1 // Copyright 2016 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_CERT_PKI_PARSE_NAME_H_ 6 #define NET_CERT_PKI_PARSE_NAME_H_ 7 8 #include <vector> 9 10 #include "net/base/net_export.h" 11 #include "net/der/input.h" 12 #include "net/der/parser.h" 13 #include "net/der/tag.h" 14 15 namespace net { 16 17 // id-at-commonName: 2.5.4.3 (RFC 5280) 18 inline constexpr uint8_t kTypeCommonNameOid[] = {0x55, 0x04, 0x03}; 19 // id-at-surname: 2.5.4.4 (RFC 5280) 20 inline constexpr uint8_t kTypeSurnameOid[] = {0x55, 0x04, 0x04}; 21 // id-at-serialNumber: 2.5.4.5 (RFC 5280) 22 inline constexpr uint8_t kTypeSerialNumberOid[] = {0x55, 0x04, 0x05}; 23 // id-at-countryName: 2.5.4.6 (RFC 5280) 24 inline constexpr uint8_t kTypeCountryNameOid[] = {0x55, 0x04, 0x06}; 25 // id-at-localityName: 2.5.4.7 (RFC 5280) 26 inline constexpr uint8_t kTypeLocalityNameOid[] = {0x55, 0x04, 0x07}; 27 // id-at-stateOrProvinceName: 2.5.4.8 (RFC 5280) 28 inline constexpr uint8_t kTypeStateOrProvinceNameOid[] = {0x55, 0x04, 0x08}; 29 // street (streetAddress): 2.5.4.9 (RFC 4519) 30 inline constexpr uint8_t kTypeStreetAddressOid[] = {0x55, 0x04, 0x09}; 31 // id-at-organizationName: 2.5.4.10 (RFC 5280) 32 inline constexpr uint8_t kTypeOrganizationNameOid[] = {0x55, 0x04, 0x0a}; 33 // id-at-organizationalUnitName: 2.5.4.11 (RFC 5280) 34 inline constexpr uint8_t kTypeOrganizationUnitNameOid[] = {0x55, 0x04, 0x0b}; 35 // id-at-title: 2.5.4.12 (RFC 5280) 36 inline constexpr uint8_t kTypeTitleOid[] = {0x55, 0x04, 0x0c}; 37 // id-at-name: 2.5.4.41 (RFC 5280) 38 inline constexpr uint8_t kTypeNameOid[] = {0x55, 0x04, 0x29}; 39 // id-at-givenName: 2.5.4.42 (RFC 5280) 40 inline constexpr uint8_t kTypeGivenNameOid[] = {0x55, 0x04, 0x2a}; 41 // id-at-initials: 2.5.4.43 (RFC 5280) 42 inline constexpr uint8_t kTypeInitialsOid[] = {0x55, 0x04, 0x2b}; 43 // id-at-generationQualifier: 2.5.4.44 (RFC 5280) 44 inline constexpr uint8_t kTypeGenerationQualifierOid[] = {0x55, 0x04, 0x2c}; 45 // dc (domainComponent): 0.9.2342.19200300.100.1.25 (RFC 4519) 46 inline constexpr uint8_t kTypeDomainComponentOid[] = { 47 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19}; 48 // RFC 5280 section A.1: 49 // 50 // pkcs-9 OBJECT IDENTIFIER ::= 51 // { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } 52 // 53 // id-emailAddress AttributeType ::= { pkcs-9 1 } 54 // 55 // In dotted form: 1.2.840.113549.1.9.1 56 inline constexpr uint8_t kTypeEmailAddressOid[] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 57 0x0D, 0x01, 0x09, 0x01}; 58 59 // X509NameAttribute contains a representation of a DER-encoded RFC 2253 60 // "AttributeTypeAndValue". 61 // 62 // AttributeTypeAndValue ::= SEQUENCE { 63 // type AttributeType, 64 // value AttributeValue 65 // } 66 struct NET_EXPORT X509NameAttribute { X509NameAttributeX509NameAttribute67 X509NameAttribute(der::Input in_type, 68 der::Tag in_value_tag, 69 der::Input in_value) 70 : type(in_type), value_tag(in_value_tag), value(in_value) {} 71 72 // Configures handling of PrintableString in the attribute value. Do 73 // not use non-default handling without consulting //net owners. With 74 // kAsUTF8Hack, PrintableStrings are interpreted as UTF-8 strings. 75 enum class PrintableStringHandling { kDefault, kAsUTF8Hack }; 76 77 // Attempts to convert the value represented by this struct into a 78 // UTF-8 string and store it in |out|, returning whether the conversion 79 // was successful. 80 [[nodiscard]] bool ValueAsString(std::string* out) const; 81 82 // Attempts to convert the value represented by this struct into a 83 // UTF-8 string and store it in |out|, returning whether the conversion 84 // was successful. Allows configuring some non-standard string handling 85 // options. 86 // 87 // Do not use without consulting //net owners. 88 [[nodiscard]] bool ValueAsStringWithUnsafeOptions( 89 PrintableStringHandling printable_string_handling, 90 std::string* out) const; 91 92 // Attempts to convert the value represented by this struct into a 93 // std::string and store it in |out|, returning whether the conversion was 94 // successful. Due to some encodings being incompatible, the caller must 95 // verify the attribute |value_tag|. 96 // 97 // Note: Don't use this function unless you know what you're doing. Use 98 // ValueAsString instead. 99 // 100 // Note: The conversion doesn't verify that the value corresponds to the 101 // ASN.1 definition of the value type. 102 [[nodiscard]] bool ValueAsStringUnsafe(std::string* out) const; 103 104 // Formats the NameAttribute per RFC2253 into an ASCII string and stores 105 // the result in |out|, returning whether the conversion was successful. 106 [[nodiscard]] bool AsRFC2253String(std::string* out) const; 107 108 der::Input type; 109 der::Tag value_tag; 110 der::Input value; 111 }; 112 113 typedef std::vector<X509NameAttribute> RelativeDistinguishedName; 114 typedef std::vector<RelativeDistinguishedName> RDNSequence; 115 116 // Parses all the ASN.1 AttributeTypeAndValue elements in |parser| and stores 117 // each as an AttributeTypeAndValue object in |out|. 118 // 119 // AttributeTypeAndValue is defined in RFC 5280 section 4.1.2.4: 120 // 121 // AttributeTypeAndValue ::= SEQUENCE { 122 // type AttributeType, 123 // value AttributeValue } 124 // 125 // AttributeType ::= OBJECT IDENTIFIER 126 // 127 // AttributeValue ::= ANY -- DEFINED BY AttributeType 128 // 129 // DirectoryString ::= CHOICE { 130 // teletexString TeletexString (SIZE (1..MAX)), 131 // printableString PrintableString (SIZE (1..MAX)), 132 // universalString UniversalString (SIZE (1..MAX)), 133 // utf8String UTF8String (SIZE (1..MAX)), 134 // bmpString BMPString (SIZE (1..MAX)) } 135 // 136 // The type of the component AttributeValue is determined by the AttributeType; 137 // in general it will be a DirectoryString. 138 [[nodiscard]] NET_EXPORT bool ReadRdn(der::Parser* parser, 139 RelativeDistinguishedName* out); 140 141 // Parses a DER-encoded "Name" as specified by 5280. Returns true on success 142 // and sets the results in |out|. 143 [[nodiscard]] NET_EXPORT bool ParseName(const der::Input& name_tlv, 144 RDNSequence* out); 145 // Parses a DER-encoded "Name" value (without the sequence tag & length) as 146 // specified by 5280. Returns true on success and sets the results in |out|. 147 [[nodiscard]] NET_EXPORT bool ParseNameValue(const der::Input& name_value, 148 RDNSequence* out); 149 150 // Formats a RDNSequence |rdn_sequence| per RFC2253 as an ASCII string and 151 // stores the result into |out|, and returns whether the conversion was 152 // successful. 153 [[nodiscard]] NET_EXPORT bool ConvertToRFC2253(const RDNSequence& rdn_sequence, 154 std::string* out); 155 } // namespace net 156 157 #endif // NET_CERT_PKI_PARSE_NAME_H_ 158