1/* 2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved. 3 * 4 * The contents of this file constitute Original Code as defined in and are 5 * subject to the Apple Public Source License Version 1.2 (the 'License'). 6 * You may not use this file except in compliance with the License. Please obtain 7 * a copy of the License at http://www.apple.com/publicsource and read it before 8 * using this file. 9 * 10 * This Original Code and all software distributed under the License are 11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS 12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT 13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the 15 * specific language governing rights and limitations under the License. 16 */ 17 18 19/* 20 * DecodedCert.h - object representing an NSS-decoded cert, with extensions 21 * parsed and decoded (still in NSS format). 22 * 23 * Created 9/1/2000 by Doug Mitchell. 24 * Copyright (c) 2000 by Apple Computer. 25 * 26 * See DecodedItem.h for details on the care and feeding of this 27 * module. 28 */ 29 30#ifndef _DECODED_CERT_H_ 31#define _DECODED_CERT_H_ 32 33#include <Security/cssmtype.h> 34#include <security_cdsa_utilities/cssmdata.h> 35 36#include "DecodedItem.h" 37#include <Security/X509Templates.h> 38#include <security_asn1/SecNssCoder.h> 39 40class DecodedCert : public DecodedItem 41{ 42 NOCOPY(DecodedCert) 43public: 44 /* construct empty cert, no decoded extensions */ 45 DecodedCert( 46 AppleX509CLSession &session); 47 48 /* one-shot constructor, decoding from DER-encoded data */ 49 DecodedCert( 50 AppleX509CLSession &session, 51 const CssmData &encodedCert); 52 53 ~DecodedCert(); 54 55 void encodeExtensions(); 56 57 /* decode TBSCert and its extensions */ 58 void decodeTbs( 59 const CssmData &encodedTbs); 60 61 /* encode TBSCert and its extensions */ 62 void encodeTbs( 63 CssmOwnedData &encodedTbs); 64 65 /*** 66 *** field accessors (in CertFields.cpp) 67 ***/ 68 69 /* 70 * Obtain the index'th occurrence of field specified by fieldId. 71 * Format of the returned field depends on fieldId. 72 * Returns total number of fieldId fields in the cert if index is 0. 73 * Returns true if specified field was found, else returns false. 74 */ 75 bool getCertFieldData( 76 const CssmOid &fieldId, // which field 77 unsigned index, // which occurrence (0 = first) 78 uint32 &numFields, // RETURNED 79 CssmOwnedData &fieldValue); // RETURNED 80 81 /* 82 * Set the field specified by fieldId in TBS. 83 * Note no index - individual field routines either append (for extensions) 84 * or throw if field already set (for all others) 85 */ 86 void setCertField( 87 const CssmOid &fieldId, // which field 88 const CssmData &fieldValue); 89 90 /* 91 * Free the fieldId-specific data referred to by fieldValue.get().data(). 92 */ 93 static void freeCertFieldData( 94 const CssmOid &fieldId, 95 CssmOwnedData &fieldValue); 96 97 void getAllParsedCertFields( 98 uint32 &NumberOfFields, // RETURNED 99 CSSM_FIELD_PTR &CertFields); // RETURNED 100 101 static void describeFormat( 102 Allocator &alloc, 103 uint32 &NumberOfFields, 104 CSSM_OID_PTR &OidList); 105 106 /* 107 * Obtain a CSSM_KEY from a decoded cert, inferring as much as we can 108 * from required fields (subjectPublicKeyInfo) and extensions (for 109 * KeyUse). 110 */ 111 CSSM_KEY_PTR extractCSSMKey( 112 Allocator &alloc) const; 113 114 CSSM_KEYUSE inferKeyUsage() const; 115 116 NSS_Certificate mCert; 117}; 118 119#endif /* _DECODED_CERT_H_ */ 120