Botan  2.1.0
Crypto and TLS for C++11
x509_obj.h
Go to the documentation of this file.
1 /*
2 * X.509 SIGNED Object
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_X509_OBJECT_H__
9 #define BOTAN_X509_OBJECT_H__
10 
11 #include <botan/asn1_obj.h>
12 #include <botan/x509_key.h>
13 #include <botan/rng.h>
14 #include <vector>
15 
16 namespace Botan {
17 
18 /**
19 * This class represents abstract X.509 signed objects as
20 * in the X.500 SIGNED macro
21 */
22 class BOTAN_DLL X509_Object : public ASN1_Object
23  {
24  public:
25  /**
26  * The underlying data that is to be or was signed
27  * @return data that is or was signed
28  */
29  std::vector<uint8_t> tbs_data() const;
30 
31  /**
32  * @return signature on tbs_data()
33  */
34  std::vector<uint8_t> signature() const;
35 
36  /**
37  * @return signature algorithm that was used to generate signature
38  */
39  AlgorithmIdentifier signature_algorithm() const;
40 
41  /**
42  * @return hash algorithm that was used to generate signature
43  */
44  std::string hash_used_for_signature() const;
45 
46  /**
47  * Create a signed X509 object.
48  * @param signer the signer used to sign the object
49  * @param rng the random number generator to use
50  * @param alg_id the algorithm identifier of the signature scheme
51  * @param tbs the tbs bits to be signed
52  * @return signed X509 object
53  */
54  static std::vector<uint8_t> make_signed(class PK_Signer* signer,
56  const AlgorithmIdentifier& alg_id,
57  const secure_vector<uint8_t>& tbs);
58 
59  /**
60  * Check the signature on this data
61  * @param key the public key purportedly used to sign this data
62  * @return true if the signature is valid, otherwise false
63  */
64  bool check_signature(const Public_Key& key) const;
65 
66  /**
67  * Check the signature on this data
68  * @param key the public key purportedly used to sign this data
69  * the pointer will be deleted after use
70  * @return true if the signature is valid, otherwise false
71  */
72  bool check_signature(const Public_Key* key) const;
73 
74  /**
75  * DER encode an X509_Object
76  * See @ref ASN1_Object::encode_into()
77  */
78  void encode_into(class DER_Encoder& to) const override;
79 
80  /**
81  * Decode a BER encoded X509_Object
82  * See @ref ASN1_Object::decode_from()
83  */
84  void decode_from(class BER_Decoder& from) override;
85 
86  /**
87  * @return BER encoding of this
88  */
89  std::vector<uint8_t> BER_encode() const;
90 
91  /**
92  * @return PEM encoding of this
93  */
94  std::string PEM_encode() const;
95 
96  X509_Object(const X509_Object&) = default;
97  X509_Object& operator=(const X509_Object&) = default;
98  virtual ~X509_Object() = default;
99  protected:
100  X509_Object(DataSource& src, const std::string& pem_labels);
101  X509_Object(const std::vector<uint8_t>& vec, const std::string& labels);
102 
103 #if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
104  X509_Object(const std::string& file, const std::string& pem_labels);
105 #endif
106 
107  void do_decode();
108  X509_Object() = default;
110  std::vector<uint8_t> m_tbs_bits, m_sig;
111  private:
112  virtual void force_decode() = 0;
113  void init(DataSource&, const std::string&);
114 
115  std::vector<std::string> m_PEM_labels_allowed;
116  std::string m_PEM_label_pref;
117  };
118 
119 }
120 
121 #endif
AlgorithmIdentifier m_sig_algo
Definition: x509_obj.h:109
secure_vector< uint8_t > BER_encode(const Private_Key &key)
Definition: pkcs8.cpp:130
std::string PEM_encode(const Private_Key &key)
Definition: pkcs8.cpp:139
std::vector< T, secure_allocator< T >> secure_vector
Definition: secmem.h:121
std::vector< uint8_t > m_tbs_bits
Definition: x509_obj.h:110
Definition: alg_id.cpp:13