// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_ #define CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_ #pragma once #include "net/base/cert_database.h" #include "net/base/cert_type.h" #include "net/base/x509_certificate.h" // This namespace defines a set of functions to be used in UI-related bits of // X509 certificates. It decouples the UI from the underlying crypto library // (currently NSS or OpenSSL - in development). // This is currently only used by linux, as mac / windows use their own native // certificate viewers and crypto libraries. namespace x509_certificate_model { std::string GetCertNameOrNickname( net::X509Certificate::OSCertHandle cert_handle); std::string GetNickname(net::X509Certificate::OSCertHandle cert_handle); std::string GetTokenName(net::X509Certificate::OSCertHandle cert_handle); std::string GetVersion(net::X509Certificate::OSCertHandle cert_handle); net::CertType GetType(net::X509Certificate::OSCertHandle cert_handle); std::string GetEmailAddress(net::X509Certificate::OSCertHandle cert_handle); void GetUsageStrings( net::X509Certificate::OSCertHandle cert_handle, std::vector<std::string>* usages); std::string GetKeyUsageString(net::X509Certificate::OSCertHandle cert_handle); std::string GetSerialNumberHexified( net::X509Certificate::OSCertHandle cert_handle, const std::string& alternative_text); std::string GetIssuerCommonName( net::X509Certificate::OSCertHandle cert_handle, const std::string& alternative_text); std::string GetIssuerOrgName( net::X509Certificate::OSCertHandle cert_handle, const std::string& alternative_text); std::string GetIssuerOrgUnitName( net::X509Certificate::OSCertHandle cert_handle, const std::string& alternative_text); std::string GetSubjectOrgName( net::X509Certificate::OSCertHandle cert_handle, const std::string& alternative_text); std::string GetSubjectOrgUnitName( net::X509Certificate::OSCertHandle cert_handle, const std::string& alternative_text); std::string GetSubjectCommonName( net::X509Certificate::OSCertHandle cert_handle, const std::string& alternative_text); bool GetTimes(net::X509Certificate::OSCertHandle cert_handle, base::Time* issued, base::Time* expires); std::string GetTitle(net::X509Certificate::OSCertHandle cert_handle); std::string GetIssuerName(net::X509Certificate::OSCertHandle cert_handle); std::string GetSubjectName(net::X509Certificate::OSCertHandle cert_handle); void GetEmailAddresses(net::X509Certificate::OSCertHandle cert_handle, std::vector<std::string>* email_addresses); void GetNicknameStringsFromCertList(const net::CertificateList& certs, const std::string& cert_expired, const std::string& cert_not_yet_valid, std::vector<std::string>* nick_names); // Returns the PKCS#11 attribute CKA_ID for a certificate as an upper-case // hex string, or the empty string if none is found. std::string GetPkcs11Id(net::X509Certificate::OSCertHandle cert_handle); struct Extension { std::string name; std::string value; }; typedef std::vector<Extension> Extensions; void GetExtensions( const std::string& critical_label, const std::string& non_critical_label, net::X509Certificate::OSCertHandle cert_handle, Extensions* extensions); // Hash a certificate using the given algorithm, return the result as a // colon-seperated hex string. std::string HashCertSHA256(net::X509Certificate::OSCertHandle cert_handle); std::string HashCertSHA1(net::X509Certificate::OSCertHandle cert_handle); // For host values, if they contain IDN Punycode-encoded A-labels, this will // return a string suitable for display that contains both the original and the // decoded U-label form. Otherwise, the string will be returned as is. std::string ProcessIDN(const std::string& input); void GetCertChainFromCert(net::X509Certificate::OSCertHandle cert_handle, net::X509Certificate::OSCertHandles* cert_handles); void DestroyCertChain(net::X509Certificate::OSCertHandles* cert_handles); std::string GetDerString(net::X509Certificate::OSCertHandle cert_handle); std::string GetCMSString(const net::X509Certificate::OSCertHandles& cert_chain, size_t start, size_t end); std::string ProcessSecAlgorithmSignature( net::X509Certificate::OSCertHandle cert_handle); std::string ProcessSecAlgorithmSubjectPublicKey( net::X509Certificate::OSCertHandle cert_handle); std::string ProcessSecAlgorithmSignatureWrap( net::X509Certificate::OSCertHandle cert_handle); std::string ProcessSubjectPublicKeyInfo( net::X509Certificate::OSCertHandle cert_handle); std::string ProcessRawBitsSignatureWrap( net::X509Certificate::OSCertHandle cert_handle); void RegisterDynamicOids(); // Format a buffer as |hex_separator| separated string, with 16 bytes on each // line separated using |line_separator|. std::string ProcessRawBytesWithSeparators(const unsigned char* data, size_t data_length, char hex_separator, char line_separator); // Format a buffer as a space separated string, with 16 bytes on each line. std::string ProcessRawBytes(const unsigned char* data, size_t data_length); #if defined(USE_NSS) // Format a buffer as a space separated string, with 16 bytes on each line. // |data_length| is the length in bits. std::string ProcessRawBits(const unsigned char* data, size_t data_length); #endif // USE_NSS } // namespace x509_certificate_model #endif // CHROME_COMMON_NET_X509_CERTIFICATE_MODEL_H_