1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 01:27:34 +00:00

LibTLS: Verify server certificate expiry date

This commit is contained in:
AnotherTest 2020-05-06 21:43:27 +04:30 committed by Andreas Kling
parent d051fffe25
commit af1ce6c33d
3 changed files with 142 additions and 13 deletions

View file

@ -189,11 +189,20 @@ enum ClientVerificationStaus {
VerificationNeeded,
};
enum class CertificateKeyAlgorithm {
Unsupported = 0x00,
RSA_RSA = 0x01,
RSA_MD5 = 0x04,
RSA_SHA1 = 0x05,
RSA_SHA256 = 0x0b,
RSA_SHA512 = 0x0d,
};
struct Certificate {
u16 version;
u32 algorithm;
u32 key_algorithm;
u32 ec_algorithm;
CertificateKeyAlgorithm algorithm;
CertificateKeyAlgorithm key_algorithm;
CertificateKeyAlgorithm ec_algorithm;
ByteBuffer exponent;
Crypto::PK::RSAPublicKey<Crypto::UnsignedBigInteger> public_key;
String issuer_country;
@ -216,6 +225,8 @@ struct Certificate {
ByteBuffer fingerprint;
ByteBuffer der;
ByteBuffer data;
bool is_valid() const;
};
struct Context {
@ -488,7 +499,12 @@ constexpr static const u8 subject_oid[] { 0x55, 0x04, 0x03, 0x00 };
constexpr static const u8 san_oid[] { 0x55, 0x1D, 0x11, 0x00 };
constexpr static const u8 ocsp_oid[] { 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x00 };
constexpr static const u8 TLS_RSA_SIGN_SHA256_OID[] { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x00 };
static constexpr const u8 RSA_SIGN_RSA_OID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x00 };
static constexpr const u8 RSA_SIGN_MD5_OID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04, 0x00 };
static constexpr const u8 RSA_SIGN_SHA1_OID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x00 };
static constexpr const u8 RSA_SIGN_SHA256_OID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x00 };
static constexpr const u8 RSA_SIGN_SHA384_OID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0c, 0x00 };
static constexpr const u8 RSA_SIGN_SHA512_OID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d, 0x00 };
}