1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_ 6 #define CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_ 7 8 #include "net/cert/cert_type.h" 9 #include "net/cert/x509_certificate.h" 10 11 // This namespace defines a set of functions to be used in UI-related bits of 12 // X509 certificates. It decouples the UI from the underlying crypto library 13 // (currently NSS or OpenSSL - in development). 14 // This is currently only used by linux, as mac / windows use their own native 15 // certificate viewers and crypto libraries. 16 namespace x509_certificate_model { 17 18 std::string GetCertNameOrNickname( 19 net::X509Certificate::OSCertHandle cert_handle); 20 21 std::string GetNickname(net::X509Certificate::OSCertHandle cert_handle); 22 23 std::string GetTokenName(net::X509Certificate::OSCertHandle cert_handle); 24 25 std::string GetVersion(net::X509Certificate::OSCertHandle cert_handle); 26 27 net::CertType GetType(net::X509Certificate::OSCertHandle cert_handle); 28 29 std::string GetEmailAddress(net::X509Certificate::OSCertHandle cert_handle); 30 31 void GetUsageStrings( 32 net::X509Certificate::OSCertHandle cert_handle, 33 std::vector<std::string>* usages); 34 35 std::string GetKeyUsageString(net::X509Certificate::OSCertHandle cert_handle); 36 37 std::string GetSerialNumberHexified( 38 net::X509Certificate::OSCertHandle cert_handle, 39 const std::string& alternative_text); 40 41 std::string GetIssuerCommonName( 42 net::X509Certificate::OSCertHandle cert_handle, 43 const std::string& alternative_text); 44 45 std::string GetIssuerOrgName( 46 net::X509Certificate::OSCertHandle cert_handle, 47 const std::string& alternative_text); 48 49 std::string GetIssuerOrgUnitName( 50 net::X509Certificate::OSCertHandle cert_handle, 51 const std::string& alternative_text); 52 53 std::string GetSubjectOrgName( 54 net::X509Certificate::OSCertHandle cert_handle, 55 const std::string& alternative_text); 56 57 std::string GetSubjectOrgUnitName( 58 net::X509Certificate::OSCertHandle cert_handle, 59 const std::string& alternative_text); 60 61 std::string GetSubjectCommonName( 62 net::X509Certificate::OSCertHandle cert_handle, 63 const std::string& alternative_text); 64 65 bool GetTimes(net::X509Certificate::OSCertHandle cert_handle, 66 base::Time* issued, base::Time* expires); 67 68 std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle); 69 std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle); 70 std::string GetSubjectName(net::X509Certificate::OSCertHandle cert_handle); 71 72 void GetEmailAddresses(net::X509Certificate::OSCertHandle cert_handle, 73 std::vector<std::string>* email_addresses); 74 75 void GetNicknameStringsFromCertList(const net::CertificateList& certs, 76 const std::string& cert_expired, 77 const std::string& cert_not_yet_valid, 78 std::vector<std::string>* nick_names); 79 80 // Returns the PKCS#11 attribute CKA_ID for a certificate as an upper-case 81 // hex string, or the empty string if none is found. 82 std::string GetPkcs11Id(net::X509Certificate::OSCertHandle cert_handle); 83 84 struct Extension { 85 std::string name; 86 std::string value; 87 }; 88 89 typedef std::vector<Extension> Extensions; 90 91 void GetExtensions( 92 const std::string& critical_label, 93 const std::string& non_critical_label, 94 net::X509Certificate::OSCertHandle cert_handle, 95 Extensions* extensions); 96 97 // Hash a certificate using the given algorithm, return the result as a 98 // colon-seperated hex string. 99 std::string HashCertSHA256(net::X509Certificate::OSCertHandle cert_handle); 100 std::string HashCertSHA1(net::X509Certificate::OSCertHandle cert_handle); 101 102 // For host values, if they contain IDN Punycode-encoded A-labels, this will 103 // return a string suitable for display that contains both the original and the 104 // decoded U-label form. Otherwise, the string will be returned as is. 105 std::string ProcessIDN(const std::string& input); 106 107 void GetCertChainFromCert(net::X509Certificate::OSCertHandle cert_handle, 108 net::X509Certificate::OSCertHandles* cert_handles); 109 void DestroyCertChain(net::X509Certificate::OSCertHandles* cert_handles); 110 111 std::string GetDerString(net::X509Certificate::OSCertHandle cert_handle); 112 std::string GetCMSString(const net::X509Certificate::OSCertHandles& cert_chain, 113 size_t start, size_t end); 114 115 std::string ProcessSecAlgorithmSignature( 116 net::X509Certificate::OSCertHandle cert_handle); 117 std::string ProcessSecAlgorithmSubjectPublicKey( 118 net::X509Certificate::OSCertHandle cert_handle); 119 std::string ProcessSecAlgorithmSignatureWrap( 120 net::X509Certificate::OSCertHandle cert_handle); 121 122 std::string ProcessSubjectPublicKeyInfo( 123 net::X509Certificate::OSCertHandle cert_handle); 124 125 std::string ProcessRawBitsSignatureWrap( 126 net::X509Certificate::OSCertHandle cert_handle); 127 128 void RegisterDynamicOids(); 129 130 // Format a buffer as |hex_separator| separated string, with 16 bytes on each 131 // line separated using |line_separator|. 132 std::string ProcessRawBytesWithSeparators(const unsigned char* data, 133 size_t data_length, 134 char hex_separator, 135 char line_separator); 136 137 // Format a buffer as a space separated string, with 16 bytes on each line. 138 std::string ProcessRawBytes(const unsigned char* data, 139 size_t data_length); 140 141 #if defined(USE_NSS) 142 // Format a buffer as a space separated string, with 16 bytes on each line. 143 // |data_length| is the length in bits. 144 std::string ProcessRawBits(const unsigned char* data, 145 size_t data_length); 146 #endif // USE_NSS 147 148 } // namespace x509_certificate_model 149 150 #endif // CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_ 151
