Botan 3.9.0
Crypto and TLS for C&
pkix_enums.h
Go to the documentation of this file.
1/*
2* (C) 2013,2023 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#ifndef BOTAN_X509_PKIX_ENUMS_H_
8#define BOTAN_X509_PKIX_ENUMS_H_
9
10#include <botan/types.h>
11#include <string>
12
13namespace Botan {
14
15class Public_Key;
16
17/**
18* Certificate validation status code
19*/
20enum class Certificate_Status_Code : uint16_t {
21 // TODO(Botan4) renumber this, e.g. Validation Errors -> IP_ADDR_BLOCKS_ERROR
22
23 OK = 0,
25
26 // Revocation status
31
32 // Warnings
40
41 // Errors
43
49
50 // Time problems
58
59 // Chain generation problems
65
66 // Validation errors
74
75 // Revocation errors
79
80 // Other problems
91
92 // Hard failures
99};
100
101/**
102* Convert a status code to a human readable diagnostic message
103* @param code the certifcate status
104* @return string literal constant, or nullptr if code unknown
105*/
107
108/**
109* X.509v3 Key Constraints.
110* If updating update copy in ffi.h
111*/
113 public:
114 enum Bits : uint16_t {
115 None = 0,
117 NonRepudiation = 1 << 14,
120 KeyAgreement = 1 << 11,
121 KeyCertSign = 1 << 10,
122 CrlSign = 1 << 9,
123 EncipherOnly = 1 << 8,
124 DecipherOnly = 1 << 7,
125
126 // Deprecated SHOUTING_CASE names for Key_Constraints
127 // will be removed in a future major release
138 };
139
140 Key_Constraints(const Key_Constraints& other) = default;
142 Key_Constraints& operator=(const Key_Constraints& other) = default;
144 ~Key_Constraints() = default;
145
146 // NOLINTNEXTLINE(*-explicit-conversions)
147 Key_Constraints(Key_Constraints::Bits bits) : m_value(bits) {}
148
149 explicit Key_Constraints(uint32_t bits) : m_value(bits) {}
150
151 Key_Constraints() : m_value(0) {}
152
153 /**
154 * Return typical constraints for a CA certificate.
155 *
156 * The reasons for KeyCertSign and CrlSign should be obvious
157 *
158 * CAB baseline requirements are that DigitalSignature should be set
159 * if the certificate is used to sign OCSP responses.
160 */
165
166 bool operator==(const Key_Constraints&) const = default;
167
168 void operator|=(Key_Constraints::Bits other) { m_value |= other; }
169
170 // Return true if all bits in mask are set
171 bool includes(Key_Constraints::Bits other) const { return (m_value & other) == other; }
172
173 bool includes(Key_Constraints other) const { return (m_value & other.m_value) == other.m_value; }
174
175 // Return true if any of the bits provided are set
176 bool includes_any(auto&&... bits) const { return (m_value & (bits | ...)) > 0; }
177
178 bool empty() const { return m_value == 0; }
179
180 uint32_t value() const { return m_value; }
181
182 std::string to_string() const;
183
184 /**
185 * Check that key constraints are permitted for a specific public key.
186 * @param key the public key on which the constraints shall be enforced on
187 * @return false if the constraints are not permitted for this key
188 */
189 bool compatible_with(const Public_Key& key) const;
190
191 private:
192 uint32_t m_value;
193};
194
195/**
196* X.509v2 CRL Reason Code.
197*/
210
211} // namespace Botan
212
213#endif
#define BOTAN_PUBLIC_API(maj, min)
Definition api.h:21
#define BOTAN_DEPRECATED(msg)
Definition api.h:73
static Key_Constraints ca_constraints()
Definition pkix_enums.h:161
bool includes(Key_Constraints other) const
Definition pkix_enums.h:173
void operator|=(Key_Constraints::Bits other)
Definition pkix_enums.h:168
bool operator==(const Key_Constraints &) const =default
Key_Constraints(uint32_t bits)
Definition pkix_enums.h:149
Key_Constraints(Key_Constraints &&other)=default
bool includes(Key_Constraints::Bits other) const
Definition pkix_enums.h:171
uint32_t value() const
Definition pkix_enums.h:180
Key_Constraints(const Key_Constraints &other)=default
bool includes_any(auto &&... bits) const
Definition pkix_enums.h:176
Key_Constraints & operator=(Key_Constraints &&other)=default
Key_Constraints & operator=(const Key_Constraints &other)=default
Key_Constraints(Key_Constraints::Bits bits)
Definition pkix_enums.h:147
Certificate_Status_Code
Definition pkix_enums.h:20
std::string to_string(ErrorType type)
Convert an ErrorType to string.
Definition exceptn.cpp:13