diff options
author | Jack Lloyd <[email protected]> | 2016-11-03 10:30:13 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2016-11-03 10:30:13 -0400 |
commit | 341fd32b46363cad4c2caee3fca166695100ba07 (patch) | |
tree | 89a98aa28a431f2625268cf61e7adf903fd24a98 /src/lib/x509/x509_obj.h | |
parent | 1e72720661383466807ac496b941af41d756a2ce (diff) |
Move cert/x509 to top level and pem and pbes2 to pubkey.
The `cert` dir was just an artifact of having previously supported
CVC (smartcard cert format), removed a long time ago.
The pem and pbes2 code is directly related to the pubkey code,
in fact the only caller of pbes2 (likely anywhere, not just
in the library) is in pkcs8.cpp
Diffstat (limited to 'src/lib/x509/x509_obj.h')
-rw-r--r-- | src/lib/x509/x509_obj.h | 119 |
1 files changed, 119 insertions, 0 deletions
diff --git a/src/lib/x509/x509_obj.h b/src/lib/x509/x509_obj.h new file mode 100644 index 000000000..40324775c --- /dev/null +++ b/src/lib/x509/x509_obj.h @@ -0,0 +1,119 @@ +/* +* X.509 SIGNED Object +* (C) 1999-2007 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#ifndef BOTAN_X509_OBJECT_H__ +#define BOTAN_X509_OBJECT_H__ + +#include <botan/asn1_obj.h> +#include <botan/x509_key.h> +#include <botan/rng.h> +#include <vector> + +namespace Botan { + +/** +* This class represents abstract X.509 signed objects as +* in the X.500 SIGNED macro +*/ +class BOTAN_DLL X509_Object : public ASN1_Object + { + public: + /** + * The underlying data that is to be or was signed + * @return data that is or was signed + */ + std::vector<byte> tbs_data() const; + + /** + * @return signature on tbs_data() + */ + std::vector<byte> signature() const; + + /** + * @return signature algorithm that was used to generate signature + */ + AlgorithmIdentifier signature_algorithm() const; + + /** + * @return hash algorithm that was used to generate signature + */ + std::string hash_used_for_signature() const; + + /** + * Create a signed X509 object. + * @param signer the signer used to sign the object + * @param rng the random number generator to use + * @param alg_id the algorithm identifier of the signature scheme + * @param tbs the tbs bits to be signed + * @return signed X509 object + */ + static std::vector<byte> make_signed(class PK_Signer* signer, + RandomNumberGenerator& rng, + const AlgorithmIdentifier& alg_id, + const secure_vector<byte>& tbs); + + /** + * Check the signature on this data + * @param key the public key purportedly used to sign this data + * @return true if the signature is valid, otherwise false + */ + bool check_signature(const Public_Key& key) const; + + /** + * Check the signature on this data + * @param key the public key purportedly used to sign this data + * the pointer will be deleted after use + * @return true if the signature is valid, otherwise false + */ + bool check_signature(const Public_Key* key) const; + + /** + * DER encode an X509_Object + * See @ref ASN1_Object::encode_into() + */ + void encode_into(class DER_Encoder& to) const override; + + /** + * Decode a BER encoded X509_Object + * See @ref ASN1_Object::decode_from() + */ + void decode_from(class BER_Decoder& from) override; + + /** + * @return BER encoding of this + */ + std::vector<byte> BER_encode() const; + + /** + * @return PEM encoding of this + */ + std::string PEM_encode() const; + + virtual ~X509_Object() {} + protected: + X509_Object(DataSource& src, const std::string& pem_labels); + X509_Object(const std::vector<byte>& vec, const std::string& labels); + +#if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM) + X509_Object(const std::string& file, const std::string& pem_labels); +#endif + + void do_decode(); + X509_Object() {} + AlgorithmIdentifier m_sig_algo; + std::vector<byte> m_tbs_bits, m_sig; + private: + virtual void force_decode() = 0; + void init(DataSource&, const std::string&); + + std::vector<std::string> m_PEM_labels_allowed; + std::string m_PEM_label_pref; + }; + +} + +#endif |