1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/common/net/x509_certificate_model.h"
7 #include <openssl/obj_mac.h>
8 #include <openssl/sha.h>
9 #include <openssl/x509v3.h>
11 #include "base/logging.h"
12 #include "base/strings/string_number_conversions.h"
13 #include "net/cert/x509_util_openssl.h"
15 namespace x509_util
= net::x509_util
;
19 std::string
AlternativeWhenEmpty(const std::string
& text
,
20 const std::string
& alternative
) {
21 return text
.empty() ? alternative
: text
;
24 std::string
GetKeyValuesFromName(X509_NAME
* name
) {
26 int rdns
= X509_NAME_entry_count(name
) - 1;
27 for (int i
= rdns
; i
>= 0; --i
) {
30 if (!x509_util::ParsePrincipalKeyAndValueByIndex(name
, i
, &key
, &value
))
42 namespace x509_certificate_model
{
44 using net::X509Certificate
;
46 std::string
GetCertNameOrNickname(X509Certificate::OSCertHandle cert_handle
) {
47 // TODO(bulach): implement me.
51 std::string
GetNickname(X509Certificate::OSCertHandle cert_handle
) {
52 // TODO(jamescook): implement me.
56 std::string
GetTokenName(X509Certificate::OSCertHandle cert_handle
) {
57 // TODO(bulach): implement me.
61 std::string
GetVersion(net::X509Certificate::OSCertHandle cert_handle
) {
62 unsigned long version
= X509_get_version(cert_handle
);
63 if (version
!= ULONG_MAX
)
64 return base::UintToString(version
+ 1);
68 net::CertType
GetType(X509Certificate::OSCertHandle os_cert
) {
69 // TODO(bulach): implement me.
70 return net::OTHER_CERT
;
73 std::string
GetEmailAddress(X509Certificate::OSCertHandle os_cert
) {
74 // TODO(bulach): implement me.
78 void GetUsageStrings(X509Certificate::OSCertHandle cert_handle
,
79 std::vector
<std::string
>* usages
) {
80 // TODO(bulach): implement me.
83 std::string
GetKeyUsageString(X509Certificate::OSCertHandle cert_handle
) {
84 // TODO(bulach): implement me.
88 std::string
GetSerialNumberHexified(
89 X509Certificate::OSCertHandle cert_handle
,
90 const std::string
& alternative_text
) {
91 ASN1_INTEGER
* num
= X509_get_serialNumber(cert_handle
);
92 const char kSerialNumberSeparator
= ':';
93 std::string hex_string
= ProcessRawBytesWithSeparators(
94 num
->data
, num
->length
, kSerialNumberSeparator
, kSerialNumberSeparator
);
95 return AlternativeWhenEmpty(hex_string
, alternative_text
);
98 std::string
GetIssuerCommonName(
99 X509Certificate::OSCertHandle cert_handle
,
100 const std::string
& alternative_text
) {
102 x509_util::ParsePrincipalValueByNID(X509_get_issuer_name(cert_handle
),
103 NID_commonName
, &ret
);
104 return AlternativeWhenEmpty(ret
, alternative_text
);
107 std::string
GetIssuerOrgName(
108 X509Certificate::OSCertHandle cert_handle
,
109 const std::string
& alternative_text
) {
111 x509_util::ParsePrincipalValueByNID(X509_get_issuer_name(cert_handle
),
112 NID_organizationName
, &ret
);
113 return AlternativeWhenEmpty(ret
, alternative_text
);
116 std::string
GetIssuerOrgUnitName(
117 X509Certificate::OSCertHandle cert_handle
,
118 const std::string
& alternative_text
) {
120 x509_util::ParsePrincipalValueByNID(X509_get_issuer_name(cert_handle
),
121 NID_organizationalUnitName
, &ret
);
122 return AlternativeWhenEmpty(ret
, alternative_text
);
125 std::string
GetSubjectOrgName(
126 X509Certificate::OSCertHandle cert_handle
,
127 const std::string
& alternative_text
) {
129 x509_util::ParsePrincipalValueByNID(X509_get_subject_name(cert_handle
),
130 NID_organizationName
, &ret
);
131 return AlternativeWhenEmpty(ret
, alternative_text
);
134 std::string
GetSubjectOrgUnitName(
135 X509Certificate::OSCertHandle cert_handle
,
136 const std::string
& alternative_text
) {
138 x509_util::ParsePrincipalValueByNID(X509_get_subject_name(cert_handle
),
139 NID_organizationalUnitName
, &ret
);
140 return AlternativeWhenEmpty(ret
, alternative_text
);
143 std::string
GetSubjectCommonName(X509Certificate::OSCertHandle cert_handle
,
144 const std::string
& alternative_text
) {
146 x509_util::ParsePrincipalValueByNID(X509_get_subject_name(cert_handle
),
147 NID_commonName
, &ret
);
148 return AlternativeWhenEmpty(ret
, alternative_text
);
151 bool GetTimes(X509Certificate::OSCertHandle cert_handle
,
152 base::Time
* issued
, base::Time
* expires
) {
153 return x509_util::ParseDate(X509_get_notBefore(cert_handle
), issued
) &&
154 x509_util::ParseDate(X509_get_notAfter(cert_handle
), expires
);
157 std::string
GetTitle(net::X509Certificate::OSCertHandle cert_handle
) {
158 // TODO(bulach): implement me.
162 std::string
GetIssuerName(net::X509Certificate::OSCertHandle cert_handle
) {
163 return GetKeyValuesFromName(X509_get_issuer_name(cert_handle
));
166 std::string
GetSubjectName(net::X509Certificate::OSCertHandle cert_handle
) {
167 return GetKeyValuesFromName(X509_get_subject_name(cert_handle
));
170 void GetEmailAddresses(net::X509Certificate::OSCertHandle cert_handle
,
171 std::vector
<std::string
>* email_addresses
) {
172 // TODO(bulach): implement me.
175 void GetNicknameStringsFromCertList(
176 const std::vector
<scoped_refptr
<net::X509Certificate
> >& certs
,
177 const std::string
& cert_expired
,
178 const std::string
& cert_not_yet_valid
,
179 std::vector
<std::string
>* nick_names
) {
180 // TODO(bulach): implement me.
183 std::string
GetPkcs11Id(net::X509Certificate::OSCertHandle cert_handle
) {
184 // TODO(jamescook): implement me.
189 const std::string
& critical_label
,
190 const std::string
& non_critical_label
,
191 net::X509Certificate::OSCertHandle cert_handle
,
192 Extensions
* extensions
) {
193 // TODO(bulach): implement me.
196 std::string
HashCertSHA256(net::X509Certificate::OSCertHandle cert_handle
) {
197 unsigned char sha256_data
[SHA256_DIGEST_LENGTH
] = {0};
198 unsigned int sha256_size
= sizeof(sha256_data
);
199 int ret
= X509_digest(cert_handle
, EVP_sha256(), sha256_data
, &sha256_size
);
201 DCHECK_EQ(sha256_size
, sizeof(sha256_data
));
202 return ProcessRawBytes(sha256_data
, sha256_size
);
205 std::string
HashCertSHA1(net::X509Certificate::OSCertHandle cert_handle
) {
206 unsigned char sha1_data
[SHA_DIGEST_LENGTH
] = {0};
207 unsigned int sha1_size
= sizeof(sha1_data
);
208 int ret
= X509_digest(cert_handle
, EVP_sha1(), sha1_data
, &sha1_size
);
210 DCHECK_EQ(sha1_size
, sizeof(sha1_data
));
211 return ProcessRawBytes(sha1_data
, sha1_size
);
214 void GetCertChainFromCert(net::X509Certificate::OSCertHandle cert_handle
,
215 net::X509Certificate::OSCertHandles
* cert_handles
) {
216 // TODO(bulach): how to get the chain out of a certificate?
217 cert_handles
->push_back(net::X509Certificate::DupOSCertHandle(cert_handle
));
220 void DestroyCertChain(net::X509Certificate::OSCertHandles
* cert_handles
) {
221 for (net::X509Certificate::OSCertHandles::iterator i
= cert_handles
->begin();
222 i
!= cert_handles
->end(); ++i
)
224 cert_handles
->clear();
227 std::string
GetDerString(net::X509Certificate::OSCertHandle cert_handle
) {
228 // TODO(bulach): implement me.
232 std::string
GetCMSString(const net::X509Certificate::OSCertHandles
& cert_chain
,
233 size_t start
, size_t end
) {
234 // TODO(bulach): implement me.
238 std::string
ProcessSecAlgorithmSignature(
239 net::X509Certificate::OSCertHandle cert_handle
) {
240 // TODO(bulach): implement me.
244 std::string
ProcessSecAlgorithmSubjectPublicKey(
245 net::X509Certificate::OSCertHandle cert_handle
) {
246 // TODO(bulach): implement me.
250 std::string
ProcessSecAlgorithmSignatureWrap(
251 net::X509Certificate::OSCertHandle cert_handle
) {
252 // TODO(bulach): implement me.
256 std::string
ProcessSubjectPublicKeyInfo(
257 net::X509Certificate::OSCertHandle cert_handle
) {
258 // TODO(bulach): implement me.
262 std::string
ProcessRawBitsSignatureWrap(
263 net::X509Certificate::OSCertHandle cert_handle
) {
264 // TODO(bulach): implement me.
268 void RegisterDynamicOids() {
271 } // namespace x509_certificate_model
