Botan  2.19.1
Crypto and TLS for C++11
certstor_flatfile.h
Go to the documentation of this file.
1 /*
2 * Certificate Store
3 * (C) 1999-2019 Jack Lloyd
4 * (C) 2019 Patrick Schmidt
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #ifndef BOTAN_CERT_STORE_FLATFILE_H_
10 #define BOTAN_CERT_STORE_FLATFILE_H_
11 
12 #include <botan/certstor.h>
13 
14 #include <vector>
15 #include <memory>
16 #include <map>
17 
18 namespace Botan {
19 /**
20 * Certificate Store that is backed by a file of PEMs of trusted CAs.
21 */
23  {
24  public:
25  /**
26  * Construct a new Certificate_Store given a file path to a file including
27  * PEMs of trusted self-signed CAs.
28  *
29  * @param file the name of the file to read certificates from
30  * @param ignore_non_ca if true, certs that are not self-signed CA certs will
31  * be ignored. Otherwise (if false), an exception will be thrown instead.
32  */
33  Flatfile_Certificate_Store(const std::string& file, bool ignore_non_ca = false);
34 
37  Flatfile_Certificate_Store& operator=(const Flatfile_Certificate_Store&) = default;
39 
40  /**
41  * @return DNs for all certificates managed by the store
42  */
43  std::vector<X509_DN> all_subjects() const override;
44 
45  /**
46  * Find all certificates with a given Subject DN.
47  * Subject DN and even the key identifier might not be unique.
48  */
49  std::vector<std::shared_ptr<const X509_Certificate>> find_all_certs(
50  const X509_DN& subject_dn, const std::vector<uint8_t>& key_id) const override;
51 
52  /**
53  * Find a certificate by searching for one with a matching SHA-1 hash of
54  * public key.
55  * @return a matching certificate or nullptr otherwise
56  */
57  std::shared_ptr<const X509_Certificate>
58  find_cert_by_pubkey_sha1(const std::vector<uint8_t>& key_hash) const override;
59 
60  std::shared_ptr<const X509_Certificate>
61  find_cert_by_raw_subject_dn_sha256(const std::vector<uint8_t>& subject_hash) const override;
62 
63  /**
64  * Fetching CRLs is not supported by this certificate store. This will
65  * always return an empty list.
66  */
67  std::shared_ptr<const X509_CRL> find_crl_for(const X509_Certificate& subject) const override;
68 
69  private:
70  std::vector<X509_DN> m_all_subjects;
71  std::map<X509_DN, std::vector<std::shared_ptr<const X509_Certificate>>> m_dn_to_cert;
72  std::map<std::vector<uint8_t>, std::shared_ptr<const X509_Certificate>> m_pubkey_sha1_to_cert;
73  std::map<std::vector<uint8_t>, std::shared_ptr<const X509_Certificate>> m_subject_dn_sha256_to_cert;
74  };
75 }
76 
77 #endif
int(* final)(unsigned char *, CTX *)
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:31
Definition: alg_id.cpp:13