Coverage Report

Created: 2026-03-19 06:22

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/boringssl/pki/parse_name.h
Line
Count
Source
1
// Copyright 2016 The Chromium Authors
2
//
3
// Licensed under the Apache License, Version 2.0 (the "License");
4
// you may not use this file except in compliance with the License.
5
// You may obtain a copy of the License at
6
//
7
//     https://www.apache.org/licenses/LICENSE-2.0
8
//
9
// Unless required by applicable law or agreed to in writing, software
10
// distributed under the License is distributed on an "AS IS" BASIS,
11
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
// See the License for the specific language governing permissions and
13
// limitations under the License.
14
15
#ifndef BSSL_PKI_PARSE_NAME_H_
16
#define BSSL_PKI_PARSE_NAME_H_
17
18
#include <vector>
19
20
#include <openssl/base.h>
21
#include <openssl/bytestring.h>
22
23
#include "input.h"
24
#include "parser.h"
25
26
BSSL_NAMESPACE_BEGIN
27
28
// id-at-commonName: 2.5.4.3 (RFC 5280)
29
inline constexpr uint8_t kTypeCommonNameOid[] = {0x55, 0x04, 0x03};
30
// id-at-surname: 2.5.4.4 (RFC 5280)
31
inline constexpr uint8_t kTypeSurnameOid[] = {0x55, 0x04, 0x04};
32
// id-at-serialNumber: 2.5.4.5 (RFC 5280)
33
inline constexpr uint8_t kTypeSerialNumberOid[] = {0x55, 0x04, 0x05};
34
// id-at-countryName: 2.5.4.6 (RFC 5280)
35
inline constexpr uint8_t kTypeCountryNameOid[] = {0x55, 0x04, 0x06};
36
// id-at-localityName: 2.5.4.7 (RFC 5280)
37
inline constexpr uint8_t kTypeLocalityNameOid[] = {0x55, 0x04, 0x07};
38
// id-at-stateOrProvinceName: 2.5.4.8 (RFC 5280)
39
inline constexpr uint8_t kTypeStateOrProvinceNameOid[] = {0x55, 0x04, 0x08};
40
// street (streetAddress): 2.5.4.9 (RFC 4519)
41
inline constexpr uint8_t kTypeStreetAddressOid[] = {0x55, 0x04, 0x09};
42
// id-at-organizationName: 2.5.4.10 (RFC 5280)
43
inline constexpr uint8_t kTypeOrganizationNameOid[] = {0x55, 0x04, 0x0a};
44
// id-at-organizationalUnitName: 2.5.4.11 (RFC 5280)
45
inline constexpr uint8_t kTypeOrganizationUnitNameOid[] = {0x55, 0x04, 0x0b};
46
// id-at-title: 2.5.4.12 (RFC 5280)
47
inline constexpr uint8_t kTypeTitleOid[] = {0x55, 0x04, 0x0c};
48
// id-at-name: 2.5.4.41 (RFC 5280)
49
inline constexpr uint8_t kTypeNameOid[] = {0x55, 0x04, 0x29};
50
// id-at-givenName: 2.5.4.42 (RFC 5280)
51
inline constexpr uint8_t kTypeGivenNameOid[] = {0x55, 0x04, 0x2a};
52
// id-at-initials: 2.5.4.43 (RFC 5280)
53
inline constexpr uint8_t kTypeInitialsOid[] = {0x55, 0x04, 0x2b};
54
// id-at-generationQualifier: 2.5.4.44 (RFC 5280)
55
inline constexpr uint8_t kTypeGenerationQualifierOid[] = {0x55, 0x04, 0x2c};
56
// dc (domainComponent): 0.9.2342.19200300.100.1.25 (RFC 4519)
57
inline constexpr uint8_t kTypeDomainComponentOid[] = {
58
    0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19};
59
// RFC 5280 section A.1:
60
//
61
// pkcs-9 OBJECT IDENTIFIER ::=
62
//   { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 }
63
//
64
// id-emailAddress      AttributeType ::= { pkcs-9 1 }
65
//
66
// In dotted form: 1.2.840.113549.1.9.1
67
inline constexpr uint8_t kTypeEmailAddressOid[] = {0x2A, 0x86, 0x48, 0x86, 0xF7,
68
                                                   0x0D, 0x01, 0x09, 0x01};
69
70
// X509NameAttribute contains a representation of a DER-encoded RFC 2253
71
// "AttributeTypeAndValue".
72
//
73
// AttributeTypeAndValue ::= SEQUENCE {
74
//     type  AttributeType,
75
//     value AttributeValue
76
// }
77
struct OPENSSL_EXPORT X509NameAttribute {
78
  X509NameAttribute(der::Input in_type, CBS_ASN1_TAG in_value_tag,
79
                    der::Input in_value)
80
345k
      : type(in_type), value_tag(in_value_tag), value(in_value) {}
81
82
  // Configures handling of PrintableString in the attribute value. Do
83
  // not use non-default handling without consulting //net owners. With
84
  // kAsUTF8Hack, PrintableStrings are interpreted as UTF-8 strings.
85
  enum class PrintableStringHandling { kDefault, kAsUTF8Hack };
86
87
  // Attempts to convert the value represented by this struct into a
88
  // UTF-8 string and store it in |out|, returning whether the conversion
89
  // was successful.
90
  [[nodiscard]] bool ValueAsString(std::string *out) const;
91
92
  // Attempts to convert the value represented by this struct into a
93
  // UTF-8 string and store it in |out|, returning whether the conversion
94
  // was successful. Allows configuring some non-standard string handling
95
  // options.
96
  //
97
  // Do not use without consulting //net owners.
98
  [[nodiscard]] bool ValueAsStringWithUnsafeOptions(
99
      PrintableStringHandling printable_string_handling,
100
      std::string *out) const;
101
102
  // Attempts to convert the value represented by this struct into a
103
  // std::string and store it in |out|, returning whether the conversion was
104
  // successful. Due to some encodings being incompatible, the caller must
105
  // verify the attribute |value_tag|.
106
  //
107
  // Note: Don't use this function unless you know what you're doing. Use
108
  // ValueAsString instead.
109
  //
110
  // Note: The conversion doesn't verify that the value corresponds to the
111
  // ASN.1 definition of the value type.
112
  [[nodiscard]] bool ValueAsStringUnsafe(std::string *out) const;
113
114
  // Formats the NameAttribute per RFC2253 into an ASCII string and stores
115
  // the result in |out|, returning whether the conversion was successful.
116
  [[nodiscard]] bool AsRFC2253String(std::string *out) const;
117
118
  der::Input type;
119
  CBS_ASN1_TAG value_tag;
120
  der::Input value;
121
};
122
123
typedef std::vector<X509NameAttribute> RelativeDistinguishedName;
124
typedef std::vector<RelativeDistinguishedName> RDNSequence;
125
126
// Parses all the ASN.1 AttributeTypeAndValue elements in |parser| and stores
127
// each as an AttributeTypeAndValue object in |out|.
128
//
129
// AttributeTypeAndValue is defined in RFC 5280 section 4.1.2.4:
130
//
131
// AttributeTypeAndValue ::= SEQUENCE {
132
//   type     AttributeType,
133
//   value    AttributeValue }
134
//
135
// AttributeType ::= OBJECT IDENTIFIER
136
//
137
// AttributeValue ::= ANY -- DEFINED BY AttributeType
138
//
139
// DirectoryString ::= CHOICE {
140
//       teletexString           TeletexString (SIZE (1..MAX)),
141
//       printableString         PrintableString (SIZE (1..MAX)),
142
//       universalString         UniversalString (SIZE (1..MAX)),
143
//       utf8String              UTF8String (SIZE (1..MAX)),
144
//       bmpString               BMPString (SIZE (1..MAX)) }
145
//
146
// The type of the component AttributeValue is determined by the AttributeType;
147
// in general it will be a DirectoryString.
148
[[nodiscard]] OPENSSL_EXPORT bool ReadRdn(der::Parser *parser,
149
                                          RelativeDistinguishedName *out);
150
151
// Parses a DER-encoded "Name" as specified by 5280. Returns true on success
152
// and sets the results in |out|.
153
[[nodiscard]] OPENSSL_EXPORT bool ParseName(der::Input name_tlv,
154
                                            RDNSequence *out);
155
// Parses a DER-encoded "Name" value (without the sequence tag & length) as
156
// specified by 5280. Returns true on success and sets the results in |out|.
157
[[nodiscard]] OPENSSL_EXPORT bool ParseNameValue(der::Input name_value,
158
                                                 RDNSequence *out);
159
160
// Formats a RDNSequence |rdn_sequence| per RFC2253 as an ASCII string and
161
// stores the result into |out|, and returns whether the conversion was
162
// successful.
163
[[nodiscard]] OPENSSL_EXPORT bool ConvertToRFC2253(
164
    const RDNSequence &rdn_sequence, std::string *out);
165
BSSL_NAMESPACE_END
166
167
#endif  // BSSL_PKI_PARSE_NAME_H_