1 // Copyright 2016 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_TOOLS_TRANSPORT_SECURITY_STATE_GENERATOR_CERT_UTIL_H_ 6 #define NET_TOOLS_TRANSPORT_SECURITY_STATE_GENERATOR_CERT_UTIL_H_ 7 8 #include <stdint.h> 9 10 #include <string_view> 11 12 #include "third_party/boringssl/src/include/openssl/x509v3.h" 13 14 namespace net::transport_security_state { 15 class SPKIHash; 16 } // namespace net::transport_security_state 17 18 // Decodes the PEM block in |pem_data| and attempts to parse the resulting 19 // structure. Returns a pointer to a X509 instance if successful and NULL 20 // otherwise. 21 bssl::UniquePtr<X509> GetX509CertificateFromPEM(std::string_view pem_data); 22 23 // Extracts the SubjectPublicKeyInfo from |*certificate| and copies its SHA256 24 // digest to |*out_hash|. Returns true on success and false on failure. 25 bool CalculateSPKIHashFromCertificate( 26 X509* certificate, 27 net::transport_security_state::SPKIHash* out_hash); 28 29 // Extracts the name from |*certificate| and copies the result to |*name|. 30 // Returns true on success and false on failure. 31 // On success |*name| will contain the Subject's CommonName if available or the 32 // concatenation |OrganizationName| + " " + |OrganizationalUnitName| otherwise. 33 bool ExtractSubjectNameFromCertificate(X509* certificate, std::string* name); 34 35 // Decodes the PEM block in |pem_key| and sets |*out_hash| to the SHA256 digest 36 // of the resulting structure. The encoded PEM block in |pem_key| is expected to 37 // be a SubjectPublicKeyInfo structure. Returns true on success and false on 38 // failure. 39 bool CalculateSPKIHashFromKey( 40 std::string_view pem_key, 41 net::transport_security_state::SPKIHash* out_hash); 42 43 #endif // NET_TOOLS_TRANSPORT_SECURITY_STATE_GENERATOR_CERT_UTIL_H_ 44