/*
- Copyright (C) 2013-2016 Carl Hetherington <cth@carlh.net>
+ Copyright (C) 2013-2021 Carl Hetherington <cth@carlh.net>
This file is part of libdcp.
files in the program, then also delete it here.
*/
-/** @file src/signer_chain.h
- * @brief Functions to make signer chains.
+
+/** @file src/certificate_chain.h
+ * @brief CertificateChain class
*/
+
#ifndef LIBDCP_CERTIFICATE_CHAIN_H
#define LIBDCP_CERTIFICATE_CHAIN_H
+
#include "certificate.h"
#include "types.h"
#include <boost/filesystem.hpp>
#include <boost/optional.hpp>
+
namespace xmlpp {
class Node;
}
+
struct certificates_validation1;
struct certificates_validation2;
struct certificates_validation3;
struct certificates_validation7;
struct certificates_validation8;
+
namespace dcp {
+
/** @class CertificateChain
* @brief A chain of any number of certificates, from root to leaf.
*/
explicit CertificateChain (std::string);
+ /** Add a certificate to the chain.
+ * @param c Certificate to add.
+ */
void add (Certificate c);
+
+ /** Remove a certificate from the chain.
+ * @param c Certificate to remove.
+ */
void remove (Certificate c);
- void remove (int);
+ /** Remove the i'th certificate in the chain, as listed
+ * from root to leaf.
+ */
+ void remove (int i);
+
+ /** @return Root certificate */
Certificate root () const;
+
+ /** @return Leaf certificate */
Certificate leaf () const;
- typedef std::list<Certificate> List;
+ typedef std::vector<Certificate> List;
+ /** @return Certificates in order from leaf to root */
List leaf_to_root () const;
+ /** @return Certificates in order from root to leaf */
List root_to_leaf () const;
List unordered () const;
- bool valid (std::string* reason = 0) const;
+ bool valid (std::string* reason = nullptr) const;
+
+ /** Check to see if the chain is valid (i.e. root signs the intermediate, intermediate
+ * signs the leaf and so on) and that the private key (if there is one) matches the
+ * leaf certificate.
+ * @return true if it's ok, false if not.
+ */
bool chain_valid () const;
+
+ /** Check that there is a valid private key for the leaf certificate.
+ * Will return true if there are no certificates.
+ */
bool private_key_valid () const;
+ /** Add a <Signer> and <ds:Signature> nodes to an XML node.
+ * @param parent XML node to add to.
+ * @param standard INTEROP or SMPTE.
+ */
void sign (xmlpp::Element* parent, Standard standard) const;
- void add_signature_value (xmlpp::Node* parent, std::string ns) const;
+
+ /** Sign an XML node.
+ *
+ * @param parent Node to sign.
+ * @param ns Namespace to use for the signature XML nodes.
+ */
+ void add_signature_value (xmlpp::Element* parent, std::string ns, bool add_indentation) const;
boost::optional<std::string> key () const {
return _key;
std::string chain () const;
private:
- friend class ::certificates;
- friend class ::certificates_validation1;
- friend class ::certificates_validation2;
- friend class ::certificates_validation3;
- friend class ::certificates_validation4;
- friend class ::certificates_validation5;
- friend class ::certificates_validation6;
- friend class ::certificates_validation7;
- friend class ::certificates_validation8;
+ friend struct ::certificates_validation1;
+ friend struct ::certificates_validation2;
+ friend struct ::certificates_validation3;
+ friend struct ::certificates_validation4;
+ friend struct ::certificates_validation5;
+ friend struct ::certificates_validation6;
+ friend struct ::certificates_validation7;
+ friend struct ::certificates_validation8;
bool chain_valid (List const & chain) const;
boost::optional<std::string> _key;
};
+
}
+
#endif
projects / libdcp.git / blobdiff