1 // Copyright 2016 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_TOOLS_TRANSPORT_SECURITY_STATE_GENERATOR_CERT_UTIL_H_ 6 #define NET_TOOLS_TRANSPORT_SECURITY_STATE_GENERATOR_CERT_UTIL_H_ 7 8 #include <stdint.h> 9 10 #include "base/strings/string_piece.h" 11 #include "third_party/boringssl/src/include/openssl/x509v3.h" 12 13 namespace net::transport_security_state { 14 class SPKIHash; 15 } // namespace net::transport_security_state 16 17 // Decodes the PEM block in |pem_data| and attempts to parse the resulting 18 // structure. Returns a pointer to a X509 instance if successful and NULL 19 // otherwise. 20 bssl::UniquePtr<X509> GetX509CertificateFromPEM(base::StringPiece pem_data); 21 22 // Extracts the SubjectPublicKeyInfo from |*certificate| and copies its SHA256 23 // digest to |*out_hash|. Returns true on success and false on failure. 24 bool CalculateSPKIHashFromCertificate( 25 X509* certificate, 26 net::transport_security_state::SPKIHash* out_hash); 27 28 // Extracts the name from |*certificate| and copies the result to |*name|. 29 // Returns true on success and false on failure. 30 // On success |*name| will contain the Subject's CommonName if available or the 31 // concatenation |OrganizationName| + " " + |OrganizationalUnitName| otherwise. 32 bool ExtractSubjectNameFromCertificate(X509* certificate, std::string* name); 33 34 // Decodes the PEM block in |pem_key| and sets |*out_hash| to the SHA256 digest 35 // of the resulting structure. The encoded PEM block in |pem_key| is expected to 36 // be a SubjectPublicKeyInfo structure. Returns true on success and false on 37 // failure. 38 bool CalculateSPKIHashFromKey( 39 base::StringPiece pem_key, 40 net::transport_security_state::SPKIHash* out_hash); 41 42 #endif // NET_TOOLS_TRANSPORT_SECURITY_STATE_GENERATOR_CERT_UTIL_H_ 43