diff options
Diffstat (limited to 'comm/third_party/botan/src/lib/prov/pkcs11/p11_x509.h')
| -rw-r--r-- | comm/third_party/botan/src/lib/prov/pkcs11/p11_x509.h | 117 |
1 files changed, 117 insertions, 0 deletions
diff --git a/comm/third_party/botan/src/lib/prov/pkcs11/p11_x509.h b/comm/third_party/botan/src/lib/prov/pkcs11/p11_x509.h new file mode 100644 index 0000000000..d3eafbe352 --- /dev/null +++ b/comm/third_party/botan/src/lib/prov/pkcs11/p11_x509.h @@ -0,0 +1,117 @@ +/* +* PKCS#11 X.509 +* (C) 2016 Daniel Neus, Sirrix AG +* (C) 2016 Philipp Weber, Sirrix AG +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#ifndef BOTAN_P11_X509_H_ +#define BOTAN_P11_X509_H_ + +#include <botan/p11_object.h> + +#if defined(BOTAN_HAS_X509_CERTIFICATES) + +#include <botan/x509cert.h> +#include <vector> + +namespace Botan { +namespace PKCS11 { + +class Session; + +/// Common attributes of all PKCS#11 X509 certificates +class BOTAN_PUBLIC_API(2,0) X509_CertificateProperties final : public CertificateProperties + { + public: + /** + * @param subject DER-encoding of the certificate subject name + * @param value BER-encoding of the certificate + */ + X509_CertificateProperties(const std::vector<uint8_t>& subject, const std::vector<uint8_t>& value); + + X509_CertificateProperties(const X509_Certificate& cert) : + X509_CertificateProperties(cert.raw_subject_dn(), cert.BER_encode()) + {} + + /// @param id key identifier for public/private key pair + inline void set_id(const std::vector<uint8_t>& id) + { + add_binary(AttributeType::Id, id); + } + + /// @param issuer DER-encoding of the certificate issuer name + inline void set_issuer(const std::vector<uint8_t>& issuer) + { + add_binary(AttributeType::Issuer, issuer); + } + + /// @param serial DER-encoding of the certificate serial number + inline void set_serial(const std::vector<uint8_t>& serial) + { + add_binary(AttributeType::SerialNumber, serial); + } + + /// @param hash hash value of the subject public key + inline void set_subject_pubkey_hash(const std::vector<uint8_t>& hash) + { + add_binary(AttributeType::HashOfSubjectPublicKey, hash); + } + + /// @param hash hash value of the issuer public key + inline void set_issuer_pubkey_hash(const std::vector<uint8_t>& hash) + { + add_binary(AttributeType::HashOfIssuerPublicKey, hash); + } + + /// @param alg defines the mechanism used to calculate `CKA_HASH_OF_SUBJECT_PUBLIC_KEY` and `CKA_HASH_OF_ISSUER_PUBLIC_KEY` + inline void set_hash_alg(MechanismType alg) + { + add_numeric(AttributeType::NameHashAlgorithm, static_cast<Ulong>(alg)); + } + + /// @return the subject + inline const std::vector<uint8_t>& subject() const + { + return m_subject; + } + + /// @return the BER-encoding of the certificate + inline const std::vector<uint8_t>& value() const + { + return m_value; + } + + private: + const std::vector<uint8_t> m_subject; + const std::vector<uint8_t> m_value; + }; + +/// Represents a PKCS#11 X509 certificate +class BOTAN_PUBLIC_API(2,0) PKCS11_X509_Certificate final : public Object, public X509_Certificate + { + public: + static const ObjectClass Class = ObjectClass::Certificate; + + /** + * Create a PKCS11_X509_Certificate object from an existing PKCS#11 X509 cert + * @param session the session to use + * @param handle the handle of the X.509 certificate + */ + PKCS11_X509_Certificate(Session& session, ObjectHandle handle); + + /** + * Imports a X.509 certificate + * @param session the session to use + * @param props the attributes of the X.509 certificate + */ + PKCS11_X509_Certificate(Session& session, const X509_CertificateProperties& props); + }; + +} +} + +#endif + +#endif |