libdcp
certificate_chain.h
Go to the documentation of this file.
1 /*
2  Copyright (C) 2013-2021 Carl Hetherington <cth@carlh.net>
3 
4  This file is part of libdcp.
5 
6  libdcp is free software; you can redistribute it and/or modify
7  it under the terms of the GNU General Public License as published by
8  the Free Software Foundation; either version 2 of the License, or
9  (at your option) any later version.
10 
11  libdcp is distributed in the hope that it will be useful,
12  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  GNU General Public License for more details.
15 
16  You should have received a copy of the GNU General Public License
17  along with libdcp. If not, see <http://www.gnu.org/licenses/>.
18 
19  In addition, as a special exception, the copyright holders give
20  permission to link the code of portions of this program with the
21  OpenSSL library under certain conditions as described in each
22  individual source file, and distribute linked combinations
23  including the two.
24 
25  You must obey the GNU General Public License in all respects
26  for all of the code used other than OpenSSL. If you modify
27  file(s) with this exception, you may extend this exception to your
28  version of the file(s), but you are not obligated to do so. If you
29  do not wish to do so, delete this exception statement from your
30  version. If you delete this exception statement from all source
31  files in the program, then also delete it here.
32 */
33 
34 
40 #ifndef LIBDCP_CERTIFICATE_CHAIN_H
41 #define LIBDCP_CERTIFICATE_CHAIN_H
42 
43 
44 #include "certificate.h"
45 #include "types.h"
46 #include <boost/filesystem.hpp>
47 #include <boost/optional.hpp>
48 
49 
50 namespace xmlpp {
51  class Node;
52 }
53 
54 
55 struct certificates_validation1;
56 struct certificates_validation2;
57 struct certificates_validation3;
58 struct certificates_validation4;
59 struct certificates_validation5;
60 struct certificates_validation6;
61 struct certificates_validation7;
62 struct certificates_validation8;
63 
64 
65 namespace dcp {
66 
67 
74 class CertificateChain
75 {
76 public:
77  CertificateChain () {}
78 
87  CertificateChain (
88  boost::filesystem::path openssl,
89  int validity_in_days,
90  std::string organisation = "example.org",
91  std::string organisational_unit = "example.org",
92  std::string root_common_name = ".smpte-430-2.ROOT.NOT_FOR_PRODUCTION",
93  std::string intermediate_common_name = ".smpte-430-2.INTERMEDIATE.NOT_FOR_PRODUCTION",
94  std::string leaf_common_name = "CS.smpte-430-2.LEAF.NOT_FOR_PRODUCTION"
95  );
96 
100  explicit CertificateChain (std::string s);
101 
105  void add (Certificate c);
106 
110  void remove (Certificate c);
111 
115  void remove (int i);
116 
118  Certificate root () const;
119 
121  Certificate leaf () const;
122 
123  typedef std::vector<Certificate> List;
124 
126  List leaf_to_root () const;
128  List root_to_leaf () const;
129  List unordered () const;
130 
137  bool valid (std::string* reason = nullptr) const;
138 
144  bool chain_valid () const;
145 
149  bool private_key_valid () const;
150 
155  void sign (xmlpp::Element* parent, Standard standard) const;
156 
162  void add_signature_value (xmlpp::Element* parent, std::string ns, bool add_indentation) const;
163 
164  boost::optional<std::string> key () const {
165  return _key;
166  }
167 
168  void set_key (std::string k) {
169  _key = k;
170  }
171 
172  std::string chain () const;
173 
174 private:
175  friend struct ::certificates_validation1;
176  friend struct ::certificates_validation2;
177  friend struct ::certificates_validation3;
178  friend struct ::certificates_validation4;
179  friend struct ::certificates_validation5;
180  friend struct ::certificates_validation6;
181  friend struct ::certificates_validation7;
182  friend struct ::certificates_validation8;
183 
184  bool chain_valid(List const & chain, std::string* error = nullptr) const;
185 
187  List _certificates;
189  boost::optional<std::string> _key;
190 };
191 
192 
193 std::string public_key_digest(RSA* public_key);
194 std::string public_key_digest(boost::filesystem::path private_key);
195 std::string escape_digest(std::string digest);
196 
197 
198 }
199 
200 
201 #endif
certificate.h
Certificate class.
dcp::CertificateChain
A chain of any number of certificates, from root to leaf.
Definition: certificate_chain.h:75
dcp::CertificateChain::add
void add(Certificate c)
Definition: certificate_chain.cc:405
dcp::CertificateChain::leaf
Certificate leaf() const
Definition: certificate_chain.cc:381
dcp::CertificateChain::root
Certificate root() const
Definition: certificate_chain.cc:373
dcp::CertificateChain::_key
boost::optional< std::string > _key
Definition: certificate_chain.h:189
dcp::CertificateChain::valid
bool valid(std::string *reason=nullptr) const
Definition: certificate_chain.cc:565
dcp::CertificateChain::add_signature_value
void add_signature_value(xmlpp::Element *parent, std::string ns, bool add_indentation) const
Definition: certificate_chain.cc:655
dcp::CertificateChain::sign
void sign(xmlpp::Element *parent, Standard standard) const
Definition: certificate_chain.cc:604
dcp::CertificateChain::remove
void remove(Certificate c)
Definition: certificate_chain.cc:412
dcp::Certificate
A wrapper for an X509 certificate.
Definition: certificate.h:66
dcp
Namespace for everything in libdcp.
Definition: array_data.h:50
types.h
Miscellaneous types.
Generated on Tue Dec 24 2024 22:10:57 for libdcp by doxygen 1.9.1