1 // Copyright 2015 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "net/cert/pki/extended_key_usage.h" 6 7 #include "net/der/input.h" 8 #include "net/der/parser.h" 9 #include "net/der/tag.h" 10 11 namespace net { 12 ParseEKUExtension(const der::Input & extension_value,std::vector<der::Input> * eku_oids)13bool ParseEKUExtension(const der::Input& extension_value, 14 std::vector<der::Input>* eku_oids) { 15 der::Parser extension_parser(extension_value); 16 der::Parser sequence_parser; 17 if (!extension_parser.ReadSequence(&sequence_parser)) 18 return false; 19 20 // Section 4.2.1.12 of RFC 5280 defines ExtKeyUsageSyntax as: 21 // ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId 22 // 23 // Therefore, the sequence must contain at least one KeyPurposeId. 24 if (!sequence_parser.HasMore()) 25 return false; 26 while (sequence_parser.HasMore()) { 27 der::Input eku_oid; 28 if (!sequence_parser.ReadTag(der::kOid, &eku_oid)) 29 // The SEQUENCE OF must contain only KeyPurposeIds (OIDs). 30 return false; 31 eku_oids->push_back(eku_oid); 32 } 33 if (extension_parser.HasMore()) 34 // The extension value must follow ExtKeyUsageSyntax - there is no way that 35 // it could be extended to allow for something after the SEQUENCE OF. 36 return false; 37 return true; 38 } 39 40 } // namespace net 41