LibTLS: Add self signage information to our parsed certificates

Userland/Libraries/LibTLS/Certificate.cpp

@@ -349,6 +349,11 @@ Optional<Certificate> Certificate::parse_asn1(ReadonlyBytes buffer, bool)
             return {};
     }
 
+    // self issued
+    {
+        certificate.is_self_issued = certificate.issuer_identifier_string() == certificate.subject_identifier_string();
+    }
+
     // extensions
     {
         if (certificate.version == 2) {

Userland/Libraries/LibTLS/Certificate.h

@@ -60,9 +60,11 @@ public:
     bool is_allowed_to_sign_certificate { false };
     bool is_certificate_authority { false };
     Optional<size_t> path_length_constraint {};
+    bool is_self_issued { false };
 
     static Optional<Certificate> parse_asn1(ReadonlyBytes, bool client_cert = false);
 
+    bool is_self_signed();
     bool is_valid() const;
 
     DeprecatedString subject_identifier_string() const
@@ -124,6 +126,9 @@ public:
         }
         return cert_name.to_deprecated_string();
     }
+
+private:
+    Optional<bool> m_is_self_signed;
 };
 
 class DefaultRootCACertificates {

Userland/Libraries/LibTLS/TLSv12.cpp

@@ -115,6 +115,23 @@ bool Certificate::is_valid() const
     return true;
 }
 
+// https://www.ietf.org/rfc/rfc5280.html#page-12
+bool Certificate::is_self_signed()
+{
+    if (m_is_self_signed.has_value())
+        return *m_is_self_signed;
+
+    // Self-signed certificates are self-issued certificates where the digital
+    // signature may be verified by the public key bound into the certificate.
+    if (!this->is_self_issued)
+        m_is_self_signed.emplace(false);
+
+    // FIXME: Actually check if we sign ourself
+
+    m_is_self_signed.emplace(true);
+    return *m_is_self_signed;
+}
+
 void TLSv12::try_disambiguate_error() const
 {
     dbgln("Possible failure cause(s): ");