blob: 15f352d50d6e784d1bbb51fa7aae51a13fa86fc7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
/*
* Copyright (c) 2020, the SerenityOS developers.
*
* SPDX-License-Identifier: BSD-2-Clause
*/
#pragma once
#include <AK/ByteBuffer.h>
#include <AK/Forward.h>
#include <AK/Optional.h>
#include <AK/Singleton.h>
#include <AK/Types.h>
#include <LibCore/DateTime.h>
#include <LibCrypto/BigInt/UnsignedBigInteger.h>
#include <LibCrypto/PK/RSA.h>
namespace TLS {
enum class CertificateKeyAlgorithm {
Unsupported = 0x00,
RSA_RSA = 0x01,
RSA_MD5 = 0x04,
RSA_SHA1 = 0x05,
RSA_SHA256 = 0x0b,
RSA_SHA384 = 0x0c,
RSA_SHA512 = 0x0d,
};
class Certificate {
public:
u16 version { 0 };
CertificateKeyAlgorithm algorithm { CertificateKeyAlgorithm::Unsupported };
CertificateKeyAlgorithm key_algorithm { CertificateKeyAlgorithm::Unsupported };
CertificateKeyAlgorithm ec_algorithm { CertificateKeyAlgorithm::Unsupported };
ByteBuffer exponent {};
Crypto::PK::RSAPublicKey<Crypto::UnsignedBigInteger> public_key {};
Crypto::PK::RSAPrivateKey<Crypto::UnsignedBigInteger> private_key {};
struct Name {
String country;
String state;
String location;
String entity;
String subject;
String unit;
} issuer, subject;
Core::DateTime not_before;
Core::DateTime not_after;
Vector<String> SAN;
u8* ocsp { nullptr };
Crypto::UnsignedBigInteger serial_number;
ByteBuffer sign_key {};
ByteBuffer fingerprint {};
ByteBuffer der {};
ByteBuffer data {};
static Optional<Certificate> parse_asn1(ReadonlyBytes, bool client_cert = false);
bool is_valid() const;
};
class DefaultRootCACertificates {
public:
DefaultRootCACertificates();
const Vector<Certificate>& certificates() const { return m_ca_certificates; }
static DefaultRootCACertificates& the() { return s_the; }
private:
static Singleton<DefaultRootCACertificates> s_the;
Vector<Certificate> m_ca_certificates;
};
}
using TLS::Certificate;
using TLS::DefaultRootCACertificates;
|