature is SHA-1. |
24 // |subject| is a distinguished name defined in RFC4514. | 29 // |subject| is a distinguished name defined in RFC4514. |
25 CERTCertificate* CreateSelfSignedCert( | 30 CERTCertificate* CreateSelfSignedCert( |
26 SECKEYPublicKey* public_key, | 31 SECKEYPublicKey* public_key, |
27 SECKEYPrivateKey* private_key, | 32 SECKEYPrivateKey* private_key, |
28 const std::string& subject, | 33 const std::string& subject, |
29 uint32 serial_number, | 34 uint32 serial_number, |
30 base::Time not_valid_before, | 35 base::Time not_valid_before, |
31 base::Time not_valid_after); | 36 base::Time not_valid_after); |
32 | 37 |
| 38 #if defined(USE_NSS) || defined(OS_IOS) |
| 39 // Parses the Principal attribute from |name| and outputs the result in |
| 40 // |principal|. |
| 41 void ParsePrincipal(CERTName* name, |
| 42 CertPrincipal* principal); |
| 43 |
| 44 // Parses the date from |der_date| and outputs the result in |result|. |
| 45 void ParseDate(const SECItem* der_date, base::Time* result); |
| 46 |
| 47 // Parses the serial number from |certificate|. |
| 48 std::string ParseSerialNumber(const CERTCertificate* certificate); |
| 49 |
| 50 // Gets the subjectAltName extension field from the certificate, if any. |
| 51 void GetSubjectAltName(CERTCertificate* cert_handle, |
| 52 std::vector<std::string>* dns_names, |
| 53 std::vector<std::string>* ip_addrs); |
| 54 |
| 55 // Creates all possible OS certificate handles from |data| encoded in a specific |
| 56 // |format|. Returns an empty collection on failure. |
| 57 X509Certificate::OSCertHandles CreateOSCertHandlesFromBytes( |
| 58 const char* data, |
| 59 int length, |
| 60 X509Certificate::Format format); |
| 61 |
| 62 // Reads a single certificate from |pickle_iter| and returns a platform-specific |
| 63 // certificate handle. Returns an invalid handle, NULL, on failure. |
| 64 X509Certificate::OSCertHandle ReadOSCertHandleFromPickle( |
| 65 PickleIterator* pickle_iter); |
| 66 |
| 67 // Sets |*size_bits| to be the length of the public key in bits, and sets |
| 68 // |*type| to one of the |PublicKeyType| values. In case of |
| 69 // |kPublicKeyTypeUnknown|, |*size_bits| will be set to 0. |
| 70 void GetPublicKeyInfo(CERTCertificate* handle, |
| 71 size_t* size_bits, |
| 72 X509Certificate::PublicKeyType* type); |
| 73 #endif // defined(USE_NSS) || defined(OS_IOS) |
| 74 |
33 } // namespace x509_util | 75 } // namespace x509_util |
34 | 76 |
35 } // namespace net | 77 } // namespace net |
36 | 78 |
37 #endif // NET_BASE_X509_UTIL_NSS_H_ | 79 #endif // NET_BASE_X509_UTIL_NSS_H_ |
OLD | NEW |