15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2011 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#ifndef CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_ 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_ 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "net/cert/cert_type.h" 9c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "net/cert/x509_certificate.h" 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// This namespace defines a set of functions to be used in UI-related bits of 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// X509 certificates. It decouples the UI from the underlying crypto library 135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// (currently NSS or OpenSSL - in development). 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// This is currently only used by linux, as mac / windows use their own native 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// certificate viewers and crypto libraries. 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace x509_certificate_model { 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetCertNameOrNickname( 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle); 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetNickname(net::X509Certificate::OSCertHandle cert_handle); 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetTokenName(net::X509Certificate::OSCertHandle cert_handle); 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetVersion(net::X509Certificate::OSCertHandle cert_handle); 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)net::CertType GetType(net::X509Certificate::OSCertHandle cert_handle); 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetEmailAddress(net::X509Certificate::OSCertHandle cert_handle); 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void GetUsageStrings( 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle, 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::vector<std::string>* usages); 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetKeyUsageString(net::X509Certificate::OSCertHandle cert_handle); 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetSerialNumberHexified( 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle, 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& alternative_text); 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetIssuerCommonName( 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle, 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& alternative_text); 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetIssuerOrgName( 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle, 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& alternative_text); 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetIssuerOrgUnitName( 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle, 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& alternative_text); 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetSubjectOrgName( 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle, 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& alternative_text); 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetSubjectOrgUnitName( 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle, 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& alternative_text); 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetSubjectCommonName( 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle, 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& alternative_text); 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)bool GetTimes(net::X509Certificate::OSCertHandle cert_handle, 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::Time* issued, base::Time* expires); 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle); 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle); 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetSubjectName(net::X509Certificate::OSCertHandle cert_handle); 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void GetEmailAddresses(net::X509Certificate::OSCertHandle cert_handle, 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::vector<std::string>* email_addresses); 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void GetNicknameStringsFromCertList(const net::CertificateList& certs, 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& cert_expired, 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& cert_not_yet_valid, 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::vector<std::string>* nick_names); 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Returns the PKCS#11 attribute CKA_ID for a certificate as an upper-case 815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// hex string, or the empty string if none is found. 825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetPkcs11Id(net::X509Certificate::OSCertHandle cert_handle); 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)struct Extension { 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string name; 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string value; 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)typedef std::vector<Extension> Extensions; 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void GetExtensions( 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& critical_label, 935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& non_critical_label, 945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle, 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Extensions* extensions); 965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Hash a certificate using the given algorithm, return the result as a 985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// colon-seperated hex string. 995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string HashCertSHA256(net::X509Certificate::OSCertHandle cert_handle); 1005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string HashCertSHA1(net::X509Certificate::OSCertHandle cert_handle); 1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// For host values, if they contain IDN Punycode-encoded A-labels, this will 1035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// return a string suitable for display that contains both the original and the 1045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// decoded U-label form. Otherwise, the string will be returned as is. 1055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string ProcessIDN(const std::string& input); 1065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void GetCertChainFromCert(net::X509Certificate::OSCertHandle cert_handle, 1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandles* cert_handles); 1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void DestroyCertChain(net::X509Certificate::OSCertHandles* cert_handles); 1105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetDerString(net::X509Certificate::OSCertHandle cert_handle); 1125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string GetCMSString(const net::X509Certificate::OSCertHandles& cert_chain, 1135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) size_t start, size_t end); 1145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string ProcessSecAlgorithmSignature( 1165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle); 1175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string ProcessSecAlgorithmSubjectPublicKey( 1185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle); 1195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string ProcessSecAlgorithmSignatureWrap( 1205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle); 1215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string ProcessSubjectPublicKeyInfo( 1235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle); 1245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string ProcessRawBitsSignatureWrap( 1265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::X509Certificate::OSCertHandle cert_handle); 1275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)void RegisterDynamicOids(); 1295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Format a buffer as |hex_separator| separated string, with 16 bytes on each 1315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// line separated using |line_separator|. 1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string ProcessRawBytesWithSeparators(const unsigned char* data, 1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) size_t data_length, 1345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) char hex_separator, 1355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) char line_separator); 1365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Format a buffer as a space separated string, with 16 bytes on each line. 1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string ProcessRawBytes(const unsigned char* data, 1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) size_t data_length); 1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if defined(USE_NSS) 1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Format a buffer as a space separated string, with 16 bytes on each line. 1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// |data_length| is the length in bits. 1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)std::string ProcessRawBits(const unsigned char* data, 1455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) size_t data_length); 1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif // USE_NSS 1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace x509_certificate_model 1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif // CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_ 151