/src/botan/build/include/botan/x509_obj.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * X.509 SIGNED Object |
3 | | * (C) 1999-2007 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #ifndef BOTAN_X509_OBJECT_H_ |
9 | | #define BOTAN_X509_OBJECT_H_ |
10 | | |
11 | | #include <botan/asn1_obj.h> |
12 | | #include <botan/pkix_enums.h> |
13 | | #include <vector> |
14 | | |
15 | | namespace Botan { |
16 | | |
17 | | class Public_Key; |
18 | | class Private_Key; |
19 | | class RandomNumberGenerator; |
20 | | |
21 | | /** |
22 | | * This class represents abstract X.509 signed objects as in the X.500 |
23 | | * SIGNED macro |
24 | | */ |
25 | | class BOTAN_PUBLIC_API(2,0) X509_Object : public ASN1_Object |
26 | | { |
27 | | public: |
28 | | /** |
29 | | * The underlying data that is to be or was signed |
30 | | * @return data that is or was signed |
31 | | */ |
32 | | std::vector<uint8_t> tbs_data() const; |
33 | | |
34 | | /** |
35 | | * @return signature on tbs_data() |
36 | | */ |
37 | 15.7k | const std::vector<uint8_t>& signature() const { return m_sig; } |
38 | | |
39 | | /** |
40 | | * @return signed body |
41 | | */ |
42 | 22.3k | const std::vector<uint8_t>& signed_body() const { return m_tbs_bits; } |
43 | | |
44 | | /** |
45 | | * @return signature algorithm that was used to generate signature |
46 | | */ |
47 | 28.7k | const AlgorithmIdentifier& signature_algorithm() const { return m_sig_algo; } |
48 | | |
49 | | /** |
50 | | * @return hash algorithm that was used to generate signature |
51 | | */ |
52 | | std::string hash_used_for_signature() const; |
53 | | |
54 | | /** |
55 | | * Create a signed X509 object. |
56 | | * @param signer the signer used to sign the object |
57 | | * @param rng the random number generator to use |
58 | | * @param alg_id the algorithm identifier of the signature scheme |
59 | | * @param tbs the tbs bits to be signed |
60 | | * @return signed X509 object |
61 | | */ |
62 | | static std::vector<uint8_t> make_signed(class PK_Signer* signer, |
63 | | RandomNumberGenerator& rng, |
64 | | const AlgorithmIdentifier& alg_id, |
65 | | const secure_vector<uint8_t>& tbs); |
66 | | |
67 | | /** |
68 | | * Check the signature on this data |
69 | | * @param key the public key purportedly used to sign this data |
70 | | * @return status of the signature - OK if verified or otherwise an indicator of |
71 | | * the problem preventing verification. |
72 | | */ |
73 | | Certificate_Status_Code verify_signature(const Public_Key& key) const; |
74 | | |
75 | | /** |
76 | | * Check the signature on this data |
77 | | * @param key the public key purportedly used to sign this data |
78 | | * @return true if the signature is valid, otherwise false |
79 | | */ |
80 | | bool check_signature(const Public_Key& key) const; |
81 | | |
82 | | /** |
83 | | * Check the signature on this data |
84 | | * @param key the public key purportedly used to sign this data |
85 | | * the object will be deleted after use (this should have |
86 | | * been a std::unique_ptr<Public_Key>) |
87 | | * @return true if the signature is valid, otherwise false |
88 | | */ |
89 | | bool check_signature(const Public_Key* key) const; |
90 | | |
91 | | /** |
92 | | * DER encode an X509_Object |
93 | | * See @ref ASN1_Object::encode_into() |
94 | | */ |
95 | | void encode_into(class DER_Encoder& to) const override; |
96 | | |
97 | | /** |
98 | | * Decode a BER encoded X509_Object |
99 | | * See @ref ASN1_Object::decode_from() |
100 | | */ |
101 | | void decode_from(class BER_Decoder& from) override; |
102 | | |
103 | | /** |
104 | | * @return PEM encoding of this |
105 | | */ |
106 | | std::string PEM_encode() const; |
107 | | |
108 | 47.2k | X509_Object(const X509_Object&) = default; |
109 | 0 | X509_Object& operator=(const X509_Object&) = default; |
110 | | |
111 | | virtual std::string PEM_label() const = 0; |
112 | | |
113 | | virtual std::vector<std::string> alternate_PEM_labels() const |
114 | 0 | { return std::vector<std::string>(); } |
115 | | |
116 | 63.8k | virtual ~X509_Object() = default; |
117 | | |
118 | | static std::unique_ptr<PK_Signer> |
119 | | choose_sig_format(AlgorithmIdentifier& sig_algo, |
120 | | const Private_Key& key, |
121 | | RandomNumberGenerator& rng, |
122 | | const std::string& hash_fn, |
123 | | const std::string& padding_algo); |
124 | | |
125 | | protected: |
126 | | |
127 | 16.5k | X509_Object() = default; |
128 | | |
129 | | /** |
130 | | * Decodes from src as either DER or PEM data, then calls force_decode() |
131 | | */ |
132 | | void load_data(DataSource& src); |
133 | | |
134 | | private: |
135 | | virtual void force_decode() = 0; |
136 | | |
137 | | AlgorithmIdentifier m_sig_algo; |
138 | | std::vector<uint8_t> m_tbs_bits; |
139 | | std::vector<uint8_t> m_sig; |
140 | | }; |
141 | | |
142 | | } |
143 | | |
144 | | #endif |