1 // Copyright 2015 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef BSSL_PKI_PARSE_CERTIFICATE_H_ 6 #define BSSL_PKI_PARSE_CERTIFICATE_H_ 7 8 #include <stdint.h> 9 10 #include <map> 11 #include <memory> 12 #include <optional> 13 #include <vector> 14 15 #include <openssl/base.h> 16 17 #include "general_names.h" 18 #include "input.h" 19 #include "parse_values.h" 20 21 namespace bssl { 22 23 namespace der { 24 class Parser; 25 } 26 27 class CertErrors; 28 struct ParsedTbsCertificate; 29 30 // Returns true if the given serial number (CertificateSerialNumber in RFC 5280) 31 // is valid: 32 // 33 // CertificateSerialNumber ::= INTEGER 34 // 35 // The input to this function is the (unverified) value octets of the INTEGER. 36 // This function will verify that: 37 // 38 // * The octets are a valid DER-encoding of an INTEGER (for instance, minimal 39 // encoding length). 40 // 41 // * No more than 20 octets are used. 42 // 43 // Note that it DOES NOT reject non-positive values (zero or negative). 44 // 45 // For reference, here is what RFC 5280 section 4.1.2.2 says: 46 // 47 // Given the uniqueness requirements above, serial numbers can be 48 // expected to contain long integers. Certificate users MUST be able to 49 // handle serialNumber values up to 20 octets. Conforming CAs MUST NOT 50 // use serialNumber values longer than 20 octets. 51 // 52 // Note: Non-conforming CAs may issue certificates with serial numbers 53 // that are negative or zero. Certificate users SHOULD be prepared to 54 // gracefully handle such certificates. 55 // 56 // |errors| must be a non-null destination for any errors/warnings. If 57 // |warnings_only| is set to true, then what would ordinarily be errors are 58 // instead added as warnings. 59 [[nodiscard]] OPENSSL_EXPORT bool VerifySerialNumber(der::Input value, 60 bool warnings_only, 61 CertErrors *errors); 62 63 // Consumes a "Time" value (as defined by RFC 5280) from |parser|. On success 64 // writes the result to |*out| and returns true. On failure no guarantees are 65 // made about the state of |parser|. 66 // 67 // From RFC 5280: 68 // 69 // Time ::= CHOICE { 70 // utcTime UTCTime, 71 // generalTime GeneralizedTime } 72 [[nodiscard]] OPENSSL_EXPORT bool ReadUTCOrGeneralizedTime( 73 der::Parser *parser, der::GeneralizedTime *out); 74 75 // Parses a DER-encoded "Validity" as specified by RFC 5280. Returns true on 76 // success and sets the results in |not_before| and |not_after|: 77 // 78 // Validity ::= SEQUENCE { 79 // notBefore Time, 80 // notAfter Time } 81 // 82 // Note that upon success it is NOT guaranteed that |*not_before <= *not_after|. 83 [[nodiscard]] OPENSSL_EXPORT bool ParseValidity( 84 der::Input validity_tlv, der::GeneralizedTime *not_before, 85 der::GeneralizedTime *not_after); 86 87 struct OPENSSL_EXPORT ParseCertificateOptions { 88 // If set to true, then parsing will skip checks on the certificate's serial 89 // number. The only requirement will be that the serial number is an INTEGER, 90 // however it is not required to be a valid DER-encoding (i.e. minimal 91 // encoding), nor is it required to be constrained to any particular length. 92 bool allow_invalid_serial_numbers = false; 93 }; 94 95 // Parses a DER-encoded "Certificate" as specified by RFC 5280. Returns true on 96 // success and sets the results in the |out_*| parameters. On both the failure 97 // and success case, if |out_errors| was non-null it may contain extra error 98 // information. 99 // 100 // Note that on success the out parameters alias data from the input 101 // |certificate_tlv|. Hence the output values are only valid as long as 102 // |certificate_tlv| remains valid. 103 // 104 // On failure the out parameters have an undefined state, except for 105 // out_errors. Some of them may have been updated during parsing, whereas 106 // others may not have been changed. 107 // 108 // The out parameters represent each field of the Certificate SEQUENCE: 109 // Certificate ::= SEQUENCE { 110 // 111 // The |out_tbs_certificate_tlv| parameter corresponds with "tbsCertificate" 112 // from RFC 5280: 113 // tbsCertificate TBSCertificate, 114 // 115 // This contains the full (unverified) Tag-Length-Value for a SEQUENCE. No 116 // guarantees are made regarding the value of this SEQUENCE. 117 // This can be further parsed using ParseTbsCertificate(). 118 // 119 // The |out_signature_algorithm_tlv| parameter corresponds with 120 // "signatureAlgorithm" from RFC 5280: 121 // signatureAlgorithm AlgorithmIdentifier, 122 // 123 // This contains the full (unverified) Tag-Length-Value for a SEQUENCE. No 124 // guarantees are made regarding the value of this SEQUENCE. 125 // This can be further parsed using SignatureValue::Create(). 126 // 127 // The |out_signature_value| parameter corresponds with "signatureValue" from 128 // RFC 5280: 129 // signatureValue BIT STRING } 130 // 131 // Parsing guarantees that this is a valid BIT STRING. 132 [[nodiscard]] OPENSSL_EXPORT bool ParseCertificate( 133 der::Input certificate_tlv, der::Input *out_tbs_certificate_tlv, 134 der::Input *out_signature_algorithm_tlv, 135 der::BitString *out_signature_value, CertErrors *out_errors); 136 137 // Parses a DER-encoded "TBSCertificate" as specified by RFC 5280. Returns true 138 // on success and sets the results in |out|. Certain invalid inputs may 139 // be accepted based on the provided |options|. 140 // 141 // If |errors| was non-null then any warnings/errors that occur during parsing 142 // are added to it. 143 // 144 // Note that on success |out| aliases data from the input |tbs_tlv|. 145 // Hence the fields of the ParsedTbsCertificate are only valid as long as 146 // |tbs_tlv| remains valid. 147 // 148 // On failure |out| has an undefined state. Some of its fields may have been 149 // updated during parsing, whereas others may not have been changed. 150 // 151 // Refer to the per-field documentation of ParsedTbsCertificate for details on 152 // what validity checks parsing performs. 153 // 154 // TBSCertificate ::= SEQUENCE { 155 // version [0] EXPLICIT Version DEFAULT v1, 156 // serialNumber CertificateSerialNumber, 157 // signature AlgorithmIdentifier, 158 // issuer Name, 159 // validity Validity, 160 // subject Name, 161 // subjectPublicKeyInfo SubjectPublicKeyInfo, 162 // issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, 163 // -- If present, version MUST be v2 or v3 164 // subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, 165 // -- If present, version MUST be v2 or v3 166 // extensions [3] EXPLICIT Extensions OPTIONAL 167 // -- If present, version MUST be v3 168 // } 169 [[nodiscard]] OPENSSL_EXPORT bool ParseTbsCertificate( 170 der::Input tbs_tlv, const ParseCertificateOptions &options, 171 ParsedTbsCertificate *out, CertErrors *errors); 172 173 // Represents a "Version" from RFC 5280: 174 // Version ::= INTEGER { v1(0), v2(1), v3(2) } 175 enum class CertificateVersion { 176 V1, 177 V2, 178 V3, 179 }; 180 181 // ParsedTbsCertificate contains pointers to the main fields of a DER-encoded 182 // RFC 5280 "TBSCertificate". 183 // 184 // ParsedTbsCertificate is expected to be filled by ParseTbsCertificate(), so 185 // subsequent field descriptions are in terms of what ParseTbsCertificate() 186 // sets. 187 struct OPENSSL_EXPORT ParsedTbsCertificate { 188 ParsedTbsCertificate(); 189 ParsedTbsCertificate(ParsedTbsCertificate &&other); 190 ParsedTbsCertificate &operator=(ParsedTbsCertificate &&other) = default; 191 ~ParsedTbsCertificate(); 192 193 // Corresponds with "version" from RFC 5280: 194 // version [0] EXPLICIT Version DEFAULT v1, 195 // 196 // Parsing guarantees that the version is one of v1, v2, or v3. 197 CertificateVersion version = CertificateVersion::V1; 198 199 // Corresponds with "serialNumber" from RFC 5280: 200 // serialNumber CertificateSerialNumber, 201 // 202 // This field specifically contains the content bytes of the INTEGER. So for 203 // instance if the serial number was 1000 then this would contain bytes 204 // {0x03, 0xE8}. 205 // 206 // The serial number may or may not be a valid DER-encoded INTEGER: 207 // 208 // If the option |allow_invalid_serial_numbers=true| was used during 209 // parsing, then nothing further can be assumed about these bytes. 210 // 211 // Otherwise if |allow_invalid_serial_numbers=false| then in addition 212 // to being a valid DER-encoded INTEGER, parsing guarantees that 213 // the serial number is at most 20 bytes long. Parsing does NOT guarantee 214 // that the integer is positive (might be zero or negative). 215 der::Input serial_number; 216 217 // Corresponds with "signatureAlgorithm" from RFC 5280: 218 // signatureAlgorithm AlgorithmIdentifier, 219 // 220 // This contains the full (unverified) Tag-Length-Value for a SEQUENCE. No 221 // guarantees are made regarding the value of this SEQUENCE. 222 // 223 // This can be further parsed using SignatureValue::Create(). 224 der::Input signature_algorithm_tlv; 225 226 // Corresponds with "issuer" from RFC 5280: 227 // issuer Name, 228 // 229 // This contains the full (unverified) Tag-Length-Value for a SEQUENCE. No 230 // guarantees are made regarding the value of this SEQUENCE. 231 der::Input issuer_tlv; 232 233 // Corresponds with "validity" from RFC 5280: 234 // validity Validity, 235 // 236 // Where Validity is defined as: 237 // 238 // Validity ::= SEQUENCE { 239 // notBefore Time, 240 // notAfter Time } 241 // 242 // Parsing guarantees that notBefore (validity_not_before) and notAfter 243 // (validity_not_after) are valid DER-encoded dates, however it DOES NOT 244 // gurantee anything about their values. For instance notAfter could be 245 // before notBefore, or the dates could indicate an expired certificate. 246 // Consumers are responsible for testing expiration. 247 der::GeneralizedTime validity_not_before; 248 der::GeneralizedTime validity_not_after; 249 250 // Corresponds with "subject" from RFC 5280: 251 // subject Name, 252 // 253 // This contains the full (unverified) Tag-Length-Value for a SEQUENCE. No 254 // guarantees are made regarding the value of this SEQUENCE. 255 der::Input subject_tlv; 256 257 // Corresponds with "subjectPublicKeyInfo" from RFC 5280: 258 // subjectPublicKeyInfo SubjectPublicKeyInfo, 259 // 260 // This contains the full (unverified) Tag-Length-Value for a SEQUENCE. No 261 // guarantees are made regarding the value of this SEQUENCE. 262 der::Input spki_tlv; 263 264 // Corresponds with "issuerUniqueID" from RFC 5280: 265 // issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, 266 // -- If present, version MUST be v2 or v3 267 // 268 // Parsing guarantees that if issuer_unique_id is present it is a valid BIT 269 // STRING, and that the version is either v2 or v3 270 std::optional<der::BitString> issuer_unique_id; 271 272 // Corresponds with "subjectUniqueID" from RFC 5280: 273 // subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, 274 // -- If present, version MUST be v2 or v3 275 // 276 // Parsing guarantees that if subject_unique_id is present it is a valid BIT 277 // STRING, and that the version is either v2 or v3 278 std::optional<der::BitString> subject_unique_id; 279 280 // Corresponds with "extensions" from RFC 5280: 281 // extensions [3] EXPLICIT Extensions OPTIONAL 282 // -- If present, version MUST be v3 283 // 284 // 285 // This contains the full (unverified) Tag-Length-Value for a SEQUENCE. No 286 // guarantees are made regarding the value of this SEQUENCE. (Note that the 287 // EXPLICIT outer tag is stripped.) 288 // 289 // Parsing guarantees that if extensions is present the version is v3. 290 std::optional<der::Input> extensions_tlv; 291 }; 292 293 // ParsedExtension represents a parsed "Extension" from RFC 5280. It contains 294 // der:Inputs which are not owned so the associated data must be kept alive. 295 // 296 // Extension ::= SEQUENCE { 297 // extnID OBJECT IDENTIFIER, 298 // critical BOOLEAN DEFAULT FALSE, 299 // extnValue OCTET STRING 300 // -- contains the DER encoding of an ASN.1 value 301 // -- corresponding to the extension type identified 302 // -- by extnID 303 // } 304 struct OPENSSL_EXPORT ParsedExtension { 305 der::Input oid; 306 // |value| will contain the contents of the OCTET STRING. For instance for 307 // basicConstraints it will be the TLV for a SEQUENCE. 308 der::Input value; 309 bool critical = false; 310 }; 311 312 // Parses a DER-encoded "Extension" as specified by RFC 5280. Returns true on 313 // success and sets the results in |out|. 314 // 315 // Note that on success |out| aliases data from the input |extension_tlv|. 316 // Hence the fields of the ParsedExtension are only valid as long as 317 // |extension_tlv| remains valid. 318 // 319 // On failure |out| has an undefined state. Some of its fields may have been 320 // updated during parsing, whereas others may not have been changed. 321 [[nodiscard]] OPENSSL_EXPORT bool ParseExtension(der::Input extension_tlv, 322 ParsedExtension *out); 323 324 // From RFC 5280: 325 // 326 // id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } 327 // 328 // In dotted notation: 2.5.29.14 329 inline constexpr uint8_t kSubjectKeyIdentifierOid[] = {0x55, 0x1d, 0x0e}; 330 331 // From RFC 5280: 332 // 333 // id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } 334 // 335 // In dotted notation: 2.5.29.15 336 inline constexpr uint8_t kKeyUsageOid[] = {0x55, 0x1d, 0x0f}; 337 338 // From RFC 5280: 339 // 340 // id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } 341 // 342 // In dotted notation: 2.5.29.17 343 inline constexpr uint8_t kSubjectAltNameOid[] = {0x55, 0x1d, 0x11}; 344 345 // From RFC 5280: 346 // 347 // id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } 348 // 349 // In dotted notation: 2.5.29.19 350 inline constexpr uint8_t kBasicConstraintsOid[] = {0x55, 0x1d, 0x13}; 351 352 // From RFC 5280: 353 // 354 // id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } 355 // 356 // In dotted notation: 2.5.29.30 357 inline constexpr uint8_t kNameConstraintsOid[] = {0x55, 0x1d, 0x1e}; 358 359 // From RFC 5280: 360 // 361 // id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } 362 // 363 // In dotted notation: 2.5.29.32 364 inline constexpr uint8_t kCertificatePoliciesOid[] = {0x55, 0x1d, 0x20}; 365 366 // From RFC 5280: 367 // 368 // id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } 369 // 370 // In dotted notation: 2.5.29.35 371 inline constexpr uint8_t kAuthorityKeyIdentifierOid[] = {0x55, 0x1d, 0x23}; 372 373 // From RFC 5280: 374 // 375 // id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } 376 // 377 // In dotted notation: 2.5.29.36 378 inline constexpr uint8_t kPolicyConstraintsOid[] = {0x55, 0x1d, 0x24}; 379 380 // From RFC 5280: 381 // 382 // id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } 383 // 384 // In dotted notation: 2.5.29.37 385 inline constexpr uint8_t kExtKeyUsageOid[] = {0x55, 0x1d, 0x25}; 386 387 // From RFC 5280: 388 // 389 // id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 } 390 // 391 // In dotted notation: 1.3.6.1.5.5.7.1.1 392 inline constexpr uint8_t kAuthorityInfoAccessOid[] = {0x2B, 0x06, 0x01, 0x05, 393 0x05, 0x07, 0x01, 0x01}; 394 395 // From RFC 5280: 396 // 397 // id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 } 398 // 399 // In dotted notation: 1.3.6.1.5.5.7.48.2 400 inline constexpr uint8_t kAdCaIssuersOid[] = {0x2B, 0x06, 0x01, 0x05, 401 0x05, 0x07, 0x30, 0x02}; 402 403 // From RFC 5280: 404 // 405 // id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 } 406 // 407 // In dotted notation: 1.3.6.1.5.5.7.48.1 408 inline constexpr uint8_t kAdOcspOid[] = {0x2B, 0x06, 0x01, 0x05, 409 0x05, 0x07, 0x30, 0x01}; 410 411 // From RFC 5280: 412 // 413 // id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } 414 // 415 // In dotted notation: 2.5.29.31 416 inline constexpr uint8_t kCrlDistributionPointsOid[] = {0x55, 0x1d, 0x1f}; 417 418 // From RFC 6962: 419 // 420 // critical poison extension. 421 // 422 // In dotted notation 1.3.6.1.4.1.11129.2.4.3 423 inline constexpr uint8_t kCtPoisonOid[] = {0x2B, 0x06, 0x01, 0x04, 0x01, 424 0xD6, 0x79, 0x02, 0x04, 0x03}; 425 426 // From 427 // https://learn.microsoft.com/en-us/windows/win32/seccertenroll/supported-extensions#msapplicationpolicies 428 // 429 // OID: XCN_OID_APPLICATION_CERT_POLICIES (1.3.6.1.4.1.311.21.10) 430 inline constexpr uint8_t kMSApplicationPoliciesOid[] = { 431 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x15, 0x0a}; 432 433 // Parses the Extensions sequence as defined by RFC 5280. Extensions are added 434 // to the map |extensions| keyed by the OID. Parsing guarantees that each OID 435 // is unique. Note that certificate verification must consume each extension 436 // marked as critical. 437 // 438 // Returns true on success and fills |extensions|. The output will reference 439 // bytes in |extensions_tlv|, so that data must be kept alive. 440 // On failure |extensions| may be partially written to and should not be used. 441 [[nodiscard]] OPENSSL_EXPORT bool ParseExtensions( 442 der::Input extensions_tlv, 443 std::map<der::Input, ParsedExtension> *extensions); 444 445 // Removes the extension with OID |oid| from |unconsumed_extensions| and fills 446 // |extension| with the matching extension value. If there was no extension 447 // matching |oid| then returns |false|. 448 [[nodiscard]] OPENSSL_EXPORT bool ConsumeExtension( 449 der::Input oid, 450 std::map<der::Input, ParsedExtension> *unconsumed_extensions, 451 ParsedExtension *extension); 452 453 struct ParsedBasicConstraints { 454 bool is_ca = false; 455 bool has_path_len = false; 456 uint8_t path_len = 0; 457 }; 458 459 // Parses the BasicConstraints extension as defined by RFC 5280: 460 // 461 // BasicConstraints ::= SEQUENCE { 462 // cA BOOLEAN DEFAULT FALSE, 463 // pathLenConstraint INTEGER (0..MAX) OPTIONAL } 464 // 465 // The maximum allowed value of pathLenConstraints will be whatever can fit 466 // into a uint8_t. 467 [[nodiscard]] OPENSSL_EXPORT bool ParseBasicConstraints( 468 der::Input basic_constraints_tlv, ParsedBasicConstraints *out); 469 470 // KeyUsageBit contains the index for a particular key usage. The index is 471 // measured from the most significant bit of a bit string. 472 // 473 // From RFC 5280 section 4.2.1.3: 474 // 475 // KeyUsage ::= BIT STRING { 476 // digitalSignature (0), 477 // nonRepudiation (1), -- recent editions of X.509 have 478 // -- renamed this bit to contentCommitment 479 // keyEncipherment (2), 480 // dataEncipherment (3), 481 // keyAgreement (4), 482 // keyCertSign (5), 483 // cRLSign (6), 484 // encipherOnly (7), 485 // decipherOnly (8) } 486 enum KeyUsageBit { 487 KEY_USAGE_BIT_DIGITAL_SIGNATURE = 0, 488 KEY_USAGE_BIT_NON_REPUDIATION = 1, 489 KEY_USAGE_BIT_KEY_ENCIPHERMENT = 2, 490 KEY_USAGE_BIT_DATA_ENCIPHERMENT = 3, 491 KEY_USAGE_BIT_KEY_AGREEMENT = 4, 492 KEY_USAGE_BIT_KEY_CERT_SIGN = 5, 493 KEY_USAGE_BIT_CRL_SIGN = 6, 494 KEY_USAGE_BIT_ENCIPHER_ONLY = 7, 495 KEY_USAGE_BIT_DECIPHER_ONLY = 8, 496 }; 497 498 // Parses the KeyUsage extension as defined by RFC 5280. Returns true on 499 // success, and |key_usage| will alias data in |key_usage_tlv|. On failure 500 // returns false, and |key_usage| may have been modified. 501 // 502 // In addition to validating that key_usage_tlv is a BIT STRING, this does 503 // additional KeyUsage specific validations such as requiring at least 1 bit to 504 // be set. 505 // 506 // To test if a particular key usage is set, call, e.g.: 507 // key_usage->AssertsBit(KEY_USAGE_BIT_DIGITAL_SIGNATURE); 508 [[nodiscard]] OPENSSL_EXPORT bool ParseKeyUsage(der::Input key_usage_tlv, 509 der::BitString *key_usage); 510 511 struct AuthorityInfoAccessDescription { 512 // The accessMethod DER OID value. 513 der::Input access_method_oid; 514 // The accessLocation DER TLV. 515 der::Input access_location; 516 }; 517 // Parses the Authority Information Access extension defined by RFC 5280. 518 // Returns true on success, and |out_access_descriptions| will alias data 519 // in |authority_info_access_tlv|.On failure returns false, and 520 // out_access_descriptions may have been partially filled. 521 // 522 // No validation is performed on the contents of the 523 // AuthorityInfoAccessDescription fields. 524 [[nodiscard]] OPENSSL_EXPORT bool ParseAuthorityInfoAccess( 525 der::Input authority_info_access_tlv, 526 std::vector<AuthorityInfoAccessDescription> *out_access_descriptions); 527 528 // Parses the Authority Information Access extension defined by RFC 5280, 529 // extracting the caIssuers URIs and OCSP URIs. 530 // 531 // Returns true on success, and |out_ca_issuers_uris| and |out_ocsp_uris| will 532 // alias data in |authority_info_access_tlv|. On failure returns false, and 533 // |out_ca_issuers_uris| and |out_ocsp_uris| may have been partially filled. 534 // 535 // |out_ca_issuers_uris| is filled with the accessLocations of type 536 // uniformResourceIdentifier for the accessMethod id-ad-caIssuers. 537 // |out_ocsp_uris| is filled with the accessLocations of type 538 // uniformResourceIdentifier for the accessMethod id-ad-ocsp. 539 // 540 // The values in |out_ca_issuers_uris| and |out_ocsp_uris| are checked to be 541 // IA5String (ASCII strings), but no other validation is performed on them. 542 // 543 // accessMethods other than id-ad-caIssuers and id-ad-ocsp are silently ignored. 544 // accessLocation types other than uniformResourceIdentifier are silently 545 // ignored. 546 [[nodiscard]] OPENSSL_EXPORT bool ParseAuthorityInfoAccessURIs( 547 der::Input authority_info_access_tlv, 548 std::vector<std::string_view> *out_ca_issuers_uris, 549 std::vector<std::string_view> *out_ocsp_uris); 550 551 // ParsedDistributionPoint represents a parsed DistributionPoint from RFC 5280. 552 // 553 // DistributionPoint ::= SEQUENCE { 554 // distributionPoint [0] DistributionPointName OPTIONAL, 555 // reasons [1] ReasonFlags OPTIONAL, 556 // cRLIssuer [2] GeneralNames OPTIONAL } 557 struct OPENSSL_EXPORT ParsedDistributionPoint { 558 ParsedDistributionPoint(); 559 ParsedDistributionPoint(ParsedDistributionPoint &&other); 560 ~ParsedDistributionPoint(); 561 562 // The parsed fullName, if distributionPoint was present and was a fullName. 563 std::unique_ptr<GeneralNames> distribution_point_fullname; 564 565 // If present, the DER encoded value of the nameRelativeToCRLIssuer field. 566 // This should be a RelativeDistinguishedName, but the parser does not 567 // validate it. 568 std::optional<der::Input> distribution_point_name_relative_to_crl_issuer; 569 570 // If present, the DER encoded value of the reasons field. This should be a 571 // ReasonFlags bitString, but the parser does not validate it. 572 std::optional<der::Input> reasons; 573 574 // If present, the DER encoded value of the cRLIssuer field. This should be a 575 // GeneralNames, but the parser does not validate it. 576 std::optional<der::Input> crl_issuer; 577 }; 578 579 // Parses the value of a CRL Distribution Points extension (sequence of 580 // DistributionPoint). Return true on success, and fills |distribution_points| 581 // with values that reference data in |distribution_points_tlv|. 582 [[nodiscard]] OPENSSL_EXPORT bool ParseCrlDistributionPoints( 583 der::Input distribution_points_tlv, 584 std::vector<ParsedDistributionPoint> *distribution_points); 585 586 // Represents the AuthorityKeyIdentifier extension defined by RFC 5280 section 587 // 4.2.1.1. 588 // 589 // AuthorityKeyIdentifier ::= SEQUENCE { 590 // keyIdentifier [0] KeyIdentifier OPTIONAL, 591 // authorityCertIssuer [1] GeneralNames OPTIONAL, 592 // authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL } 593 // 594 // KeyIdentifier ::= OCTET STRING 595 struct OPENSSL_EXPORT ParsedAuthorityKeyIdentifier { 596 ParsedAuthorityKeyIdentifier(); 597 ~ParsedAuthorityKeyIdentifier(); 598 ParsedAuthorityKeyIdentifier(ParsedAuthorityKeyIdentifier &&other); 599 ParsedAuthorityKeyIdentifier &operator=(ParsedAuthorityKeyIdentifier &&other); 600 601 // The keyIdentifier, which is an OCTET STRING. 602 std::optional<der::Input> key_identifier; 603 604 // The authorityCertIssuer, which should be a GeneralNames, but this is not 605 // enforced by ParseAuthorityKeyIdentifier. 606 std::optional<der::Input> authority_cert_issuer; 607 608 // The DER authorityCertSerialNumber, which should be a 609 // CertificateSerialNumber (an INTEGER) but this is not enforced by 610 // ParseAuthorityKeyIdentifier. 611 std::optional<der::Input> authority_cert_serial_number; 612 }; 613 614 // Parses the value of an authorityKeyIdentifier extension. Returns true on 615 // success and fills |authority_key_identifier| with values that reference data 616 // in |extension_value|. On failure the state of |authority_key_identifier| is 617 // not guaranteed. 618 [[nodiscard]] OPENSSL_EXPORT bool ParseAuthorityKeyIdentifier( 619 der::Input extension_value, 620 ParsedAuthorityKeyIdentifier *authority_key_identifier); 621 622 // Parses the value of a subjectKeyIdentifier extension. Returns true on 623 // success and |subject_key_identifier| references data in |extension_value|. 624 // On failure the state of |subject_key_identifier| is not guaranteed. 625 [[nodiscard]] OPENSSL_EXPORT bool ParseSubjectKeyIdentifier( 626 der::Input extension_value, der::Input *subject_key_identifier); 627 628 } // namespace bssl 629 630 #endif // BSSL_PKI_PARSE_CERTIFICATE_H_ 631