diff options
| author | Jack Lloyd <[email protected]> | 2016-11-03 10:30:13 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2016-11-03 10:30:13 -0400 |
| commit | 341fd32b46363cad4c2caee3fca166695100ba07 (patch) | |
| tree | 89a98aa28a431f2625268cf61e7adf903fd24a98 /src/lib/x509/crl_ent.h | |
| parent | 1e72720661383466807ac496b941af41d756a2ce (diff) | |
Move cert/x509 to top level and pem and pbes2 to pubkey.
The `cert` dir was just an artifact of having previously supported
CVC (smartcard cert format), removed a long time ago.
The pem and pbes2 code is directly related to the pubkey code,
in fact the only caller of pbes2 (likely anywhere, not just
in the library) is in pkcs8.cpp
Diffstat (limited to 'src/lib/x509/crl_ent.h')
| -rw-r--r-- | src/lib/x509/crl_ent.h | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/src/lib/x509/crl_ent.h b/src/lib/x509/crl_ent.h new file mode 100644 index 000000000..6600621e5 --- /dev/null +++ b/src/lib/x509/crl_ent.h @@ -0,0 +1,98 @@ +/* +* CRL Entry +* (C) 1999-2007 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#ifndef BOTAN_CRL_ENTRY_H__ +#define BOTAN_CRL_ENTRY_H__ + +#include <botan/asn1_time.h> + +namespace Botan { + +class X509_Certificate; + +/** +* X.509v2 CRL Reason Code. +*/ +enum CRL_Code { + UNSPECIFIED = 0, + KEY_COMPROMISE = 1, + CA_COMPROMISE = 2, + AFFILIATION_CHANGED = 3, + SUPERSEDED = 4, + CESSATION_OF_OPERATION = 5, + CERTIFICATE_HOLD = 6, + REMOVE_FROM_CRL = 8, + PRIVLEDGE_WITHDRAWN = 9, + AA_COMPROMISE = 10, + + DELETE_CRL_ENTRY = 0xFF00, + OCSP_GOOD = 0xFF01, + OCSP_UNKNOWN = 0xFF02 +}; + +/** +* This class represents CRL entries +*/ +class BOTAN_DLL CRL_Entry final : public ASN1_Object + { + public: + void encode_into(class DER_Encoder&) const override; + void decode_from(class BER_Decoder&) override; + + /** + * Get the serial number of the certificate associated with this entry. + * @return certificate's serial number + */ + std::vector<byte> serial_number() const { return m_serial; } + + /** + * Get the revocation date of the certificate associated with this entry + * @return certificate's revocation date + */ + X509_Time expire_time() const { return m_time; } + + /** + * Get the entries reason code + * @return reason code + */ + CRL_Code reason_code() const { return m_reason; } + + /** + * Construct an empty CRL entry. + * @param throw_on_unknown_critical_extension should we throw an exception + * if an unknown CRL extension marked as critical is encountered + */ + explicit CRL_Entry(bool throw_on_unknown_critical_extension = false); + + /** + * Construct an CRL entry. + * @param cert the certificate to revoke + * @param reason the reason code to set in the entry + */ + CRL_Entry(const X509_Certificate& cert, + CRL_Code reason = UNSPECIFIED); + + private: + bool m_throw_on_unknown_critical; + std::vector<byte> m_serial; + X509_Time m_time; + CRL_Code m_reason; + }; + +/** +* Test two CRL entries for equality in all fields. +*/ +BOTAN_DLL bool operator==(const CRL_Entry&, const CRL_Entry&); + +/** +* Test two CRL entries for inequality in at least one field. +*/ +BOTAN_DLL bool operator!=(const CRL_Entry&, const CRL_Entry&); + +} + +#endif |