Add a new ExtractSubjectPublicKeyFromSPKI method to asn1_utils.

Review URL: https://chromiumcodereview.appspot.com/10821111 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149492 0039d316-1c4b-4281-b951-d872f2087c98

Add a new ExtractSubjectPublicKeyFromSPKI method to asn1_utils.
Review URL: https://chromiumcodereview.appspot.com/10821111 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149492 0039d316-1c4b-4281-b951-d872f2087c98
395b48dd · rch@chromium.org · 10c24a3b · 395b48dd · 395b48dd
Commit 395b48dd authored Aug 01, 2012 by rch@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 36 additions and 1 deletion

net/base/asn1_util.cc net/base/asn1_util.cc +29 -1

net/base/asn1_util.h net/base/asn1_util.h +7 -0

No files found.
--- a/net/base/asn1_util.cc
+++ b/net/base/asn1_util.cc
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

@@ -157,6 +157,34 @@ bool ExtractSPKIFromDERCert(base::StringPiece cert,
  return true;
 }

+bool ExtractSubjectPublicKeyFromSPKI(base::StringPiece spki,
+                                     base::StringPiece* spk_out) {
+  // From RFC 5280, Section 4.1
+  //   SubjectPublicKeyInfo  ::=  SEQUENCE  {
+  //     algorithm            AlgorithmIdentifier,
+  //     subjectPublicKey     BIT STRING  }
+  //
+  //   AlgorithmIdentifier  ::=  SEQUENCE  {
+  //     algorithm               OBJECT IDENTIFIER,
+  //     parameters              ANY DEFINED BY algorithm OPTIONAL  }
+
+  // Step into SubjectPublicKeyInfo sequence.
+  base::StringPiece spki_contents;
+  if (!asn1::GetElement(&spki, asn1::kSEQUENCE, &spki_contents))
+    return false;
+
+  // Step over algorithm field (a SEQUENCE).
+  base::StringPiece algorithm;
+  if (!asn1::GetElement(&spki_contents, asn1::kSEQUENCE, &algorithm))
+    return false;
+
+  // Extract the subjectPublicKey field.
+  if (!asn1::GetElement(&spki_contents, asn1::kBITSTRING, spk_out))
+    return false;
+  return true;
+}
+
+
 bool ExtractCRLURLsFromDERCert(base::StringPiece cert,
                               std::vector<base::StringPiece>* urls_out) {
  urls_out->clear();

--- a/net/base/asn1_util.h
+++ b/net/base/asn1_util.h
@@ -63,6 +63,13 @@ bool GetElement(base::StringPiece* in,
 NET_EXPORT_PRIVATE bool ExtractSPKIFromDERCert(base::StringPiece cert,
                                               base::StringPiece* spki_out);

+// ExtractSubjectPublicKeyFromSPKI parses the DER encoded SubjectPublicKeyInfo
+// in |spki| and extracts the bytes of the SubjectPublicKey. On successful
+// return, |spk_out| is set to contain the public key, pointing into |spki|.
+NET_EXPORT_PRIVATE bool ExtractSubjectPublicKeyFromSPKI(
+    base::StringPiece spki,
+    base::StringPiece* spk_out);
+
 // ExtractCRLURLsFromDERCert parses the DER encoded certificate in |cert| and
 // extracts the URL of each CRL. On successful return, the elements of
 // |urls_out| point into |cert|.