blob: e857cada180796b49af047f4fdf13003924b01e2 [file] [log] [blame]
// Copyright 2016 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_TOOLS_TRANSPORT_SECURITY_STATE_GENERATOR_CERT_UTIL_H_
#define NET_TOOLS_TRANSPORT_SECURITY_STATE_GENERATOR_CERT_UTIL_H_
#include <stdint.h>
#include "base/strings/string_piece.h"
#include "third_party/boringssl/src/include/openssl/x509v3.h"
namespace net {
namespace transport_security_state {
class SPKIHash;
} // namespace transport_security_state
} // namespace net
// Decodes the PEM block in |pem_data| and attempts to parse the resulting
// structure. Returns a pointer to a X509 instance if successful and NULL
// otherwise.
bssl::UniquePtr<X509> GetX509CertificateFromPEM(base::StringPiece pem_data);
// Extracts the SubjectPublicKeyInfo from |*certificate| and copies its SHA256
// digest to |*out_hash|. Returns true on success and false on failure.
bool CalculateSPKIHashFromCertificate(
X509* certificate,
net::transport_security_state::SPKIHash* out_hash);
// Extracts the name from |*certificate| and copies the result to |*name|.
// Returns true on success and false on failure.
// On success |*name| will contain the Subject's CommonName if available or the
// concatenation |OrganizationName| + " " + |OrganizationalUnitName| otherwise.
bool ExtractSubjectNameFromCertificate(X509* certificate, std::string* name);
// Decodes the PEM block in |pem_key| and sets |*out_hash| to the SHA256 digest
// of the resulting structure. The encoded PEM block in |pem_key| is expected to
// be a SubjectPublicKeyInfo structure. Returns true on success and false on
// failure.
bool CalculateSPKIHashFromKey(
base::StringPiece pem_key,
net::transport_security_state::SPKIHash* out_hash);
#endif // NET_TOOLS_TRANSPORT_SECURITY_STATE_GENERATOR_CERT_UTIL_H_