1 files changed, 115 insertions, 0 deletions

diff --git a/src/lib/prov/pkcs11/p11_x509.h b/src/lib/prov/pkcs11/p11_x509.h
new file mode 100644
index 000000000..f0e025ff4
--- /dev/null
+++ b/src/lib/prov/pkcs11/p11_x509.h
@@ -0,0 +1,115 @@
+/*
+* PKCS#11 X.509
+* (C) 2016 Daniel Neus, Sirrix AG
+* (C) 2016 Philipp Weber, Sirrix AG
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#ifndef BOTAN_P11_X509_H__
+#define BOTAN_P11_X509_H__
+
+#include <botan/build.h>
+#if defined(BOTAN_HAS_X509_CERTIFICATES)
+
+#include <botan/p11_object.h>
+
+#include <botan/x509cert.h>
+
+#include <vector>
+
+namespace Botan {
+namespace PKCS11 {
+
+class Session;
+
+/// Common attributes of all PKCS#11 X509 certificates
+class BOTAN_DLL X509_CertificateProperties final : public CertificateProperties
+   {
+   public:
+      /**
+      * @param subject DER-encoding of the certificate subject name
+      * @param value BER-encoding of the certificate
+      */
+      X509_CertificateProperties(const std::vector<byte>& subject, const std::vector<byte>& value);
+
+      /// @param id key identifier for public/private key pair
+      inline void set_id(const std::vector<byte>& id)
+         {
+         add_binary(AttributeType::Id, id);
+         }
+
+      /// @param issuer DER-encoding of the certificate issuer name
+      inline void set_issuer(const std::vector<byte>& issuer)
+         {
+         add_binary(AttributeType::Issuer, issuer);
+         }
+
+      /// @param serial DER-encoding of the certificate serial number
+      inline void set_serial(const std::vector<byte>& serial)
+         {
+         add_binary(AttributeType::SerialNumber, serial);
+         }
+
+      /// @param hash hash value of the subject public key
+      inline void set_subject_pubkey_hash(const std::vector<byte>& hash)
+         {
+         add_binary(AttributeType::HashOfSubjectPublicKey, hash);
+         }
+
+      /// @param hash hash value of the issuer public key
+      inline void set_issuer_pubkey_hash(const std::vector<byte>& hash)
+         {
+         add_binary(AttributeType::HashOfIssuerPublicKey, hash);
+         }
+
+      /// @param alg defines the mechanism used to calculate `CKA_HASH_OF_SUBJECT_PUBLIC_KEY` and `CKA_HASH_OF_ISSUER_PUBLIC_KEY`
+      inline void set_hash_alg(MechanismType alg)
+         {
+         add_numeric(AttributeType::NameHashAlgorithm, static_cast<Ulong>(alg));
+         }
+
+      /// @return the subject
+      inline const std::vector<byte>& subject() const
+         {
+         return m_subject;
+         }
+
+      /// @return the BER-encoding of the certificate
+      inline const std::vector<byte>& value() const
+         {
+         return m_value;
+         }
+
+   private:
+      const std::vector<byte> m_subject;
+      const std::vector<byte> m_value;
+   };
+
+/// Represents a PKCS#11 X509 certificate
+class BOTAN_DLL PKCS11_X509_Certificate final : public Object, public X509_Certificate
+   {
+   public:
+      static const ObjectClass Class = ObjectClass::Certificate;
+
+      /**
+      * Create a PKCS11_X509_Certificate object from an existing PKCS#11 X509 cert
+      * @param session the session to use
+      * @param handle the handle of the X.509 certificate
+      */
+      PKCS11_X509_Certificate(Session& session, ObjectHandle handle);
+
+      /**
+      * Imports a X.509 certificate
+      * @param session the session to use
+      * @param props the attributes of the X.509 certificate
+      */
+      PKCS11_X509_Certificate(Session& session, const X509_CertificateProperties& props);
+   };
+
+}
+}
+
+#endif
+
+#endif