]> git.saurik.com Git - apple/security.git/blob - libsecurity_apple_x509_cl/lib/DecodedCert.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-55471.tar.gz
[apple/security.git] / libsecurity_apple_x509_cl / lib / DecodedCert.h
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 /*
20 * DecodedCert.h - object representing an NSS-decoded cert, with extensions
21 * parsed and decoded (still in NSS format).
22 *
23 * Created 9/1/2000 by Doug Mitchell.
24 * Copyright (c) 2000 by Apple Computer.
25 *
26 * See DecodedItem.h for details on the care and feeding of this
27 * module.
28 */
29
30 #ifndef _DECODED_CERT_H_
31 #define _DECODED_CERT_H_
32
33 #include <Security/cssmtype.h>
34 #include <security_cdsa_utilities/cssmdata.h>
35
36 #include "DecodedItem.h"
37 #include <Security/X509Templates.h>
38 #include <security_asn1/SecNssCoder.h>
39
40 class DecodedCert : public DecodedItem
41 {
42 NOCOPY(DecodedCert)
43 public:
44 /* construct empty cert, no decoded extensions */
45 DecodedCert(
46 AppleX509CLSession &session);
47
48 /* one-shot constructor, decoding from DER-encoded data */
49 DecodedCert(
50 AppleX509CLSession &session,
51 const CssmData &encodedCert);
52
53 ~DecodedCert();
54
55 void encodeExtensions();
56
57 /* decode TBSCert and its extensions */
58 void decodeTbs(
59 const CssmData &encodedTbs);
60
61 /* encode TBSCert and its extensions */
62 void encodeTbs(
63 CssmOwnedData &encodedTbs);
64
65 /***
66 *** field accessors (in CertFields.cpp)
67 ***/
68
69 /*
70 * Obtain the index'th occurrence of field specified by fieldId.
71 * Format of the returned field depends on fieldId.
72 * Returns total number of fieldId fields in the cert if index is 0.
73 * Returns true if specified field was found, else returns false.
74 */
75 bool getCertFieldData(
76 const CssmOid &fieldId, // which field
77 unsigned index, // which occurrence (0 = first)
78 uint32 &numFields, // RETURNED
79 CssmOwnedData &fieldValue); // RETURNED
80
81 /*
82 * Set the field specified by fieldId in TBS.
83 * Note no index - individual field routines either append (for extensions)
84 * or throw if field already set (for all others)
85 */
86 void setCertField(
87 const CssmOid &fieldId, // which field
88 const CssmData &fieldValue);
89
90 /*
91 * Free the fieldId-specific data referred to by fieldValue.get().data().
92 */
93 static void freeCertFieldData(
94 const CssmOid &fieldId,
95 CssmOwnedData &fieldValue);
96
97 void getAllParsedCertFields(
98 uint32 &NumberOfFields, // RETURNED
99 CSSM_FIELD_PTR &CertFields); // RETURNED
100
101 static void describeFormat(
102 Allocator &alloc,
103 uint32 &NumberOfFields,
104 CSSM_OID_PTR &OidList);
105
106 /*
107 * Obtain a CSSM_KEY from a decoded cert, inferring as much as we can
108 * from required fields (subjectPublicKeyInfo) and extensions (for
109 * KeyUse).
110 */
111 CSSM_KEY_PTR extractCSSMKey(
112 Allocator &alloc) const;
113
114 CSSM_KEYUSE inferKeyUsage() const;
115
116 NSS_Certificate mCert;
117 };
118
119 #endif /* _DECODED_CERT_H_ */
mirror of Security