Botan 2.19.0
Crypto and TLS for C&
x509_obj.h
Go to the documentation of this file.
1/*
2* X.509 SIGNED Object
3* (C) 1999-2007 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#ifndef BOTAN_X509_OBJECT_H_
9#define BOTAN_X509_OBJECT_H_
10
11#include <botan/asn1_obj.h>
12#include <botan/pkix_enums.h>
13#include <vector>
14
15namespace Botan {
16
17class Public_Key;
18class Private_Key;
19class RandomNumberGenerator;
20
21/**
22* This class represents abstract X.509 signed objects as in the X.500
23* SIGNED macro
24*/
26 {
27 public:
28 /**
29 * The underlying data that is to be or was signed
30 * @return data that is or was signed
31 */
32 std::vector<uint8_t> tbs_data() const;
33
34 /**
35 * @return signature on tbs_data()
36 */
37 const std::vector<uint8_t>& signature() const { return m_sig; }
38
39 /**
40 * @return signed body
41 */
42 const std::vector<uint8_t>& signed_body() const { return m_tbs_bits; }
43
44 /**
45 * @return signature algorithm that was used to generate signature
46 */
47 const AlgorithmIdentifier& signature_algorithm() const { return m_sig_algo; }
48
49 /**
50 * @return hash algorithm that was used to generate signature
51 */
52 std::string hash_used_for_signature() const;
53
54 /**
55 * Create a signed X509 object.
56 * @param signer the signer used to sign the object
57 * @param rng the random number generator to use
58 * @param alg_id the algorithm identifier of the signature scheme
59 * @param tbs the tbs bits to be signed
60 * @return signed X509 object
61 */
62 static std::vector<uint8_t> make_signed(class PK_Signer* signer,
64 const AlgorithmIdentifier& alg_id,
65 const secure_vector<uint8_t>& tbs);
66
67 /**
68 * Check the signature on this data
69 * @param key the public key purportedly used to sign this data
70 * @return status of the signature - OK if verified or otherwise an indicator of
71 * the problem preventing verification.
72 */
73 Certificate_Status_Code verify_signature(const Public_Key& key) const;
74
75 /**
76 * Check the signature on this data
77 * @param key the public key purportedly used to sign this data
78 * @return true if the signature is valid, otherwise false
79 */
80 bool check_signature(const Public_Key& key) const;
81
82 /**
83 * Check the signature on this data
84 * @param key the public key purportedly used to sign this data
85 * the object will be deleted after use (this should have
86 * been a std::unique_ptr<Public_Key>)
87 * @return true if the signature is valid, otherwise false
88 */
89 bool check_signature(const Public_Key* key) const;
90
91 /**
92 * DER encode an X509_Object
93 * See @ref ASN1_Object::encode_into()
94 */
95 void encode_into(class DER_Encoder& to) const override;
96
97 /**
98 * Decode a BER encoded X509_Object
99 * See @ref ASN1_Object::decode_from()
100 */
101 void decode_from(class BER_Decoder& from) override;
102
103 /**
104 * @return PEM encoding of this
105 */
106 std::string PEM_encode() const;
107
108 X509_Object(const X509_Object&) = default;
110
111 virtual std::string PEM_label() const = 0;
112
113 virtual std::vector<std::string> alternate_PEM_labels() const
114 { return std::vector<std::string>(); }
115
116 virtual ~X509_Object() = default;
117
118 static std::unique_ptr<PK_Signer>
120 const Private_Key& key,
122 const std::string& hash_fn,
123 const std::string& padding_algo);
124
125 protected:
126
127 X509_Object() = default;
128
129 /**
130 * Decodes from src as either DER or PEM data, then calls force_decode()
131 */
132 void load_data(DataSource& src);
133
134 private:
135 virtual void force_decode() = 0;
136
137 AlgorithmIdentifier m_sig_algo;
138 std::vector<uint8_t> m_tbs_bits;
139 std::vector<uint8_t> m_sig;
140 };
141
142}
143
144#endif
const std::vector< uint8_t > & signed_body() const
Definition: x509_obj.h:42
X509_Object()=default
const AlgorithmIdentifier & signature_algorithm() const
Definition: x509_obj.h:47
virtual ~X509_Object()=default
virtual std::vector< std::string > alternate_PEM_labels() const
Definition: x509_obj.h:113
const std::vector< uint8_t > & signature() const
Definition: x509_obj.h:37
virtual std::string PEM_label() const =0
X509_Object & operator=(const X509_Object &)=default
X509_Object(const X509_Object &)=default
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:31
std::string PEM_encode(const Private_Key &key)
Definition: pkcs8.cpp:148
Definition: alg_id.cpp:13
PK_Signer * choose_sig_format(const Private_Key &key, RandomNumberGenerator &rng, const std::string &hash_fn, AlgorithmIdentifier &sig_algo)
Definition: x509_ca.cpp:318
Certificate_Status_Code
Definition: pkix_enums.h:17
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:65