1/*
2 * Copyright (c) 2002 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19/*
20 * DecodedCrl.h - object representing a decoded cert in NSS form, with
21 * extensions parsed and decoded (still in NSS format).
22 *
23 * Created 8/28/2002 by Doug Mitchell.
24 *
25 * See DecodedItem.h for details on the care and feeding of this
26 * module.
27 */
28
29#ifndef	_DECODED_CRL_H_
30#define _DECODED_CRL_H_
31
32#include <Security/cssmtype.h>
33#include <security_cdsa_utilities/cssmdata.h>
34
35#include "DecodedItem.h"
36#include <Security/X509Templates.h>
37
38class DecodedCrl : /* for now public CertificateList, */ public DecodedItem
39{
40	NOCOPY(DecodedCrl)
41public:
42	/* construct empty CRL, no decoded extensions */
43	DecodedCrl(
44		AppleX509CLSession	&session);
45
46	/* one-shot constructor, decoding from DER-encoded data */
47	DecodedCrl(
48		AppleX509CLSession	&session,
49		const CssmData 		&encodedCrl);
50
51	~DecodedCrl();
52
53	/* decode CRLToSign and its extensions */
54	void decodeCts(
55		const CssmData	&encodedCTS);
56
57	/* encode TBSCert and its extensions */
58	void encodeExtensions();
59	void encodeCts(
60		CssmOwnedData	&encodedTbs);
61
62	/***
63	 *** field accessors (in CrlFields.cpp)
64	 ***/
65
66	/*
67	 * Obtain the index'th occurrence of field specified by fieldId.
68	 * Format of the returned field depends on fieldId.
69	 * Returns total number of fieldId fields in the cert if index is 0.
70	 * Returns true if specified field was found, else returns false.
71	 */
72	bool getCrlFieldData(
73		const CssmOid		&fieldId,			// which field
74		unsigned			index,				// which occurrence (0 = first)
75		uint32				&numFields,			// RETURNED
76		CssmOwnedData		&fieldValue);		// RETURNED
77
78	/*
79	 * Set the field specified by fieldId in TBS.
80	 * Note no index - individual field routines either append (for extensions)
81	 * or throw if field already set (for all others)
82	 */
83	void setCrlField(
84		const CssmOid		&fieldId,		// which field
85		const CssmData		&fieldValue);
86
87	/*
88	 * Free the fieldId-specific data referred to by fieldValue.get().data().
89	 */
90	static void freeCrlFieldData(
91		const CssmOid		&fieldId,
92		CssmOwnedData		&fieldValue);
93
94	void getAllParsedCrlFields(
95		uint32 				&NumberOfFields,		// RETURNED
96		CSSM_FIELD_PTR 		&CertFields);			// RETURNED
97
98	static void describeFormat(
99		Allocator 		&alloc,
100		uint32 				&NumberOfFields,
101		CSSM_OID_PTR 		&OidList);
102
103	NSS_Crl	mCrl;
104
105};
106
107#endif	/* _DECODED_CRL_H_ */
108