LibTLS: Parse Certificate signature algorithm and value

This part of the certificate was originally just skipped, however it
will be needed to check the validity of the certificate.

2 files changed, 20 insertions, 1 deletions

diff --git a/Userland/Libraries/LibTLS/Certificate.cpp b/Userland/Libraries/LibTLS/Certificate.cpp
index a746b0663f..d08891ee04 100644
--- a/Userland/Libraries/LibTLS/Certificate.cpp
+++ b/Userland/Libraries/LibTLS/Certificate.cpp
@@ -463,8 +463,25 @@ Optional<Certificate> Certificate::parse_asn1(ReadonlyBytes buffer, bool)
         }
     }
 
-    // Just ignore the rest of the data for now.
     EXIT_SCOPE("Certificate::TBSCertificate");
+
+    // signature_algorithm
+    {
+        if (!parse_algorithm_identifier(certificate.signature_algorithm).has_value())
+            return {};
+    }
+
+    // signature_value
+    {
+        READ_OBJECT_OR_FAIL(BitString, const BitmapView, value, "Certificate");
+        auto signature_data_result = ByteBuffer::copy(value.data(), value.size_in_bytes());
+        if (signature_data_result.is_error()) {
+            dbgln("Certificate::signature_value: out of memory");
+            return {};
+        }
+        certificate.signature_value = signature_data_result.release_value();
+    }
+
     EXIT_SCOPE("Certificate");
 
     dbgln_if(TLS_DEBUG, "Certificate issued for {} by {}", certificate.subject.subject, certificate.issuer.subject);
diff --git a/Userland/Libraries/LibTLS/Certificate.h b/Userland/Libraries/LibTLS/Certificate.h
index b806e4213e..eda9dba194 100644
--- a/Userland/Libraries/LibTLS/Certificate.h
+++ b/Userland/Libraries/LibTLS/Certificate.h
@@ -53,6 +53,8 @@ public:
     ByteBuffer fingerprint {};
     ByteBuffer der {};
     ByteBuffer data {};
+    CertificateKeyAlgorithm signature_algorithm { CertificateKeyAlgorithm::Unsupported };
+    ByteBuffer signature_value {};
 
     static Optional<Certificate> parse_asn1(ReadonlyBytes, bool client_cert = false);