Add some helper functions for parsing certificate signature info

This commit is contained in:
Andrew Ayer 2020-04-28 15:57:35 -04:00
parent e74cb79bd4
commit e473b94fd9
1 changed files with 21 additions and 0 deletions

21
x509.go
View File

@ -11,6 +11,7 @@ package certspotter
import ( import (
"bytes" "bytes"
"crypto/x509/pkix"
"encoding/asn1" "encoding/asn1"
"errors" "errors"
"fmt" "fmt"
@ -356,6 +357,26 @@ func (cert *Certificate) ParseTBSCertificate() (*TBSCertificate, error) {
return ParseTBSCertificate(cert.GetRawTBSCertificate()) return ParseTBSCertificate(cert.GetRawTBSCertificate())
} }
func (cert *Certificate) ParseSignatureAlgorithm() (*pkix.AlgorithmIdentifier, error) {
signatureAlgorithm := new(pkix.AlgorithmIdentifier)
if rest, err := asn1.Unmarshal(cert.SignatureAlgorithm.FullBytes, signatureAlgorithm); err != nil {
return nil, errors.New("failed to parse signature algorithm: " + err.Error())
} else if len(rest) > 0 {
return nil, fmt.Errorf("trailing data after signature algorithm: %v", rest)
}
return signatureAlgorithm, nil
}
func (cert *Certificate) ParseSignatureValue() ([]byte, error) {
var signatureValue asn1.BitString
if rest, err := asn1.Unmarshal(cert.SignatureValue.FullBytes, &signatureValue); err != nil {
return nil, errors.New("failed to parse signature value: " + err.Error())
} else if len(rest) > 0 {
return nil, fmt.Errorf("trailing data after signature value: %v", rest)
}
return signatureValue.RightAlign(), nil
}
func parseSANExtension(sans []SubjectAltName, value []byte) ([]SubjectAltName, error) { func parseSANExtension(sans []SubjectAltName, value []byte) ([]SubjectAltName, error) {
var seq asn1.RawValue var seq asn1.RawValue
if rest, err := asn1.Unmarshal(value, &seq); err != nil { if rest, err := asn1.Unmarshal(value, &seq); err != nil {