naiveproxy/net/cert/internal/extended_key_usage.h
2018-12-09 21:59:24 -05:00

44 lines
1.6 KiB
C++

// Copyright 2015 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_CERT_INTERNAL_EXTENDED_KEY_USAGE_H_
#define NET_CERT_INTERNAL_EXTENDED_KEY_USAGE_H_
#include <vector>
#include "net/base/net_export.h"
#include "net/der/input.h"
namespace net {
// The following set of methods return the DER-encoded OID, without tag or
// length, of the extended key usage purposes defined in RFC 5280 section
// 4.2.1.12.
NET_EXPORT const der::Input AnyEKU();
NET_EXPORT const der::Input ServerAuth();
NET_EXPORT const der::Input ClientAuth();
NET_EXPORT const der::Input CodeSigning();
NET_EXPORT const der::Input EmailProtection();
NET_EXPORT const der::Input TimeStamping();
NET_EXPORT const der::Input OCSPSigning();
// Netscape Server Gated Crypto (2.16.840.1.113730.4.1) is a deprecated OID
// which in some situations is considered equivalent to the serverAuth key
// purpose.
NET_EXPORT const der::Input NetscapeServerGatedCrypto();
// Parses |extension_value|, which contains the extnValue field of an X.509v3
// Extended Key Usage extension, and populates |eku_oids| with the list of
// DER-encoded OID values (that is, without tag and length). Returns false if
// |extension_value| is improperly encoded.
//
// Note: The returned OIDs are only as valid as long as the data pointed to by
// |extension_value| is valid.
NET_EXPORT bool ParseEKUExtension(const der::Input& extension_value,
std::vector<der::Input>* eku_oids);
} // namespace net
#endif // NET_CERT_INTERNAL_EXTENDED_KEY_USAGE_H_