/src/botan/build/include/botan/x509_crl.h
Line | Count | Source |
1 | | /* |
2 | | * X.509 CRL |
3 | | * (C) 1999-2007 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #ifndef BOTAN_X509_CRL_H_ |
9 | | #define BOTAN_X509_CRL_H_ |
10 | | |
11 | | #include <botan/x509_obj.h> |
12 | | #include <botan/asn1_obj.h> |
13 | | #include <botan/pkix_enums.h> |
14 | | #include <vector> |
15 | | |
16 | | namespace Botan { |
17 | | |
18 | | class Extensions; |
19 | | class X509_Certificate; |
20 | | class X509_DN; |
21 | | |
22 | | struct CRL_Entry_Data; |
23 | | struct CRL_Data; |
24 | | |
25 | | /** |
26 | | * This class represents CRL entries |
27 | | */ |
28 | | class BOTAN_PUBLIC_API(2,0) CRL_Entry final : public ASN1_Object |
29 | | { |
30 | | public: |
31 | | void encode_into(DER_Encoder&) const override; |
32 | | void decode_from(BER_Decoder&) override; |
33 | | |
34 | | /** |
35 | | * Get the serial number of the certificate associated with this entry. |
36 | | * @return certificate's serial number |
37 | | */ |
38 | | const std::vector<uint8_t>& serial_number() const; |
39 | | |
40 | | /** |
41 | | * Get the revocation date of the certificate associated with this entry |
42 | | * @return certificate's revocation date |
43 | | */ |
44 | | const X509_Time& expire_time() const; |
45 | | |
46 | | /** |
47 | | * Get the entries reason code |
48 | | * @return reason code |
49 | | */ |
50 | | CRL_Code reason_code() const; |
51 | | |
52 | | /** |
53 | | * Get the extensions on this CRL entry |
54 | | */ |
55 | | const Extensions& extensions() const; |
56 | | |
57 | | /** |
58 | | * Create uninitialized CRL_Entry object |
59 | | */ |
60 | 6.90k | CRL_Entry() = default; |
61 | | |
62 | | /** |
63 | | * Construct an CRL entry. |
64 | | * @param cert the certificate to revoke |
65 | | * @param reason the reason code to set in the entry |
66 | | */ |
67 | | CRL_Entry(const X509_Certificate& cert, |
68 | | CRL_Code reason = CRL_Code::UNSPECIFIED); |
69 | | |
70 | | private: |
71 | | friend class X509_CRL; |
72 | | |
73 | | const CRL_Entry_Data& data() const; |
74 | | |
75 | | std::shared_ptr<CRL_Entry_Data> m_data; |
76 | | }; |
77 | | |
78 | | /** |
79 | | * Test two CRL entries for equality in all fields. |
80 | | */ |
81 | | BOTAN_PUBLIC_API(2,0) bool operator==(const CRL_Entry&, const CRL_Entry&); |
82 | | |
83 | | /** |
84 | | * Test two CRL entries for inequality in at least one field. |
85 | | */ |
86 | | BOTAN_PUBLIC_API(2,0) bool operator!=(const CRL_Entry&, const CRL_Entry&); |
87 | | |
88 | | /** |
89 | | * This class represents X.509 Certificate Revocation Lists (CRLs). |
90 | | */ |
91 | | class BOTAN_PUBLIC_API(2,0) X509_CRL final : public X509_Object |
92 | | { |
93 | | public: |
94 | | /** |
95 | | * Check if this particular certificate is listed in the CRL |
96 | | */ |
97 | | bool is_revoked(const X509_Certificate& cert) const; |
98 | | |
99 | | /** |
100 | | * Get the entries of this CRL in the form of a vector. |
101 | | * @return vector containing the entries of this CRL. |
102 | | */ |
103 | | const std::vector<CRL_Entry>& get_revoked() const; |
104 | | |
105 | | /** |
106 | | * Get the issuer DN of this CRL. |
107 | | * @return CRLs issuer DN |
108 | | */ |
109 | | const X509_DN& issuer_dn() const; |
110 | | |
111 | | /** |
112 | | * @return extension data for this CRL |
113 | | */ |
114 | | const Extensions& extensions() const; |
115 | | |
116 | | /** |
117 | | * Get the AuthorityKeyIdentifier of this CRL. |
118 | | * @return this CRLs AuthorityKeyIdentifier |
119 | | */ |
120 | | const std::vector<uint8_t>& authority_key_id() const; |
121 | | |
122 | | /** |
123 | | * Get the serial number of this CRL. |
124 | | * @return CRLs serial number |
125 | | */ |
126 | | uint32_t crl_number() const; |
127 | | |
128 | | /** |
129 | | * Get the CRL's thisUpdate value. |
130 | | * @return CRLs thisUpdate |
131 | | */ |
132 | | const X509_Time& this_update() const; |
133 | | |
134 | | /** |
135 | | * Get the CRL's nextUpdate value. |
136 | | * @return CRLs nextdUpdate |
137 | | */ |
138 | | const X509_Time& next_update() const; |
139 | | |
140 | | /** |
141 | | * Get the CRL's distribution point |
142 | | */ |
143 | | std::string crl_issuing_distribution_point() const; |
144 | | |
145 | | /** |
146 | | * Create an uninitialized CRL object. Any attempts to access |
147 | | * this object will throw an exception. |
148 | | */ |
149 | | X509_CRL() = default; |
150 | | |
151 | | /** |
152 | | * Construct a CRL from a data source. |
153 | | * @param source the data source providing the DER or PEM encoded CRL. |
154 | | */ |
155 | | X509_CRL(DataSource& source); |
156 | | |
157 | | #if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM) |
158 | | /** |
159 | | * Construct a CRL from a file containing the DER or PEM encoded CRL. |
160 | | * @param filename the name of the CRL file |
161 | | */ |
162 | | X509_CRL(const std::string& filename); |
163 | | #endif |
164 | | |
165 | | /** |
166 | | * Construct a CRL from a binary vector |
167 | | * @param vec the binary (DER) representation of the CRL |
168 | | */ |
169 | | X509_CRL(const std::vector<uint8_t>& vec); |
170 | | |
171 | | /** |
172 | | * Construct a CRL |
173 | | * @param issuer issuer of this CRL |
174 | | * @param thisUpdate valid from |
175 | | * @param nextUpdate valid until |
176 | | * @param revoked entries to be included in the CRL |
177 | | */ |
178 | | X509_CRL(const X509_DN& issuer, const X509_Time& thisUpdate, |
179 | | const X509_Time& nextUpdate, const std::vector<CRL_Entry>& revoked); |
180 | | |
181 | | private: |
182 | | std::string PEM_label() const override; |
183 | | |
184 | | std::vector<std::string> alternate_PEM_labels() const override; |
185 | | |
186 | | void force_decode() override; |
187 | | |
188 | | const CRL_Data& data() const; |
189 | | |
190 | | std::shared_ptr<CRL_Data> m_data; |
191 | | }; |
192 | | |
193 | | } |
194 | | |
195 | | #endif |