propagate from branch 'net.randombit.botan' (head 0d0f3fba72f3300bc995c79124a75a4fc0b83879)

            to branch 'net.randombit.botan.x509-path-validation' (head 48d03e596f032c0c69d691dbf49a2a1415b348c3)

1 files changed, 113 insertions, 0 deletions

diff --git a/src/cert/x509/x509_obj.h b/src/cert/x509/x509_obj.h
new file mode 100644
index 000000000..570b00f51
--- /dev/null
+++ b/src/cert/x509/x509_obj.h
@@ -0,0 +1,113 @@
+/*
+* X.509 SIGNED Object
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_X509_OBJECT_H__
+#define BOTAN_X509_OBJECT_H__
+
+#include <botan/asn1_obj.h>
+#include <botan/pipe.h>
+#include <botan/pubkey_enums.h>
+#include <botan/rng.h>
+#include <vector>
+
+namespace Botan {
+
+/**
+* This class represents abstract X.509 signed objects as
+* in the X.500 SIGNED macro
+*/
+class BOTAN_DLL X509_Object
+   {
+   public:
+      /**
+      * The underlying data that is to be or was signed
+      * @return data that is or was signed
+      */
+      MemoryVector<byte> tbs_data() const;
+
+      /**
+      * @return signature on tbs_data()
+      */
+      MemoryVector<byte> signature() const;
+
+      /**
+      * @return signature algorithm that was used to generate signature
+      */
+      AlgorithmIdentifier signature_algorithm() const;
+
+      /**
+      * @return hash algorithm that was used to generate signature
+      */
+      std::string hash_used_for_signature() const;
+
+      /**
+      * Create a signed X509 object.
+      * @param signer the signer used to sign the object
+      * @param rng the random number generator to use
+      * @param alg_id the algorithm identifier of the signature scheme
+      * @param tbs the tbs bits to be signed
+      * @return signed X509 object
+      */
+      static MemoryVector<byte> make_signed(class PK_Signer* signer,
+                                            RandomNumberGenerator& rng,
+                                            const AlgorithmIdentifier& alg_id,
+                                            const MemoryRegion<byte>& tbs);
+
+      /**
+      * Check the signature on this data
+      * @param key the public key purportedly used to sign this data
+      * @return true if the signature is valid, otherwise false
+      */
+      bool check_signature(class Public_Key& key) const;
+
+      /**
+      * Check the signature on this data
+      * @param key the public key purportedly used to sign this data
+      *        the pointer will be deleted after use
+      * @return true if the signature is valid, otherwise false
+      */
+      bool check_signature(class Public_Key* key) const;
+
+      /**
+      * @return BER encoding of this
+      */
+      MemoryVector<byte> BER_encode() const;
+
+      /**
+      * @return PEM encoding of this
+      */
+      std::string PEM_encode() const;
+
+      /**
+      * Encode this to a pipe
+      * @deprecated use BER_encode or PEM_encode instead
+      * @param out the pipe to write to
+      * @param encoding the encoding to use
+      */
+      BOTAN_DEPRECATED("Use BER_encode or PEM_encode")
+      void encode(Pipe& out, X509_Encoding encoding = PEM) const;
+
+      virtual ~X509_Object() {}
+   protected:
+      X509_Object(DataSource& src, const std::string& pem_labels);
+      X509_Object(const std::string& file, const std::string& pem_labels);
+
+      void do_decode();
+      X509_Object() {}
+      AlgorithmIdentifier sig_algo;
+      MemoryVector<byte> tbs_bits, sig;
+   private:
+      virtual void force_decode() = 0;
+      void init(DataSource&, const std::string&);
+      void decode_info(DataSource&);
+      std::vector<std::string> PEM_labels_allowed;
+      std::string PEM_label_pref;
+   };
+
+}
+
+#endif