1// Copyright (c) 2011 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_
6#define CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_
7
8#include "net/cert/cert_type.h"
9#include "net/cert/x509_certificate.h"
10
11// This namespace defines a set of functions to be used in UI-related bits of
12// X509 certificates. It decouples the UI from the underlying crypto library
13// (currently NSS or OpenSSL - in development).
14// This is currently only used by linux, as mac / windows use their own native
15// certificate viewers and crypto libraries.
16namespace x509_certificate_model {
17
18std::string GetCertNameOrNickname(
19    net::X509Certificate::OSCertHandle cert_handle);
20
21std::string GetTokenName(net::X509Certificate::OSCertHandle cert_handle);
22
23std::string GetVersion(net::X509Certificate::OSCertHandle cert_handle);
24
25net::CertType GetType(net::X509Certificate::OSCertHandle cert_handle);
26
27void GetUsageStrings(
28    net::X509Certificate::OSCertHandle cert_handle,
29    std::vector<std::string>* usages);
30
31std::string GetSerialNumberHexified(
32    net::X509Certificate::OSCertHandle cert_handle,
33    const std::string& alternative_text);
34
35std::string GetIssuerCommonName(
36    net::X509Certificate::OSCertHandle cert_handle,
37    const std::string& alternative_text);
38
39std::string GetIssuerOrgName(
40    net::X509Certificate::OSCertHandle cert_handle,
41    const std::string& alternative_text);
42
43std::string GetIssuerOrgUnitName(
44    net::X509Certificate::OSCertHandle cert_handle,
45    const std::string& alternative_text);
46
47std::string GetSubjectOrgName(
48    net::X509Certificate::OSCertHandle cert_handle,
49    const std::string& alternative_text);
50
51std::string GetSubjectOrgUnitName(
52    net::X509Certificate::OSCertHandle cert_handle,
53    const std::string& alternative_text);
54
55std::string GetSubjectCommonName(
56    net::X509Certificate::OSCertHandle cert_handle,
57    const std::string& alternative_text);
58
59bool GetTimes(net::X509Certificate::OSCertHandle cert_handle,
60              base::Time* issued, base::Time* expires);
61
62std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle);
63std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle);
64std::string GetSubjectName(net::X509Certificate::OSCertHandle cert_handle);
65
66struct Extension {
67  std::string name;
68  std::string value;
69};
70
71typedef std::vector<Extension> Extensions;
72
73void GetExtensions(
74    const std::string& critical_label,
75    const std::string& non_critical_label,
76    net::X509Certificate::OSCertHandle cert_handle,
77    Extensions* extensions);
78
79// Hash a certificate using the given algorithm, return the result as a
80// colon-seperated hex string.
81std::string HashCertSHA256(net::X509Certificate::OSCertHandle cert_handle);
82std::string HashCertSHA1(net::X509Certificate::OSCertHandle cert_handle);
83
84// For host values, if they contain IDN Punycode-encoded A-labels, this will
85// return a string suitable for display that contains both the original and the
86// decoded U-label form.  Otherwise, the string will be returned as is.
87std::string ProcessIDN(const std::string& input);
88
89std::string GetCMSString(const net::X509Certificate::OSCertHandles& cert_chain,
90                         size_t start, size_t end);
91
92std::string ProcessSecAlgorithmSignature(
93    net::X509Certificate::OSCertHandle cert_handle);
94std::string ProcessSecAlgorithmSubjectPublicKey(
95    net::X509Certificate::OSCertHandle cert_handle);
96std::string ProcessSecAlgorithmSignatureWrap(
97    net::X509Certificate::OSCertHandle cert_handle);
98
99std::string ProcessSubjectPublicKeyInfo(
100    net::X509Certificate::OSCertHandle cert_handle);
101
102std::string ProcessRawBitsSignatureWrap(
103    net::X509Certificate::OSCertHandle cert_handle);
104
105// Format a buffer as |hex_separator| separated string, with 16 bytes on each
106// line separated using |line_separator|.
107std::string ProcessRawBytesWithSeparators(const unsigned char* data,
108                                          size_t data_length,
109                                          char hex_separator,
110                                          char line_separator);
111
112// Format a buffer as a space separated string, with 16 bytes on each line.
113std::string ProcessRawBytes(const unsigned char* data,
114                            size_t data_length);
115
116#if defined(USE_NSS)
117// Format a buffer as a space separated string, with 16 bytes on each line.
118// |data_length| is the length in bits.
119std::string ProcessRawBits(const unsigned char* data,
120                           size_t data_length);
121#endif  // USE_NSS
122
123}  // namespace x509_certificate_model
124
125#endif  // CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_
126