Add include.
[chromium-blink-merge.git] / net / cert / x509_cert_types.h
blob4e9340a4c0d8d6195f7ad26d5c4000d3710ed6e4
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_CERT_X509_CERT_TYPES_H_
6 #define NET_CERT_X509_CERT_TYPES_H_
8 #include <string.h>
10 #include <map>
11 #include <set>
12 #include <string>
13 #include <vector>
15 #include "base/logging.h"
16 #include "base/strings/string_piece.h"
17 #include "build/build_config.h"
18 #include "net/base/hash_value.h"
19 #include "net/base/net_export.h"
20 #include "net/cert/cert_status_flags.h"
22 #if defined(OS_MACOSX) && !defined(OS_IOS)
23 #include <Security/x509defs.h>
24 #endif
26 namespace base {
27 class Time;
28 } // namespace base
30 namespace net {
32 class X509Certificate;
34 // CertPrincipal represents the issuer or subject field of an X.509 certificate.
35 struct NET_EXPORT CertPrincipal {
36 CertPrincipal();
37 explicit CertPrincipal(const std::string& name);
38 ~CertPrincipal();
40 #if (defined(OS_MACOSX) && !defined(OS_IOS)) || defined(OS_WIN)
41 // Parses a BER-format DistinguishedName.
42 bool ParseDistinguishedName(const void* ber_name_data, size_t length);
43 #endif
45 #if defined(OS_MACOSX) && !defined(OS_IOS)
46 // Compare this CertPrincipal with |against|, returning true if they're
47 // equal enough to be a possible match. This should NOT be used for any
48 // security relevant decisions.
49 // TODO(rsleevi): Remove once Mac client auth uses NSS for name comparison.
50 bool Matches(const CertPrincipal& against) const;
51 #endif
53 // Returns a name that can be used to represent the issuer. It tries in this
54 // order: CN, O and OU and returns the first non-empty one found.
55 std::string GetDisplayName() const;
57 // The different attributes for a principal, stored in UTF-8. They may be "".
58 // Note that some of them can have several values.
60 std::string common_name;
61 std::string locality_name;
62 std::string state_or_province_name;
63 std::string country_name;
65 std::vector<std::string> street_addresses;
66 std::vector<std::string> organization_names;
67 std::vector<std::string> organization_unit_names;
68 std::vector<std::string> domain_components;
71 #if defined(OS_MACOSX) && !defined(OS_IOS)
72 // Compares two OIDs by value.
73 inline bool CSSMOIDEqual(const CSSM_OID* oid1, const CSSM_OID* oid2) {
74 return oid1->Length == oid2->Length &&
75 (memcmp(oid1->Data, oid2->Data, oid1->Length) == 0);
77 #endif
79 // A list of ASN.1 date/time formats that ParseCertificateDate() supports,
80 // encoded in the canonical forms specified in RFC 2459/3280/5280.
81 enum CertDateFormat {
82 // UTCTime: Format is YYMMDDHHMMSSZ
83 CERT_DATE_FORMAT_UTC_TIME,
85 // GeneralizedTime: Format is YYYYMMDDHHMMSSZ
86 CERT_DATE_FORMAT_GENERALIZED_TIME,
89 // Attempts to parse |raw_date|, an ASN.1 date/time string encoded as
90 // |format|, and writes the result into |*time|. If an invalid date is
91 // specified, or if parsing fails, returns false, and |*time| will not be
92 // updated.
93 NET_EXPORT_PRIVATE bool ParseCertificateDate(const base::StringPiece& raw_date,
94 CertDateFormat format,
95 base::Time* time);
96 } // namespace net
98 #endif // NET_CERT_X509_CERT_TYPES_H_