[apple/security.git] / OSX / libsecurity_apple_x509_cl / lib / DecodedCert.h

/*
 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/*
 * DecodedCert.h - object representing an NSS-decoded cert, with extensions
 * parsed and decoded (still in NSS format).
 *
 * Copyright (c) 2000,2011,2014 Apple Inc. 
 *
 * See DecodedItem.h for details on the care and feeding of this
 * module. 
 */

#ifndef	_DECODED_CERT_H_
#define _DECODED_CERT_H_

#include <Security/cssmtype.h>
#include <security_cdsa_utilities/cssmdata.h>

#include "DecodedItem.h"
#include <Security/X509Templates.h>
#include <security_asn1/SecNssCoder.h>

class DecodedCert : public DecodedItem
{
	NOCOPY(DecodedCert)
public:
	/* construct empty cert, no decoded extensions */
	DecodedCert(
		AppleX509CLSession	&session);
	
	/* one-shot constructor, decoding from DER-encoded data */
	DecodedCert(
		AppleX509CLSession	&session,
		const CssmData 		&encodedCert);
		
	~DecodedCert();
	
	void encodeExtensions();
	
	/* decode TBSCert and its extensions */
	void decodeTbs(
		const CssmData	&encodedTbs);
		
	/* encode TBSCert and its extensions */
	void encodeTbs(
		CssmOwnedData	&encodedTbs);
		
	/***
	 *** field accessors (in CertFields.cpp)
	 ***/
	
	/* 
	 * Obtain the index'th occurrence of field specified by fieldId.
	 * Format of the returned field depends on fieldId.
	 * Returns total number of fieldId fields in the cert if index is 0.
	 * Returns true if specified field was found, else returns false. 
	 */
	bool getCertFieldData(
		const CssmOid		&fieldId,			// which field
		unsigned			index,				// which occurrence (0 = first)
		uint32				&numFields,			// RETURNED
		CssmOwnedData		&fieldValue);		// RETURNED

	/*
	 * Set the field specified by fieldId in TBS. 
	 * Note no index - individual field routines either append (for extensions)
	 * or throw if field already set (for all others) 
	 */
	void setCertField(
		const CssmOid		&fieldId,		// which field
		const CssmData		&fieldValue);	

	/*
	 * Free the fieldId-specific data referred to by fieldValue.get().data().
	 */
	static void freeCertFieldData(
		const CssmOid		&fieldId,
		CssmOwnedData		&fieldValue);

	void getAllParsedCertFields(
		uint32 				&NumberOfFields,		// RETURNED
		CSSM_FIELD_PTR 		&CertFields);			// RETURNED

	static void describeFormat(
		Allocator 		&alloc,
		uint32 				&NumberOfFields,
		CSSM_OID_PTR 		&OidList);

	/*
  	 * Obtain a CSSM_KEY from a decoded cert, inferring as much as we can
	 * from required fields (subjectPublicKeyInfo) and extensions (for 
	 * KeyUse).
	 */
	CSSM_KEY_PTR extractCSSMKey(
		Allocator		&alloc) const;

	CSSM_KEYUSE inferKeyUsage() const;
	
	NSS_Certificate			mCert;
};

#endif	/* _DECODED_CERT_H_ */
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	/*
	20	* DecodedCert.h - object representing an NSS-decoded cert, with extensions
	21	* parsed and decoded (still in NSS format).
	22	*
d8f41ccd	23	* Copyright (c) 2000,2011,2014 Apple Inc.
b1ab9ed8 A	24	*
	25	* See DecodedItem.h for details on the care and feeding of this
	26	* module.
	27	*/
	28
	29	#ifndef _DECODED_CERT_H_
	30	#define _DECODED_CERT_H_
	31
	32	#include <Security/cssmtype.h>
	33	#include <security_cdsa_utilities/cssmdata.h>
	34
	35	#include "DecodedItem.h"
	36	#include <Security/X509Templates.h>
	37	#include <security_asn1/SecNssCoder.h>
	38
	39	class DecodedCert : public DecodedItem
	40	{
	41	NOCOPY(DecodedCert)
	42	public:
	43	/* construct empty cert, no decoded extensions */
	44	DecodedCert(
	45	AppleX509CLSession &session);
	46
	47	/* one-shot constructor, decoding from DER-encoded data */
	48	DecodedCert(
	49	AppleX509CLSession &session,
	50	const CssmData &encodedCert);
	51
	52	~DecodedCert();
	53
	54	void encodeExtensions();
	55
	56	/* decode TBSCert and its extensions */
	57	void decodeTbs(
	58	const CssmData &encodedTbs);
	59
	60	/* encode TBSCert and its extensions */
	61	void encodeTbs(
	62	CssmOwnedData &encodedTbs);
	63
	64	/***
	65	*** field accessors (in CertFields.cpp)
	66	***/
	67
	68	/*
	69	* Obtain the index'th occurrence of field specified by fieldId.
	70	* Format of the returned field depends on fieldId.
	71	* Returns total number of fieldId fields in the cert if index is 0.
	72	* Returns true if specified field was found, else returns false.
	73	*/
	74	bool getCertFieldData(
	75	const CssmOid &fieldId, // which field
	76	unsigned index, // which occurrence (0 = first)
	77	uint32 &numFields, // RETURNED
	78	CssmOwnedData &fieldValue); // RETURNED
	79
	80	/*
	81	* Set the field specified by fieldId in TBS.
	82	* Note no index - individual field routines either append (for extensions)
	83	* or throw if field already set (for all others)
	84	*/
	85	void setCertField(
	86	const CssmOid &fieldId, // which field
	87	const CssmData &fieldValue);
88
89	/*
90	* Free the fieldId-specific data referred to by fieldValue.get().data().
91	*/
92	static void freeCertFieldData(
93	const CssmOid &fieldId,
94	CssmOwnedData &fieldValue);
95
96	void getAllParsedCertFields(
97	uint32 &NumberOfFields, // RETURNED
98	CSSM_FIELD_PTR &CertFields); // RETURNED
99
100	static void describeFormat(
101	Allocator &alloc,
102	uint32 &NumberOfFields,
103	CSSM_OID_PTR &OidList);
104
105	/*
106	* Obtain a CSSM_KEY from a decoded cert, inferring as much as we can
107	* from required fields (subjectPublicKeyInfo) and extensions (for
108	* KeyUse).
109	*/
110	CSSM_KEY_PTR extractCSSMKey(
111	Allocator &alloc) const;
112
113	CSSM_KEYUSE inferKeyUsage() const;
114
115	NSS_Certificate mCert;
116	};
117
118	#endif /* _DECODED_CERT_H_ */