diff options
Diffstat (limited to 'src/VBox/Main/include/CertificateImpl.h')
-rw-r--r-- | src/VBox/Main/include/CertificateImpl.h | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/src/VBox/Main/include/CertificateImpl.h b/src/VBox/Main/include/CertificateImpl.h new file mode 100644 index 00000000..d17c5b7a --- /dev/null +++ b/src/VBox/Main/include/CertificateImpl.h @@ -0,0 +1,112 @@ +/* $Id: CertificateImpl.h $ */ +/** @file + * VirtualBox COM ICertificate implementation. + */ + +/* + * Copyright (C) 2006-2022 Oracle and/or its affiliates. + * + * This file is part of VirtualBox base platform packages, as + * available from https://www.virtualbox.org. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation, in version 3 of the + * License. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <https://www.gnu.org/licenses>. + * + * SPDX-License-Identifier: GPL-3.0-only + */ + +#ifndef MAIN_INCLUDED_CertificateImpl_h +#define MAIN_INCLUDED_CertificateImpl_h +#ifndef RT_WITHOUT_PRAGMA_ONCE +# pragma once +#endif + +/* VBox includes */ +#include <iprt/crypto/x509.h> +#include "CertificateWrap.h" + +#include <vector> + +using namespace std; + +/** + * Implemenation of ICertificate. + * + * This implemenation is a very thin wrapper around an immutable + * RTCRX509CERTIFICATE and a few caller stated views. + * + * The views are whether the caller thinks the certificate is trustworthly, and + * whether the caller thinks it's expired or not. The caller could be sitting + * on more information, like timestamp and intermediate certificates, that helps + * inform the caller's view on these two topics. + * + * @remarks It could be helpful to let the caller also add certificate paths + * showing how this certificate ends up being trusted. However, that's + * possibly quite some work and will have to wait till required... + */ +class ATL_NO_VTABLE Certificate + : public CertificateWrap +{ + +public: + + DECLARE_COMMON_CLASS_METHODS(Certificate) + + HRESULT initCertificate(PCRTCRX509CERTIFICATE a_pCert, bool a_fTrusted, bool a_fExpired); + void uninit(); + + HRESULT FinalConstruct(); + void FinalRelease(); + +private: + // Wrapped ICertificate properties + HRESULT getVersionNumber(CertificateVersion_T *aVersionNumber); + HRESULT getSerialNumber(com::Utf8Str &aSerialNumber); + HRESULT getSignatureAlgorithmOID(com::Utf8Str &aSignatureAlgorithmOID); + HRESULT getSignatureAlgorithmName(com::Utf8Str &aSignatureAlgorithmName); + HRESULT getPublicKeyAlgorithmOID(com::Utf8Str &aPublicKeyAlgorithmOID); + HRESULT getPublicKeyAlgorithm(com::Utf8Str &aPublicKeyAlgorithm); + HRESULT getIssuerName(std::vector<com::Utf8Str> &aIssuerName); + HRESULT getSubjectName(std::vector<com::Utf8Str> &aSubjectName); + HRESULT getFriendlyName(com::Utf8Str &aFriendlyName); + HRESULT getValidityPeriodNotBefore(com::Utf8Str &aValidityPeriodNotBefore); + HRESULT getValidityPeriodNotAfter(com::Utf8Str &aValidityPeriodNotAfter); + HRESULT getSubjectPublicKey(std::vector<BYTE> &aSubjectPublicKey); + HRESULT getIssuerUniqueIdentifier(com::Utf8Str &aIssuerUniqueIdentifier); + HRESULT getSubjectUniqueIdentifier(com::Utf8Str &aSubjectUniqueIdentifier); + HRESULT getCertificateAuthority(BOOL *aCertificateAuthority); + HRESULT getKeyUsage(ULONG *aKeyUsage); + HRESULT getExtendedKeyUsage(std::vector<com::Utf8Str> &aExtendedKeyUsage); + HRESULT getRawCertData(std::vector<BYTE> &aRawCertData); + HRESULT getSelfSigned(BOOL *aSelfSigned); + HRESULT getTrusted(BOOL *aTrusted); + HRESULT getExpired(BOOL *aExpired); + + // Wrapped ICertificate methods + HRESULT isCurrentlyExpired(BOOL *aResult); + HRESULT queryInfo(LONG aWhat, com::Utf8Str &aResult); + + // Methods extracting COM data from the certificate object + HRESULT i_getAlgorithmName(PCRTCRX509ALGORITHMIDENTIFIER a_pAlgId, com::Utf8Str &a_rReturn); + HRESULT i_getX509Name(PCRTCRX509NAME a_pName, std::vector<com::Utf8Str> &a_rReturn); + HRESULT i_getTime(PCRTASN1TIME a_pTime, com::Utf8Str &a_rReturn); + HRESULT i_getUniqueIdentifier(PCRTCRX509UNIQUEIDENTIFIER a_pUniqueId, com::Utf8Str &a_rReturn); + HRESULT i_getEncodedBytes(PRTASN1CORE a_pAsn1Obj, std::vector<BYTE> &a_rReturn); + + struct Data; + /** Pointer to the private instance data */ + Data *m; +}; + +#endif /* !MAIN_INCLUDED_CertificateImpl_h */ + |