/src/botan/build/include/botan/x509_obj.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * X.509 SIGNED Object |
3 | | * (C) 1999-2007 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #ifndef BOTAN_X509_OBJECT_H_ |
9 | | #define BOTAN_X509_OBJECT_H_ |
10 | | |
11 | | #include <botan/asn1_obj.h> |
12 | | #include <botan/alg_id.h> |
13 | | #include <botan/cert_status.h> |
14 | | #include <vector> |
15 | | |
16 | | namespace Botan { |
17 | | |
18 | | class Public_Key; |
19 | | class Private_Key; |
20 | | class RandomNumberGenerator; |
21 | | |
22 | | /** |
23 | | * This class represents abstract X.509 signed objects as in the X.500 |
24 | | * SIGNED macro |
25 | | */ |
26 | | class BOTAN_PUBLIC_API(2,0) X509_Object : public ASN1_Object |
27 | | { |
28 | | public: |
29 | | /** |
30 | | * The underlying data that is to be or was signed |
31 | | * @return data that is or was signed |
32 | | */ |
33 | | std::vector<uint8_t> tbs_data() const; |
34 | | |
35 | | /** |
36 | | * @return signature on tbs_data() |
37 | | */ |
38 | 18.8k | const std::vector<uint8_t>& signature() const { return m_sig; } |
39 | | |
40 | | /** |
41 | | * @return signed body |
42 | | */ |
43 | 25.0k | const std::vector<uint8_t>& signed_body() const { return m_tbs_bits; } |
44 | | |
45 | | /** |
46 | | * @return signature algorithm that was used to generate signature |
47 | | */ |
48 | 24.3k | const AlgorithmIdentifier& signature_algorithm() const { return m_sig_algo; } |
49 | | |
50 | | /** |
51 | | * @return hash algorithm that was used to generate signature |
52 | | */ |
53 | | std::string hash_used_for_signature() const; |
54 | | |
55 | | /** |
56 | | * Create a signed X509 object. |
57 | | * @param signer the signer used to sign the object |
58 | | * @param rng the random number generator to use |
59 | | * @param alg_id the algorithm identifier of the signature scheme |
60 | | * @param tbs the tbs bits to be signed |
61 | | * @return signed X509 object |
62 | | */ |
63 | | static std::vector<uint8_t> make_signed(class PK_Signer* signer, |
64 | | RandomNumberGenerator& rng, |
65 | | const AlgorithmIdentifier& alg_id, |
66 | | const secure_vector<uint8_t>& tbs); |
67 | | |
68 | | /** |
69 | | * Check the signature on this data |
70 | | * @param key the public key purportedly used to sign this data |
71 | | * @return status of the signature - OK if verified or otherwise an indicator of |
72 | | * the problem preventing verification. |
73 | | */ |
74 | | Certificate_Status_Code verify_signature(const Public_Key& key) const; |
75 | | |
76 | | /** |
77 | | * Check the signature on this data |
78 | | * @param key the public key purportedly used to sign this data |
79 | | * @return true if the signature is valid, otherwise false |
80 | | */ |
81 | | bool check_signature(const Public_Key& key) const; |
82 | | |
83 | | /** |
84 | | * Check the signature on this data |
85 | | * @param key the public key purportedly used to sign this data |
86 | | * the object will be deleted after use (this should have |
87 | | * been a std::unique_ptr<Public_Key>) |
88 | | * @return true if the signature is valid, otherwise false |
89 | | */ |
90 | | bool check_signature(const Public_Key* key) const; |
91 | | |
92 | | /** |
93 | | * DER encode an X509_Object |
94 | | * See @ref ASN1_Object::encode_into() |
95 | | */ |
96 | | void encode_into(class DER_Encoder& to) const override; |
97 | | |
98 | | /** |
99 | | * Decode a BER encoded X509_Object |
100 | | * See @ref ASN1_Object::decode_from() |
101 | | */ |
102 | | void decode_from(class BER_Decoder& from) override; |
103 | | |
104 | | /** |
105 | | * @return PEM encoding of this |
106 | | */ |
107 | | std::string PEM_encode() const; |
108 | | |
109 | 54.4k | X509_Object(const X509_Object&) = default; |
110 | 0 | X509_Object& operator=(const X509_Object&) = default; |
111 | | |
112 | | virtual std::string PEM_label() const = 0; |
113 | | |
114 | | virtual std::vector<std::string> alternate_PEM_labels() const |
115 | 0 | { return std::vector<std::string>(); } |
116 | | |
117 | 72.1k | virtual ~X509_Object() = default; |
118 | | |
119 | | static std::unique_ptr<PK_Signer> |
120 | | choose_sig_format(AlgorithmIdentifier& sig_algo, |
121 | | const Private_Key& key, |
122 | | RandomNumberGenerator& rng, |
123 | | const std::string& hash_fn, |
124 | | const std::string& padding_algo); |
125 | | |
126 | | protected: |
127 | | |
128 | 17.7k | X509_Object() = default; |
129 | | |
130 | | /** |
131 | | * Decodes from src as either DER or PEM data, then calls force_decode() |
132 | | */ |
133 | | void load_data(DataSource& src); |
134 | | |
135 | | private: |
136 | | virtual void force_decode() = 0; |
137 | | |
138 | | AlgorithmIdentifier m_sig_algo; |
139 | | std::vector<uint8_t> m_tbs_bits; |
140 | | std::vector<uint8_t> m_sig; |
141 | | }; |
142 | | |
143 | | } |
144 | | |
145 | | #endif |