Botan  2.4.0
Crypto and TLS for C++11
x509_obj.h
Go to the documentation of this file.
1 /*
2 * X.509 SIGNED Object
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_X509_OBJECT_H_
9 #define BOTAN_X509_OBJECT_H_
10 
11 #include <botan/asn1_obj.h>
12 #include <botan/alg_id.h>
13 #include <botan/cert_status.h>
14 #include <vector>
15 
16 namespace Botan {
17 
18 class Public_Key;
19 class RandomNumberGenerator;
20 
21 /**
22 * This class represents abstract X.509 signed objects as in the X.500
23 * SIGNED macro
24 */
26  {
27  public:
28  /**
29  * The underlying data that is to be or was signed
30  * @return data that is or was signed
31  */
32  std::vector<uint8_t> tbs_data() const;
33 
34  /**
35  * @return signature on tbs_data()
36  */
37  const std::vector<uint8_t>& signature() const { return m_sig; }
38 
39  /**
40  * @return signed body
41  */
42  const std::vector<uint8_t>& signed_body() const { return m_tbs_bits; }
43 
44  /**
45  * @return signature algorithm that was used to generate signature
46  */
47  const AlgorithmIdentifier& signature_algorithm() const { return m_sig_algo; }
48 
49  /**
50  * @return hash algorithm that was used to generate signature
51  */
52  std::string hash_used_for_signature() const;
53 
54  /**
55  * Create a signed X509 object.
56  * @param signer the signer used to sign the object
57  * @param rng the random number generator to use
58  * @param alg_id the algorithm identifier of the signature scheme
59  * @param tbs the tbs bits to be signed
60  * @return signed X509 object
61  */
62  static std::vector<uint8_t> make_signed(class PK_Signer* signer,
64  const AlgorithmIdentifier& alg_id,
65  const secure_vector<uint8_t>& tbs);
66 
67  /**
68  * Check the signature on this data
69  * @param key the public key purportedly used to sign this data
70  * @return status of the signature - OK if verified or otherwise an indicator of
71  * the problem preventing verification.
72  */
73  Certificate_Status_Code verify_signature(const Public_Key& key) const;
74 
75  /**
76  * Check the signature on this data
77  * @param key the public key purportedly used to sign this data
78  * @return true if the signature is valid, otherwise false
79  */
80  bool check_signature(const Public_Key& key) const;
81 
82  /**
83  * Check the signature on this data
84  * @param key the public key purportedly used to sign this data
85  * the object will be deleted after use (this should have
86  * been a std::unique_ptr<Public_Key>)
87  * @return true if the signature is valid, otherwise false
88  */
89  bool check_signature(const Public_Key* key) const;
90 
91  /**
92  * DER encode an X509_Object
93  * See @ref ASN1_Object::encode_into()
94  */
95  void encode_into(class DER_Encoder& to) const override;
96 
97  /**
98  * Decode a BER encoded X509_Object
99  * See @ref ASN1_Object::decode_from()
100  */
101  void decode_from(class BER_Decoder& from) override;
102 
103  /**
104  * @return BER encoding of this
105  */
106  std::vector<uint8_t> BER_encode() const;
107 
108  /**
109  * @return PEM encoding of this
110  */
111  std::string PEM_encode() const;
112 
113  X509_Object(const X509_Object&) = default;
114  X509_Object& operator=(const X509_Object&) = default;
115 
116  virtual std::string PEM_label() const = 0;
117 
118  virtual std::vector<std::string> alternate_PEM_labels() const
119  { return std::vector<std::string>(); }
120 
121  virtual ~X509_Object() = default;
122  protected:
123 
124  X509_Object() = default;
125 
126  /**
127  * Decodes from src as either DER or PEM data, then calls force_decode()
128  */
129  void load_data(DataSource& src);
130 
131  private:
132  virtual void force_decode() = 0;
133 
134  AlgorithmIdentifier m_sig_algo;
135  std::vector<uint8_t> m_tbs_bits;
136  std::vector<uint8_t> m_sig;
137  };
138 
139 }
140 
141 #endif
const AlgorithmIdentifier & signature_algorithm() const
Definition: x509_obj.h:47
virtual std::vector< std::string > alternate_PEM_labels() const
Definition: x509_obj.h:118
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:27
const std::vector< uint8_t > & signature() const
Definition: x509_obj.h:37
std::string PEM_encode(const Private_Key &key)
Definition: pkcs8.cpp:140
const std::vector< uint8_t > & signed_body() const
Definition: x509_obj.h:42
Definition: alg_id.cpp:13
secure_vector< uint8_t > BER_encode(const Private_Key &key)
Definition: pkcs8.cpp:131
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
Certificate_Status_Code
Definition: cert_status.h:18