/*
- Copyright (C) 2012-2015 Carl Hetherington <cth@carlh.net>
+ Copyright (C) 2012-2021 Carl Hetherington <cth@carlh.net>
This file is part of libdcp.
files in the program, then also delete it here.
*/
+
/** @file src/certificate.h
- * @brief Certificate class.
+ * @brief Certificate class
*/
+
#ifndef LIBDCP_CERTIFICATE_H
#define LIBDCP_CERTIFICATE_H
+
+#include "local_time.h"
#undef X509_NAME
#include <openssl/x509.h>
#include <boost/filesystem.hpp>
#include <string>
#include <list>
-class certificates;
namespace xmlpp {
class Element;
}
+
namespace dcp {
+
/** @class Certificate
- * @brief A wrapper for an X509 certificate.
+ * @brief A wrapper for an X509 certificate
*
- * This class can take a Certificate from a string or an OpenSSL X509 object.
+ * This class can take a Certificate from a string or an OpenSSL X509 object
*/
class Certificate
{
public:
- Certificate ()
- : _certificate (0)
- , _public_key (0)
- , _extra_data (false)
- {}
+ Certificate() {}
+ /** Load an X509 certificate from a string
+ * @param cert String to read from
+ */
explicit Certificate (std::string);
+
+ /** @param c X509 certificate, which this object will take ownership of */
explicit Certificate (X509 *);
+
Certificate (Certificate const &);
~Certificate ();
Certificate& operator= (Certificate const &);
+ /** Read a certificate from a string.
+ * @param cert String to read.
+ * @return remaining part of the input string after the certificate which was read.
+ */
+ std::string read_string (std::string);
+
+ /** Return the certificate as a string
+ * @param with_begin_end true to include the -----BEGIN CERTIFICATE--- / -----END CERTIFICATE----- markers
+ * @return Certificate string
+ */
std::string certificate (bool with_begin_end = false) const;
+
std::string serial () const;
+ /** @return Certificate's issuer, in the form
+ * dnqualifier=<dnQualififer>,CN=<commonName>,OU=<organizationalUnitName>,O=<organizationName>
+ * and with + signs escaped to \+
+ */
std::string issuer () const;
+ std::string issuer_common_name() const;
+ std::string issuer_organization_name() const;
+ std::string issuer_organizational_unit_name() const;
std::string subject () const;
std::string subject_common_name () const;
std::string subject_organization_name () const;
std::string subject_organizational_unit_name () const;
+ std::string subject_dn_qualifier() const;
+
+ LocalTime not_before () const;
+ LocalTime not_after () const;
X509* x509 () const {
return _certificate;
}
+ /** @return RSA public key from this Certificate. Caller must not free the returned value. */
RSA* public_key () const;
+ std::string public_key_digest() const;
+ /** @return thumbprint of the to-be-signed portion of this certificate */
std::string thumbprint () const;
- bool extra_data () const {
- return _extra_data;
- }
+ bool has_utf8_strings () const;
private:
- bool read_string (std::string);
static std::string name_for_xml (X509_NAME *);
static std::string asn_to_utf8 (ASN1_STRING *);
static std::string get_name_part (X509_NAME *, int);
- X509* _certificate;
- mutable RSA* _public_key;
- /** true if extra data was found when this certificate was read
- from a string.
- */
- bool _extra_data;
+ X509* _certificate = nullptr;
+ mutable RSA* _public_key = nullptr;
};
+
bool operator== (Certificate const & a, Certificate const & b);
bool operator< (Certificate const & a, Certificate const & b);
std::ostream& operator<< (std::ostream&s, Certificate const & c);
+
}
+
#endif