LibTLS: Parse Certificate signature algorithm and value

This part of the certificate was originally just skipped, however it will be needed to check the validity of the certificate.
2025-07-27 08:07:34 +00:00 · 2022-02-21 22:14:40 +01:00 · 2022-02-21 22:14:40 +01:00 · d5cef41bb6
commit d5cef41bb6
parent 2b416e5faa
2 changed files with 20 additions and 1 deletions
--- a/Userland/Libraries/LibTLS/Certificate.cpp
+++ b/Userland/Libraries/LibTLS/Certificate.cpp
@ -463,8 +463,25 @@ Optional<Certificate> Certificate::parse_asn1(ReadonlyBytes buffer, bool)
        }
    }
    // Just ignore the rest of the data for now.
    EXIT_SCOPE("Certificate::TBSCertificate");
    // signature_algorithm
    {
        if (!parse_algorithm_identifier(certificate.signature_algorithm).has_value())
            return {};
    }
    // signature_value
    {
        READ_OBJECT_OR_FAIL(BitString, const BitmapView, value, "Certificate");
        auto signature_data_result = ByteBuffer::copy(value.data(), value.size_in_bytes());
        if (signature_data_result.is_error()) {
            dbgln("Certificate::signature_value: out of memory");
            return {};
        }
        certificate.signature_value = signature_data_result.release_value();
    }
    EXIT_SCOPE("Certificate");
    dbgln_if(TLS_DEBUG, "Certificate issued for {} by {}", certificate.subject.subject, certificate.issuer.subject);
--- a/Userland/Libraries/LibTLS/Certificate.h
+++ b/Userland/Libraries/LibTLS/Certificate.h
@ -53,6 +53,8 @@ public:
    ByteBuffer fingerprint {};
    ByteBuffer der {};
    ByteBuffer data {};
    CertificateKeyAlgorithm signature_algorithm { CertificateKeyAlgorithm::Unsupported };
    ByteBuffer signature_value {};
    static Optional<Certificate> parse_asn1(ReadonlyBytes, bool client_cert = false);