Gray C++ Libraries  0.0.2
A set of C++ libraries for MSVC, GNU on Windows, WinCE, Linux
cX509Common.h
Go to the documentation of this file.
1 //
4 //
5 #ifndef _INC_cX509Common_H
6 #define _INC_cX509Common_H
7 #ifndef NO_PRAGMA_ONCE
8 #pragma once
9 #endif
10 
11 #include "cX509.h"
12 #include "../Key/cKeyWrap.h"
13 #include "../File/cASNReader.h"
14 #include "../File/cASNSequence.h"
15 #include "../File/cASNSets.h"
16 #include "../File/cASNWriterRev.h"
17 #include "GrayCore/include/StrBuilder.h"
18 #include "GrayCore/include/cNewPtr.h"
19 #include "GrayCore/include/cRefPtr.h"
20 
21 namespace GrayLib
22 {
23  class GRAYLIB_LINK cX509Common : public cRefBase
24  {
36 
37  public:
38  // Maximum number of intermediate CAs in a verification chain.
39  // That is, maximum length of the chain, excluding the end-entity certificate and the trusted root certificate.
40  // Set this to a low value to prevent an adversary from making you waste resources verifying an overlong certificate chain.
41  static const int k_MAX_INTERMEDIATE_CA = 8;
42 
43  cHeapBlock m_raw;
44 
45  cASNBuf m_RawSigned;
46  int m_nVersion;
47 
48  cASNBuf m_SignOID1;
49  cKeySigAlg m_SigAlg;
50  cASNBuf m_SignBuffer;
51 
52  // for optional SSL_Key_RSASSA_PSS
53  cNewPtr<cKeyRSASignOptions> m_pRSASignOptions;
54 
55  public:
56  cX509Common() noexcept
57  : m_nVersion(0)
58  {
59  }
60  virtual ~cX509Common()
61  {
63  ASSERT(m_nVersion == 0);
64  }
65 
66  static HRESULT ReturnError(HRESULT hRes) noexcept;
67 
68  static inline X509_Verify_t X509_VerifySet(X509_Verify_t f1, X509_Verify_t f2) noexcept
69  {
71  return (X509_Verify_t)(f1 | f2);
72  }
73 
74  bool isEmptyX() const noexcept
75  {
77  return m_nVersion == 0;
78  }
79  virtual void SetEmptyX();
80 
81  HRESULT ReadSigAlg(cASNReader& r1, cASNBuf& sig_params);
82  HRESULT GetSigAlgStr(StrBuilder& s) const;
83 
84  static StrLen_t GRAYCALL GetSerialStr(StrBuilder& s, const cASNBuf& serial);
85 
86  virtual HRESULT GetDescription(StrBuilder& s, const char* prefix) const = 0;
87 
88  virtual HRESULT ReadFromDer1(const BYTE* buf, size_t buflen) = 0;
89  virtual HRESULT ReadFromDER(const BYTE* buf, size_t buflen) = 0;
90  virtual HRESULT ReadFromUnk(const BYTE* buf, size_t buflen) = 0;
91 
92  HRESULT ReadFromFile(const FILECHAR_t* pszFilePath);
93 
94  UNITTEST_FRIEND(cX509Common);
95  };
96 }
97 
98 #endif // _INC_cX509Common_H
99 
GRAYCALL
#define GRAYCALL
declare calling convention for static functions so everyone knows the arg passing scheme....
Definition: GrayCore.h:36
GRAYLIB_LINK
#define GRAYLIB_LINK
Definition: GrayLibBase.h:35
HRESULT
INT32 HRESULT
_WIN32 style error codes. INT32
Definition: SysTypes.h:465
ASSERT
#define ASSERT(exp)
Definition: cDebugAssert.h:87
GrayLib::cASNBuf
Definition: cASN.h:78
GrayLib::cASNReader
Definition: cASNReader.h:22
GrayLib::cX509Common
Definition: cX509Common.h:24
GrayLib::cX509Common::ReadFromUnk
virtual HRESULT ReadFromUnk(const BYTE *buf, size_t buflen)=0
GrayLib::cX509Common::m_raw
cHeapBlock m_raw
The raw certificate data (ReadFromDer1). cASNBuf pointers can point into this.
Definition: cX509Common.h:43
GrayLib::cX509Common::m_SignOID1
cASNBuf m_SignOID1
Signature algorithm OID, e.g. "sha1RSA" for ReadSigAlg()
Definition: cX509Common.h:48
GrayLib::cX509Common::UNITTEST_FRIEND
UNITTEST_FRIEND(cX509Common)
GrayLib::cX509Common::X509_VerifySet
static X509_Verify_t X509_VerifySet(X509_Verify_t f1, X509_Verify_t f2) noexcept
Definition: cX509Common.h:68
GrayLib::cX509Common::isEmptyX
bool isEmptyX() const noexcept
Definition: cX509Common.h:74
GrayLib::cX509Common::cX509Common
cX509Common() noexcept
Definition: cX509Common.h:56
GrayLib::cX509Common::m_pRSASignOptions
cNewPtr< cKeyRSASignOptions > m_pRSASignOptions
Signature options to be passed to VerifySignatureExt(), e.g. for RSASSA-PSS SSL_Key_RSASSA_PSS.
Definition: cX509Common.h:53
GrayLib::cX509Common::ReadFromDER
virtual HRESULT ReadFromDER(const BYTE *buf, size_t buflen)=0
GrayLib::cX509Common::m_SigAlg
cKeySigAlg m_SigAlg
How to sign with m_SignOID1.
Definition: cX509Common.h:49
GrayLib::cX509Common::m_RawSigned
cASNBuf m_RawSigned
The raw certificate body (in m_raw)(ReadFromDer1). The part that is To Be Signed. Precedes m_nVersion...
Definition: cX509Common.h:45
GrayLib::cX509Common::m_SignBuffer
cASNBuf m_SignBuffer
Definition: cX509Common.h:50
GrayLib::cX509Common::m_nVersion
int m_nVersion
1,2,3. 0 = unused. X509_CRT_VERSION_TYPE or CRL version
Definition: cX509Common.h:46
GrayLib::cX509Common::~cX509Common
virtual ~cX509Common()
Definition: cX509Common.h:60
GrayLib::cX509Common::ReadFromDer1
virtual HRESULT ReadFromDer1(const BYTE *buf, size_t buflen)=0
GrayLib::cX509Common::GetDescription
virtual HRESULT GetDescription(StrBuilder &s, const char *prefix) const =0
Gray::StrBuilder
Definition: StrBuilder.h:18
Gray::cHeapBlock
Definition: cHeap.h:156
Gray::cNewPtr
Definition: cNewPtr.h:18
Gray::cRefBase
Definition: cRefPtr.h:22
GrayLib
Definition: cMesh.h:22
GrayLib::X509_Verify_t
X509_Verify_t
Definition: cX509.h:41
Gray::StrLen_t
int StrLen_t
the length of a string in chars (bytes for UTF8, wchar_t for UNICODE). or offset in characters....
Definition: StrConst.h:32
Gray::FILECHAR_t
char FILECHAR_t
a UTF8 char in a file name. like TCHAR
Definition: FileName.h:22
GrayLib::cKeySigAlg
Definition: cKeyBase.h:40