Keychain/Certificate.h

   1 /*
   2  * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18 //
  19 // Certificate.h - Certificate objects
  20 //
  21 #ifndef _SECURITY_CERTIFICATE_H_
  22 #define _SECURITY_CERTIFICATE_H_
  23
  24 #include <Security/Item.h>
  25
  26 #include <Security/StorageManager.h>
  27 // @@@ This should not be here.
  28 #include <Security/SecBase.h>
  29 #include <Security/clclient.h>
  30
  31 namespace Security
  32 {
  33
  34 namespace KeychainCore
  35 {
  36
  37 class KeyItem;
  38
  39 class Certificate : public ItemImpl
  40 {
  41         NOCOPY(Certificate)
  42 public:
  43         SECCFFUNCTIONS(Certificate, SecCertificateRef, errSecInvalidItemRef)
  44
  45         static CL clForType(CSSM_CERT_TYPE type);
  46
  47         // new item constructor
  48     Certificate(const CSSM_DATA &data, CSSM_CERT_TYPE type, CSSM_CERT_ENCODING encoding);
  49
  50         // db item contstructor
  51     Certificate(const Keychain &keychain, const PrimaryKey &primaryKey, const CssmClient::DbUniqueRecord &uniqueId);
  52
  53         // PrimaryKey item contstructor
  54     Certificate(const Keychain &keychain, const PrimaryKey &primaryKey);
  55
  56         Certificate(Certificate &certificate);
  57     virtual ~Certificate() throw();
  58
  59         virtual void update();
  60         virtual Item copyTo(const Keychain &keychain, Access *newAccess = NULL);
  61         virtual void didModify(); // Forget any attributes and data we just wrote to the db
  62
  63     const CssmData &data();
  64     CSSM_CERT_TYPE type();
  65         CSSM_CERT_ENCODING encoding();
  66         CFStringRef commonName();
  67         CFStringRef copyFirstEmailAddress();
  68         CFArrayRef copyEmailAddresses();
  69     void getSubject(CSSM_X509_NAME &outSubject);
  70     void getIssuer(CSSM_X509_NAME &outName);
  71         const CSSM_X509_ALGORITHM_IDENTIFIER *algorithmID();
  72         CSSM_CL_HANDLE clHandle();
  73         void inferLabel(bool addLabel, CFStringRef *rtnString = NULL);
  74         SecPointer<KeyItem> publicKey();
  75         const CssmData &publicKeyHash();
  76
  77         static KCCursor cursorForIssuerAndSN(const StorageManager::KeychainList &keychains, const CssmData &issuer, const CssmData &serialNumber);
  78         static KCCursor cursorForSubjectKeyID(const StorageManager::KeychainList &keychains, const CssmData &subjectKeyID);
  79         static KCCursor cursorForEmail(const StorageManager::KeychainList &keychains, const char *emailAddress);
  80
  81         static SecPointer<Certificate> findByIssuerAndSN(const StorageManager::KeychainList &keychains, const CssmData &issuer, const CssmData &serialNumber);
  82         static SecPointer<Certificate> findBySubjectKeyID(const StorageManager::KeychainList &keychains, const CssmData &subjectKeyID);
  83         static SecPointer<Certificate> findByEmail(const StorageManager::KeychainList &keychains, const char *emailAddress);
  84
  85         static void normalizeEmailAddress(CSSM_DATA &emailAddress);
  86         static void getEmailAddresses(CSSM_DATA_PTR *sanValues, CSSM_DATA_PTR snValue, std::vector<CssmData> &emailAddresses);
  87
  88         bool operator < (Certificate &other);
  89         bool operator == (Certificate &other);
  90
  91 public:
  92         CSSM_DATA_PTR copyFirstFieldValue(const CSSM_OID &field);
  93         void releaseFieldValue(const CSSM_OID &field, CSSM_DATA_PTR fieldValue);
  94
  95         CSSM_DATA_PTR *copyFieldValues(const CSSM_OID &field);
  96         void releaseFieldValues(const CSSM_OID &field, CSSM_DATA_PTR *fieldValues);
  97
  98 protected:
  99         virtual PrimaryKey add(Keychain &keychain);
 100         CSSM_HANDLE certHandle();
 101
 102         void addParsedAttribute(const CSSM_DB_ATTRIBUTE_INFO &info, const CSSM_OID &field);
 103
 104         void populateAttributes();
 105
 106 private:
 107         bool mHaveTypeAndEncoding;
 108     CSSM_CERT_TYPE mType;
 109         CSSM_CERT_ENCODING mEncoding;
 110     CssmClient::CL mCL;
 111         CSSM_HANDLE mCertHandle;
 112         CssmData mPublicKeyHash;
 113         uint8 mPublicKeyHashBytes[20];
 114         CSSM_DATA_PTR mV1SubjectPublicKeyCStructValue; // Hack to prevent algorithmID() from leaking.
 115 };
 116
 117 } // end namespace KeychainCore
 118
 119 } // end namespace Security
 120
 121 #endif // !_SECURITY_CERTIFICATE_H_