Botan  2.19.1
Crypto and TLS for C++11
x509_crl.h
Go to the documentation of this file.
1 /*
2 * X.509 CRL
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_X509_CRL_H_
9 #define BOTAN_X509_CRL_H_
10 
11 #include <botan/x509_obj.h>
12 #include <botan/asn1_obj.h>
13 #include <botan/pkix_enums.h>
14 #include <vector>
15 
16 namespace Botan {
17 
18 class Extensions;
19 class X509_Certificate;
20 class X509_DN;
21 
22 struct CRL_Entry_Data;
23 struct CRL_Data;
24 
25 /**
26 * This class represents CRL entries
27 */
29  {
30  public:
31  void encode_into(class DER_Encoder&) const override;
32  void decode_from(class BER_Decoder&) override;
33 
34  /**
35  * Get the serial number of the certificate associated with this entry.
36  * @return certificate's serial number
37  */
38  const std::vector<uint8_t>& serial_number() const;
39 
40  /**
41  * Get the revocation date of the certificate associated with this entry
42  * @return certificate's revocation date
43  */
44  const X509_Time& expire_time() const;
45 
46  /**
47  * Get the entries reason code
48  * @return reason code
49  */
50  CRL_Code reason_code() const;
51 
52  /**
53  * Get the extensions on this CRL entry
54  */
55  const Extensions& extensions() const;
56 
57  /**
58  * Create uninitialized CRL_Entry object
59  */
60  CRL_Entry() = default;
61 
62  /**
63  * Construct an CRL entry.
64  * @param cert the certificate to revoke
65  * @param reason the reason code to set in the entry
66  */
67  CRL_Entry(const X509_Certificate& cert,
68  CRL_Code reason = UNSPECIFIED);
69 
70  private:
71  friend class X509_CRL;
72 
73  const CRL_Entry_Data& data() const;
74 
75  std::shared_ptr<CRL_Entry_Data> m_data;
76  };
77 
78 /**
79 * Test two CRL entries for equality in all fields.
80 */
81 BOTAN_PUBLIC_API(2,0) bool operator==(const CRL_Entry&, const CRL_Entry&);
82 
83 /**
84 * Test two CRL entries for inequality in at least one field.
85 */
86 BOTAN_PUBLIC_API(2,0) bool operator!=(const CRL_Entry&, const CRL_Entry&);
87 
88 /**
89 * This class represents X.509 Certificate Revocation Lists (CRLs).
90 */
92  {
93  public:
94  /**
95  * This class represents CRL related errors.
96  *
97  * In a future major release this exception type will be removed and
98  * replaced with Decoding_Error
99  */
100  class BOTAN_PUBLIC_API(2,0) X509_CRL_Error final : public Decoding_Error
101  {
102  public:
103  explicit X509_CRL_Error(const std::string& error) :
104  Decoding_Error("X509_CRL: " + error) {}
105  };
106 
107  /**
108  * Check if this particular certificate is listed in the CRL
109  */
110  bool is_revoked(const X509_Certificate& cert) const;
111 
112  /**
113  * Get the entries of this CRL in the form of a vector.
114  * @return vector containing the entries of this CRL.
115  */
116  const std::vector<CRL_Entry>& get_revoked() const;
117 
118  /**
119  * Get the issuer DN of this CRL.
120  * @return CRLs issuer DN
121  */
122  const X509_DN& issuer_dn() const;
123 
124  /**
125  * @return extension data for this CRL
126  */
127  const Extensions& extensions() const;
128 
129  /**
130  * Get the AuthorityKeyIdentifier of this CRL.
131  * @return this CRLs AuthorityKeyIdentifier
132  */
133  const std::vector<uint8_t>& authority_key_id() const;
134 
135  /**
136  * Get the serial number of this CRL.
137  * @return CRLs serial number
138  */
139  uint32_t crl_number() const;
140 
141  /**
142  * Get the CRL's thisUpdate value.
143  * @return CRLs thisUpdate
144  */
145  const X509_Time& this_update() const;
146 
147  /**
148  * Get the CRL's nextUpdate value.
149  * @return CRLs nextdUpdate
150  */
151  const X509_Time& next_update() const;
152 
153  /**
154  * Get the CRL's distribution point
155  * @return CRL.IssuingDistributionPoint from the CRL's Data_Store
156  */
157  std::string crl_issuing_distribution_point() const;
158 
159  /**
160  * Create an uninitialized CRL object. Any attempts to access
161  * this object will throw an exception.
162  */
163  X509_CRL() = default;
164 
165  /**
166  * Construct a CRL from a data source.
167  * @param source the data source providing the DER or PEM encoded CRL.
168  */
169  X509_CRL(DataSource& source);
170 
171 #if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
172  /**
173  * Construct a CRL from a file containing the DER or PEM encoded CRL.
174  * @param filename the name of the CRL file
175  */
176  X509_CRL(const std::string& filename);
177 #endif
178 
179  /**
180  * Construct a CRL from a binary vector
181  * @param vec the binary (DER) representation of the CRL
182  */
183  X509_CRL(const std::vector<uint8_t>& vec);
184 
185  /**
186  * Construct a CRL
187  * @param issuer issuer of this CRL
188  * @param thisUpdate valid from
189  * @param nextUpdate valid until
190  * @param revoked entries to be included in the CRL
191  */
192  X509_CRL(const X509_DN& issuer, const X509_Time& thisUpdate,
193  const X509_Time& nextUpdate, const std::vector<CRL_Entry>& revoked);
194 
195  private:
196  std::string PEM_label() const override;
197 
198  std::vector<std::string> alternate_PEM_labels() const override;
199 
200  void force_decode() override;
201 
202  const CRL_Data& data() const;
203 
204  std::shared_ptr<CRL_Data> m_data;
205  };
206 
207 }
208 
209 #endif
int(* final)(unsigned char *, CTX *)
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:31
X509_CRL_Error(const std::string &error)
Definition: x509_crl.h:103
Definition: alg_id.cpp:13
Definition: x509_crl.h:28