/src/botan/build/include/public/botan/x509_crl.h

Source
/*
* X.509 CRL
* (C) 1999-2007 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#ifndef BOTAN_X509_CRL_H_
#define BOTAN_X509_CRL_H_

#include <botan/asn1_obj.h>
#include <botan/pkix_enums.h>
#include <botan/x509_obj.h>
#include <memory>
#include <vector>

namespace Botan {

class Extensions;
class X509_Certificate;
class X509_DN;

struct CRL_Entry_Data;
struct CRL_Data;

/**
* This class represents CRL entries
*/
class BOTAN_PUBLIC_API(2, 0) CRL_Entry final : public ASN1_Object {
   public:
      void encode_into(DER_Encoder&) const override;
      void decode_from(BER_Decoder&) override;

      /**
      * Get the serial number of the certificate associated with this entry.
      * @return certificate's serial number
      */
      const std::vector<uint8_t>& serial_number() const;

      /**
      * Get the revocation date of the certificate associated with this entry
      * @return certificate's revocation date
      */
      const X509_Time& expire_time() const;

      /**
      * Get the entries reason code
      * @return reason code
      */
      CRL_Code reason_code() const;

      /**
      * Get the extensions on this CRL entry
      */
      const Extensions& extensions() const;

      /**
      * Create uninitialized CRL_Entry object
      */
      CRL_Entry() = default;

      /**
      * Construct an CRL entry.
      * @param cert the certificate to revoke
      * @param reason the reason code to set in the entry
      */
      CRL_Entry(const X509_Certificate& cert, CRL_Code reason = CRL_Code::Unspecified);

   private:
      friend class X509_CRL;

      const CRL_Entry_Data& data() const;

      std::shared_ptr<CRL_Entry_Data> m_data;
};

/**
* Test two CRL entries for equality in all fields.
*/
BOTAN_PUBLIC_API(2, 0) bool operator==(const CRL_Entry&, const CRL_Entry&);

/**
* Test two CRL entries for inequality in at least one field.
*/
BOTAN_PUBLIC_API(2, 0) bool operator!=(const CRL_Entry&, const CRL_Entry&);

/**
* This class represents X.509 Certificate Revocation Lists (CRLs).
*/
class BOTAN_PUBLIC_API(2, 0) X509_CRL final : public X509_Object {
   public:
      /**
      * Check if this particular certificate is listed in the CRL
      */
      bool is_revoked(const X509_Certificate& cert) const;

      /**
      * Get the entries of this CRL in the form of a vector.
      * @return vector containing the entries of this CRL.
      */
      const std::vector<CRL_Entry>& get_revoked() const;

      /**
      * Get the X509 version of this CRL object
      * @return X509 version
      */
      uint32_t x509_version() const;

      /**
      * Get the issuer DN of this CRL.
      * @return CRLs issuer DN
      */
      const X509_DN& issuer_dn() const;

      /**
      * @return extension data for this CRL
      */
      const Extensions& extensions() const;

      /**
      * Get the AuthorityKeyIdentifier of this CRL.
      * @return this CRLs AuthorityKeyIdentifier
      */
      const std::vector<uint8_t>& authority_key_id() const;

      /**
      * Get the serial number of this CRL.
      * @return CRLs serial number
      */
      uint32_t crl_number() const;

      /**
      * Get the CRL's thisUpdate value.
      * @return CRLs thisUpdate
      */
      const X509_Time& this_update() const;

      /**
      * Get the CRL's nextUpdate value.
      *
      * Technically nextUpdate is optional in the X.509 spec and may be omitted,
      * despite RFC 5280 requiring it. If the nextUpdate field is not set, this
      * will return a time object with time_is_set() returning false.
      *
      * TODO(Botan4) return a `const std::optional<X509_Time>&` instead
      *
      * @return CRLs nextUpdate
      */
      const X509_Time& next_update() const;

      /**
      * Get the CRL's issuing distribution point
      */
      BOTAN_DEPRECATED("Use issuing_distribution_points") std::string crl_issuing_distribution_point() const;

      /**
      * Get the CRL's issuing distribution points
      *
      * See https://www.rfc-editor.org/rfc/rfc5280#section-5.2.5
      */
      std::vector<std::string> issuing_distribution_points() const;

      /**
      * Create an uninitialized CRL object. Any attempts to access
      * this object will throw an exception.
      */
      X509_CRL() = default;

      /**
      * Construct a CRL from a data source.
      * @param source the data source providing the DER or PEM encoded CRL.
      */
      X509_CRL(DataSource& source);

#if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
      /**
      * Construct a CRL from a file containing the DER or PEM encoded CRL.
      * @param filename the name of the CRL file
      */
      X509_CRL(std::string_view filename);
#endif

      /**
      * Construct a CRL from a binary vector
      * @param vec the binary (DER) representation of the CRL
      */
      X509_CRL(const std::vector<uint8_t>& vec);

      /**
      * Construct a CRL
      * @param issuer issuer of this CRL
      * @param thisUpdate valid from
      * @param nextUpdate valid until
      * @param revoked entries to be included in the CRL
      */
      X509_CRL(const X509_DN& issuer,
               const X509_Time& thisUpdate,
               const X509_Time& nextUpdate,
               const std::vector<CRL_Entry>& revoked);

   private:
      std::string PEM_label() const override;

      std::vector<std::string> alternate_PEM_labels() const override;

      void force_decode() override;

      const CRL_Data& data() const;

      std::shared_ptr<CRL_Data> m_data;
};

}  // namespace Botan

#endif

Coverage Report

Created: 2025-04-11 06:34

Line	Count	Source
1		/*
2		* X.509 CRL
3		* (C) 1999-2007 Jack Lloyd
4		*
5		* Botan is released under the Simplified BSD License (see license.txt)
6		*/
7
8		#ifndef BOTAN_X509_CRL_H_
9		#define BOTAN_X509_CRL_H_
10
11		#include <botan/asn1_obj.h>
12		#include <botan/pkix_enums.h>
13		#include <botan/x509_obj.h>
14		#include <memory>
15		#include <vector>
16
17		namespace Botan {
18
19		class Extensions;
20		class X509_Certificate;
21		class X509_DN;
22
23		struct CRL_Entry_Data;
24		struct CRL_Data;
25
26		/**
27		* This class represents CRL entries
28		*/
29		class BOTAN_PUBLIC_API(2, 0) CRL_Entry final : public ASN1_Object {
30		public:
31		void encode_into(DER_Encoder&) const override;
32		void decode_from(BER_Decoder&) override;
33
34		/**
35		* Get the serial number of the certificate associated with this entry.
36		* @return certificate's serial number
37		*/
38		const std::vector<uint8_t>& serial_number() const;
39
40		/**
41		* Get the revocation date of the certificate associated with this entry
42		* @return certificate's revocation date
43		*/
44		const X509_Time& expire_time() const;
45
46		/**
47		* Get the entries reason code
48		* @return reason code
49		*/
50		CRL_Code reason_code() const;
51
52		/**
53		* Get the extensions on this CRL entry
54		*/
55		const Extensions& extensions() const;
56
57		/**
58		* Create uninitialized CRL_Entry object
59		*/
60	5.51k	CRL_Entry() = default;
61
62		/**
63		* Construct an CRL entry.
64		* @param cert the certificate to revoke
65		* @param reason the reason code to set in the entry
66		*/
67		CRL_Entry(const X509_Certificate& cert, CRL_Code reason = CRL_Code::Unspecified);
68
69		private:
70		friend class X509_CRL;
71
72		const CRL_Entry_Data& data() const;
73
74		std::shared_ptr<CRL_Entry_Data> m_data;
75		};
76
77		/**
78		* Test two CRL entries for equality in all fields.
79		*/
80		BOTAN_PUBLIC_API(2, 0) bool operator==(const CRL_Entry&, const CRL_Entry&);
81
82		/**
83		* Test two CRL entries for inequality in at least one field.
84		*/
85		BOTAN_PUBLIC_API(2, 0) bool operator!=(const CRL_Entry&, const CRL_Entry&);
86
87		/**
88		* This class represents X.509 Certificate Revocation Lists (CRLs).
89		*/
90		class BOTAN_PUBLIC_API(2, 0) X509_CRL final : public X509_Object {
91		public:
92		/**
93		* Check if this particular certificate is listed in the CRL
94		*/
95		bool is_revoked(const X509_Certificate& cert) const;
96
97		/**
98		* Get the entries of this CRL in the form of a vector.
99		* @return vector containing the entries of this CRL.
100		*/
101		const std::vector<CRL_Entry>& get_revoked() const;
102
103		/**
104		* Get the X509 version of this CRL object
105		* @return X509 version
106		*/
107		uint32_t x509_version() const;
108
109		/**
110		* Get the issuer DN of this CRL.
111		* @return CRLs issuer DN
112		*/
113		const X509_DN& issuer_dn() const;
114
115		/**
116		* @return extension data for this CRL
117		*/
118		const Extensions& extensions() const;
119
120		/**
121		* Get the AuthorityKeyIdentifier of this CRL.
122		* @return this CRLs AuthorityKeyIdentifier
123		*/
124		const std::vector<uint8_t>& authority_key_id() const;
125
126		/**
127		* Get the serial number of this CRL.
128		* @return CRLs serial number
129		*/
130		uint32_t crl_number() const;
131
132		/**
133		* Get the CRL's thisUpdate value.
134		* @return CRLs thisUpdate
135		*/
136		const X509_Time& this_update() const;
137
138		/**
139		* Get the CRL's nextUpdate value.
140		*
141		* Technically nextUpdate is optional in the X.509 spec and may be omitted,
142		* despite RFC 5280 requiring it. If the nextUpdate field is not set, this
143		* will return a time object with time_is_set() returning false.
144		*
145		* TODO(Botan4) return a `const std::optional<X509_Time>&` instead
146		*
147		* @return CRLs nextUpdate
148		*/
149		const X509_Time& next_update() const;
150
151		/**
152		* Get the CRL's issuing distribution point
153		*/
154		BOTAN_DEPRECATED("Use issuing_distribution_points") std::string crl_issuing_distribution_point() const;
155
156		/**
157		* Get the CRL's issuing distribution points
158		*
159		* See https://www.rfc-editor.org/rfc/rfc5280#section-5.2.5
160		*/
161		std::vector<std::string> issuing_distribution_points() const;
162
163		/**
164		* Create an uninitialized CRL object. Any attempts to access
165		* this object will throw an exception.
166		*/
167		X509_CRL() = default;
168
169		/**
170		* Construct a CRL from a data source.
171		* @param source the data source providing the DER or PEM encoded CRL.
172		*/
173		X509_CRL(DataSource& source);
174
175		#if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
176		/**
177		* Construct a CRL from a file containing the DER or PEM encoded CRL.
178		* @param filename the name of the CRL file
179		*/
180		X509_CRL(std::string_view filename);
181		#endif
182
183		/**
184		* Construct a CRL from a binary vector
185		* @param vec the binary (DER) representation of the CRL
186		*/
187		X509_CRL(const std::vector<uint8_t>& vec);
188
189		/**
190		* Construct a CRL
191		* @param issuer issuer of this CRL
192		* @param thisUpdate valid from
193		* @param nextUpdate valid until
194		* @param revoked entries to be included in the CRL
195		*/
196		X509_CRL(const X509_DN& issuer,
197		const X509_Time& thisUpdate,
198		const X509_Time& nextUpdate,
199		const std::vector<CRL_Entry>& revoked);
200
201		private:
202		std::string PEM_label() const override;
203
204		std::vector<std::string> alternate_PEM_labels() const override;
205
206		void force_decode() override;
207
208		const CRL_Data& data() const;
209
210		std::shared_ptr<CRL_Data> m_data;
211		};
212
213		} // namespace Botan
214
215		#endif