blob: c9ff0f7618096d585e52b9bae4e4d9a5b574a710 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
/*
* X.509 SIGNED Object
* (C) 1999-2007 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#ifndef BOTAN_X509_OBJECT_H_
#define BOTAN_X509_OBJECT_H_
#include <botan/asn1_obj.h>
#include <botan/alg_id.h>
#include <vector>
namespace Botan {
class Public_Key;
class RandomNumberGenerator;
/**
* This class represents abstract X.509 signed objects as in the X.500
* SIGNED macro
*/
class BOTAN_PUBLIC_API(2,0) X509_Object : public ASN1_Object
{
public:
/**
* The underlying data that is to be or was signed
* @return data that is or was signed
*/
std::vector<uint8_t> tbs_data() const;
/**
* @return signature on tbs_data()
*/
const std::vector<uint8_t>& signature() const { return m_sig; }
/**
* @return signed body
*/
const std::vector<uint8_t>& signed_body() const { return m_tbs_bits; }
/**
* @return signature algorithm that was used to generate signature
*/
const AlgorithmIdentifier& signature_algorithm() const { return m_sig_algo; }
/**
* @return hash algorithm that was used to generate signature
*/
std::string hash_used_for_signature() const;
/**
* Create a signed X509 object.
* @param signer the signer used to sign the object
* @param rng the random number generator to use
* @param alg_id the algorithm identifier of the signature scheme
* @param tbs the tbs bits to be signed
* @return signed X509 object
*/
static std::vector<uint8_t> make_signed(class PK_Signer* signer,
RandomNumberGenerator& rng,
const AlgorithmIdentifier& alg_id,
const secure_vector<uint8_t>& tbs);
/**
* Check the signature on this data
* @param key the public key purportedly used to sign this data
* @return true if the signature is valid, otherwise false
*/
bool check_signature(const Public_Key& key) const;
/**
* Check the signature on this data
* @param key the public key purportedly used to sign this data
* the pointer will be deleted after use
* @return true if the signature is valid, otherwise false
*/
bool check_signature(const Public_Key* key) const;
/**
* DER encode an X509_Object
* See @ref ASN1_Object::encode_into()
*/
void encode_into(class DER_Encoder& to) const override;
/**
* Decode a BER encoded X509_Object
* See @ref ASN1_Object::decode_from()
*/
void decode_from(class BER_Decoder& from) override;
/**
* @return BER encoding of this
*/
std::vector<uint8_t> BER_encode() const;
/**
* @return PEM encoding of this
*/
std::string PEM_encode() const;
X509_Object(const X509_Object&) = default;
X509_Object& operator=(const X509_Object&) = default;
virtual std::string PEM_label() const = 0;
virtual std::vector<std::string> alternate_PEM_labels() const
{ return std::vector<std::string>(); }
virtual ~X509_Object() = default;
protected:
X509_Object() = default;
/**
* Decodes from src as either DER or PEM data, then calls force_decode()
*/
void load_data(DataSource& src);
private:
virtual void force_decode() = 0;
AlgorithmIdentifier m_sig_algo;
std::vector<uint8_t> m_tbs_bits;
std::vector<uint8_t> m_sig;
};
}
#endif
|