[apple/security.git] / AppleX509CL / DecodedCert.h

/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/*
 * DecodedCert.h - object representing an NSS-decoded cert, with extensions
 * parsed and decoded (still in NSS format).
 *
 * Created 9/1/2000 by Doug Mitchell. 
 * Copyright (c) 2000 by Apple Computer. 
 *
 * See DecodedItem.h for details on the care and feeding of this
 * module. 
 */

#ifndef	_DECODED_CERT_H_
#define _DECODED_CERT_H_

#include <Security/cssmtype.h>
#include <Security/cssmdata.h>

#include "DecodedItem.h"
#include <SecurityNssAsn1/X509Templates.h>
#include <SecurityNssAsn1/SecNssCoder.h>

class DecodedCert : public DecodedItem
{
	NOCOPY(DecodedCert)
public:
	/* construct empty cert, no decoded extensions */
	DecodedCert(
		AppleX509CLSession	&session);
	
	/* one-shot constructor, decoding from DER-encoded data */
	DecodedCert(
		AppleX509CLSession	&session,
		const CssmData 		&encodedCert);
		
	~DecodedCert();
	
	void encodeExtensions();
	
	/* decode TBSCert and its extensions */
	void decodeTbs(
		const CssmData	&encodedTbs);
		
	/* encode TBSCert and its extensions */
	void encodeTbs(
		CssmOwnedData	&encodedTbs);
		
	/***
	 *** field accessors (in CertFields.cpp)
	 ***/
	
	/* 
	 * Obtain the index'th occurrence of field specified by fieldId.
	 * Format of the returned field depends on fieldId.
	 * Returns total number of fieldId fields in the cert if index is 0.
	 * Returns true if specified field was found, else returns false. 
	 */
	bool getCertFieldData(
		const CssmOid		&fieldId,			// which field
		unsigned			index,				// which occurrence (0 = first)
		uint32				&numFields,			// RETURNED
		CssmOwnedData		&fieldValue);		// RETURNED

	/*
	 * Set the field specified by fieldId in TBS. 
	 * Note no index - individual field routines either append (for extensions)
	 * or throw if field already set (for all others) 
	 */
	void setCertField(
		const CssmOid		&fieldId,		// which field
		const CssmData		&fieldValue);	

	/*
	 * Free the fieldId-specific data referred to by fieldValue.get().data().
	 */
	static void freeCertFieldData(
		const CssmOid		&fieldId,
		CssmOwnedData		&fieldValue);

	void getAllParsedCertFields(
		uint32 				&NumberOfFields,		// RETURNED
		CSSM_FIELD_PTR 		&CertFields);			// RETURNED

	static void describeFormat(
		CssmAllocator 		&alloc,
		uint32 				&NumberOfFields,
		CSSM_OID_PTR 		&OidList);

	/*
  	 * Obtain a CSSM_KEY from a decoded cert, inferring as much as we can
	 * from required fields (subjectPublicKeyInfo) and extensions (for 
	 * KeyUse).
	 */
	CSSM_KEY_PTR extractCSSMKey(
		CssmAllocator		&alloc) const;

	CSSM_KEYUSE inferKeyUsage() const;
	
	NSS_Certificate			mCert;
};

#endif	/* _DECODED_CERT_H_ */
Commit	Line	Data
bac41a7b A	1	/*
	2	* Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	/*
df0e469f A	20	* DecodedCert.h - object representing an NSS-decoded cert, with extensions
df0e469f A	21	* parsed and decoded (still in NSS format).
bac41a7b A	22	*
	23	* Created 9/1/2000 by Doug Mitchell.
	24	* Copyright (c) 2000 by Apple Computer.
	25	*
df0e469f A	26	* See DecodedItem.h for details on the care and feeding of this
df0e469f A	27	* module.
bac41a7b A	28	*/
	29
	30	#ifndef _DECODED_CERT_H_
	31	#define _DECODED_CERT_H_
	32
	33	#include <Security/cssmtype.h>
	34	#include <Security/cssmdata.h>
	35
df0e469f A	36	#include "DecodedItem.h"
	37	#include <SecurityNssAsn1/X509Templates.h>
	38	#include <SecurityNssAsn1/SecNssCoder.h>
bac41a7b	39
df0e469f	40	class DecodedCert : public DecodedItem
bac41a7b	41	{
df0e469f	42	NOCOPY(DecodedCert)
bac41a7b A	43	public:
	44	/* construct empty cert, no decoded extensions */
	45	DecodedCert(
	46	AppleX509CLSession &session);
	47
	48	/* one-shot constructor, decoding from DER-encoded data */
	49	DecodedCert(
	50	AppleX509CLSession &session,
	51	const CssmData &encodedCert);
	52
	53	~DecodedCert();
	54
df0e469f A	55	void encodeExtensions();
df0e469f A	56
bac41a7b A	57	/* decode TBSCert and its extensions */
	58	void decodeTbs(
	59	const CssmData &encodedTbs);
	60
	61	/* encode TBSCert and its extensions */
	62	void encodeTbs(
	63	CssmOwnedData &encodedTbs);
	64
	65	/***
	66	*** field accessors (in CertFields.cpp)
	67	***/
	68
	69	/*
	70	* Obtain the index'th occurrence of field specified by fieldId.
	71	* Format of the returned field depends on fieldId.
	72	* Returns total number of fieldId fields in the cert if index is 0.
	73	* Returns true if specified field was found, else returns false.
	74	*/
	75	bool getCertFieldData(
	76	const CssmOid &fieldId, // which field
	77	unsigned index, // which occurrence (0 = first)
	78	uint32 &numFields, // RETURNED
df0e469f	79	CssmOwnedData &fieldValue); // RETURNED
bac41a7b A	80
	81	/*
	82	* Set the field specified by fieldId in TBS.
	83	* Note no index - individual field routines either append (for extensions)
	84	* or throw if field already set (for all others)
	85	*/
	86	void setCertField(
	87	const CssmOid &fieldId, // which field
	88	const CssmData &fieldValue);
	89
	90	/*
	91	* Free the fieldId-specific data referred to by fieldValue.get().data().
	92	*/
	93	static void freeCertFieldData(
	94	const CssmOid &fieldId,
	95	CssmOwnedData &fieldValue);
	96
	97	void getAllParsedCertFields(
	98	uint32 &NumberOfFields, // RETURNED
	99	CSSM_FIELD_PTR &CertFields); // RETURNED
	100
	101	static void describeFormat(
	102	CssmAllocator &alloc,
	103	uint32 &NumberOfFields,
	104	CSSM_OID_PTR &OidList);
	105
	106	/*
	107	* Obtain a CSSM_KEY from a decoded cert, inferring as much as we can
	108	* from required fields (subjectPublicKeyInfo) and extensions (for
	109	* KeyUse).
	110	*/
	111	CSSM_KEY_PTR extractCSSMKey(
	112	CssmAllocator &alloc) const;
	113
29654253	114	CSSM_KEYUSE inferKeyUsage() const;
bac41a7b	115
df0e469f	116	NSS_Certificate mCert;
bac41a7b A	117	};
	118
	119	#endif /* _DECODED_CERT_H_ */