1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_ 6 #define CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_ 7 #pragma once 8 9 #include "net/base/cert_database.h" 10 #include "net/base/cert_type.h" 11 #include "net/base/x509_certificate.h" 12 13 // This namespace defines a set of functions to be used in UI-related bits of 14 // X509 certificates. It decouples the UI from the underlying crypto library 15 // (currently NSS or OpenSSL - in development). 16 // This is currently only used by linux, as mac / windows use their own native 17 // certificate viewers and crypto libraries. 18 namespace x509_certificate_model { 19 20 std::string GetCertNameOrNickname( 21 net::X509Certificate::OSCertHandle cert_handle); 22 23 std::string GetNickname(net::X509Certificate::OSCertHandle cert_handle); 24 25 std::string GetTokenName(net::X509Certificate::OSCertHandle cert_handle); 26 27 std::string GetVersion(net::X509Certificate::OSCertHandle cert_handle); 28 29 net::CertType GetType(net::X509Certificate::OSCertHandle cert_handle); 30 31 std::string GetEmailAddress(net::X509Certificate::OSCertHandle cert_handle); 32 33 void GetUsageStrings( 34 net::X509Certificate::OSCertHandle cert_handle, 35 std::vector<std::string>* usages); 36 37 std::string GetKeyUsageString(net::X509Certificate::OSCertHandle cert_handle); 38 39 std::string GetSerialNumberHexified( 40 net::X509Certificate::OSCertHandle cert_handle, 41 const std::string& alternative_text); 42 43 std::string GetIssuerCommonName( 44 net::X509Certificate::OSCertHandle cert_handle, 45 const std::string& alternative_text); 46 47 std::string GetIssuerOrgName( 48 net::X509Certificate::OSCertHandle cert_handle, 49 const std::string& alternative_text); 50 51 std::string GetIssuerOrgUnitName( 52 net::X509Certificate::OSCertHandle cert_handle, 53 const std::string& alternative_text); 54 55 std::string GetSubjectOrgName( 56 net::X509Certificate::OSCertHandle cert_handle, 57 const std::string& alternative_text); 58 59 std::string GetSubjectOrgUnitName( 60 net::X509Certificate::OSCertHandle cert_handle, 61 const std::string& alternative_text); 62 63 std::string GetSubjectCommonName( 64 net::X509Certificate::OSCertHandle cert_handle, 65 const std::string& alternative_text); 66 67 bool GetTimes(net::X509Certificate::OSCertHandle cert_handle, 68 base::Time* issued, base::Time* expires); 69 70 std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle); 71 std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle); 72 std::string GetSubjectName(net::X509Certificate::OSCertHandle cert_handle); 73 74 void GetEmailAddresses(net::X509Certificate::OSCertHandle cert_handle, 75 std::vector<std::string>* email_addresses); 76 77 void GetNicknameStringsFromCertList(const net::CertificateList& certs, 78 const std::string& cert_expired, 79 const std::string& cert_not_yet_valid, 80 std::vector<std::string>* nick_names); 81 82 // Returns the PKCS#11 attribute CKA_ID for a certificate as an upper-case 83 // hex string, or the empty string if none is found. 84 std::string GetPkcs11Id(net::X509Certificate::OSCertHandle cert_handle); 85 86 struct Extension { 87 std::string name; 88 std::string value; 89 }; 90 91 typedef std::vector<Extension> Extensions; 92 93 void GetExtensions( 94 const std::string& critical_label, 95 const std::string& non_critical_label, 96 net::X509Certificate::OSCertHandle cert_handle, 97 Extensions* extensions); 98 99 // Hash a certificate using the given algorithm, return the result as a 100 // colon-seperated hex string. 101 std::string HashCertSHA256(net::X509Certificate::OSCertHandle cert_handle); 102 std::string HashCertSHA1(net::X509Certificate::OSCertHandle cert_handle); 103 104 // For host values, if they contain IDN Punycode-encoded A-labels, this will 105 // return a string suitable for display that contains both the original and the 106 // decoded U-label form. Otherwise, the string will be returned as is. 107 std::string ProcessIDN(const std::string& input); 108 109 void GetCertChainFromCert(net::X509Certificate::OSCertHandle cert_handle, 110 net::X509Certificate::OSCertHandles* cert_handles); 111 void DestroyCertChain(net::X509Certificate::OSCertHandles* cert_handles); 112 113 std::string GetDerString(net::X509Certificate::OSCertHandle cert_handle); 114 std::string GetCMSString(const net::X509Certificate::OSCertHandles& cert_chain, 115 size_t start, size_t end); 116 117 std::string ProcessSecAlgorithmSignature( 118 net::X509Certificate::OSCertHandle cert_handle); 119 std::string ProcessSecAlgorithmSubjectPublicKey( 120 net::X509Certificate::OSCertHandle cert_handle); 121 std::string ProcessSecAlgorithmSignatureWrap( 122 net::X509Certificate::OSCertHandle cert_handle); 123 124 std::string ProcessSubjectPublicKeyInfo( 125 net::X509Certificate::OSCertHandle cert_handle); 126 127 std::string ProcessRawBitsSignatureWrap( 128 net::X509Certificate::OSCertHandle cert_handle); 129 130 void RegisterDynamicOids(); 131 132 // Format a buffer as |hex_separator| separated string, with 16 bytes on each 133 // line separated using |line_separator|. 134 std::string ProcessRawBytesWithSeparators(const unsigned char* data, 135 size_t data_length, 136 char hex_separator, 137 char line_separator); 138 139 // Format a buffer as a space separated string, with 16 bytes on each line. 140 std::string ProcessRawBytes(const unsigned char* data, 141 size_t data_length); 142 143 #if defined(USE_NSS) 144 // Format a buffer as a space separated string, with 16 bytes on each line. 145 // |data_length| is the length in bits. 146 std::string ProcessRawBits(const unsigned char* data, 147 size_t data_length); 148 #endif // USE_NSS 149 150 } // namespace x509_certificate_model 151 152 #endif // CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_ 153
