libdigidocpp 4.1.0
Public Types | Public Member Functions | Static Public Attributes | List of all members
digidoc::X509Cert Class Reference

Wrapper for OpenSSL X509 certificate structure. More...

#include <X509Cert.h>

Public Types

enum  Format { Der , Pem }
 
enum  KeyUsage {
  DigitalSignature = 0 , NonRepudiation , KeyEncipherment , DataEncipherment ,
  KeyAgreement , KeyCertificateSign , CRLSign , EncipherOnly ,
  DecipherOnly
}
 

Public Member Functions

 X509Cert (X509 *cert=nullptr)
 
 X509Cert (const unsigned char *bytes, size_t size, Format format=Der)
 
 X509Cert (const std::vector< unsigned char > &bytes, Format format=Der)
 
 X509Cert (std::initializer_list< unsigned char > bytes, Format format=Der)
 
 X509Cert (const std::string &path, Format format=Pem)
 
 X509Cert (X509Cert &&other) noexcept
 
 X509Cert (const X509Cert &other)
 
 ~X509Cert ()
 
std::string serial () const
 
std::string issuerName (const std::string &obj=std::string()) const
 
std::string subjectName (const std::string &obj=std::string()) const
 
std::vector< KeyUsagekeyUsage () const
 
std::vector< std::string > certificatePolicies () const
 
std::vector< std::string > qcStatements () const
 
bool isCA () const
 
bool isValid (time_t *t=nullptr) const
 
X509 * handle () const
 
 operator std::vector< unsigned char > () const
 
X509Certoperator= (const X509Cert &other)
 
X509Certoperator= (X509Cert &&other) noexcept
 
 operator bool () const
 
bool operator! () const
 
bool operator== (X509 *other) const
 
bool operator== (const X509Cert &other) const
 
bool operator!= (const X509Cert &other) const
 
template<typename Func >
string toString (Func func, const string &obj) const
 

Static Public Attributes

static const std::string QC_COMPLIANT = "0.4.0.1862.1.1"
 
static const std::string QC_SSCD = "0.4.0.1862.1.4"
 
static const std::string QC_QCP = "0.4.0.1862.1.5"
 
static const std::string QC_QCT = "0.4.0.1862.1.6"
 
static const std::string QC_SYNTAX1 = "1.3.6.1.5.5.7.11.1"
 
static const std::string QC_SYNTAX2 = "1.3.6.1.5.5.7.11.2"
 
static const std::string QCS_NATURAL = "0.4.0.194121.1.1"
 
static const std::string QCS_LEGAL = "0.4.0.194121.1.2"
 
static const std::string QCT_ESIGN = "0.4.0.1862.1.6.1"
 
static const std::string QCT_ESEAL = "0.4.0.1862.1.6.2"
 
static const std::string QCT_WEB = "0.4.0.1862.1.6.3"
 
static const std::string QCP_PUBLIC_WITH_SSCD = "0.4.0.1456.1.1"
 
static const std::string QCP_PUBLIC = "0.4.0.1456.1.2"
 
static const std::string QCP_NATURAL = "0.4.0.194112.1.0"
 
static const std::string QCP_LEGAL = "0.4.0.194112.1.1"
 
static const std::string QCP_NATURAL_QSCD = "0.4.0.194112.1.2"
 
static const std::string QCP_LEGAL_QSCD = "0.4.0.194112.1.3"
 
static const std::string QCP_WEB = "0.4.0.194112.1.4"
 

Detailed Description

Wrapper for OpenSSL X509 certificate structure.

Member Enumeration Documentation

◆ Format

enum digidoc::X509Cert::Format

Binary encoding format

Enumerator
Der 

ASN.1 syntax

Pem 

Base64 encoded ASN.1 syntax

◆ KeyUsage

enum digidoc::X509Cert::KeyUsage

Key usage bits defined in certificate

Enumerator
DigitalSignature 
NonRepudiation 

Used for signing certificate selection in the current library

KeyEncipherment 
DataEncipherment 
KeyAgreement 
KeyCertificateSign 
CRLSign 
EncipherOnly 
DecipherOnly 

Constructor & Destructor Documentation

◆ X509Cert() [1/7]

X509Cert::X509Cert ( X509 *  cert = nullptr)
explicit

Creates copy of the OpenSSL X509 certificate.

Parameters
certX509 certificate structure to be wrapped.

◆ X509Cert() [2/7]

X509Cert::X509Cert ( const unsigned char *  bytes,
size_t  size,
Format  format = Der 
)
explicit

Creates X509 certificate from bytes.

Parameters
bytesX509 certificate in bytes.
sizeof X509 certificate in bytes.
formatFormat input bytes format
Exceptions
Exceptionthrows exception if X509 certificate parsing failed.

References Der.

◆ X509Cert() [3/7]

X509Cert::X509Cert ( const std::vector< unsigned char > &  bytes,
Format  format = Der 
)
explicit

Creates X509 certificate from bytes.

Parameters
bytesX509 certificate in bytes.
formatFormat input bytes format
Exceptions
Exceptionthrows exception if X509 certificate parsing failed.

◆ X509Cert() [4/7]

digidoc::X509Cert::X509Cert ( std::initializer_list< unsigned char >  bytes,
Format  format = Der 
)
inlineexplicit

◆ X509Cert() [5/7]

X509Cert::X509Cert ( const std::string &  path,
Format  format = Pem 
)
explicit

Creates X509 certificate from path.

Parameters
pathX509 certificate path.
formatFormat input bytes format
Exceptions
Exceptionthrows exception if X509 certificate parsing failed.

References Der.

◆ X509Cert() [6/7]

X509Cert::X509Cert ( X509Cert &&  other)
defaultnoexcept

Move constructor.

◆ X509Cert() [7/7]

X509Cert::X509Cert ( const X509Cert other)
default

Copy constructor.

◆ ~X509Cert()

X509Cert::~X509Cert ( )
default

Clean up underlying X509 data.

Member Function Documentation

◆ certificatePolicies()

vector< string > X509Cert::certificatePolicies ( ) const

Returns current certificate policies

◆ handle()

X509 * X509Cert::handle ( ) const

Returns certificate internal handle (OpenSSL X509 struct)

Referenced by digidoc::Signer::method().

◆ isCA()

bool X509Cert::isCA ( ) const

Rerturns true if certificate is CA

Referenced by digidoc::PKCS11Signer::cert().

◆ issuerName()

string X509Cert::issuerName ( const std::string &  obj = std::string()) const

Returns issuer name as string.

Parameters
objif set to empty string then returns whole issuer name. Otherwise, for example, if set to CN then returns Common name part from issuer name.
Exceptions
Exceptionexception is throws if the conversion failed.

◆ isValid()

bool X509Cert::isValid ( time_t *  t = nullptr) const

Validates if certificate is in valid time slot

Parameters
tIf param is 0 then current time is used, else defined time

Referenced by digidoc::PKCS11Signer::cert().

◆ keyUsage()

vector< X509Cert::KeyUsage > X509Cert::keyUsage ( ) const

Returns current certificate key usage bits

Referenced by digidoc::PKCS11Signer::cert().

◆ operator bool()

X509Cert::operator bool ( ) const

Returns true if handle is valid

◆ operator std::vector< unsigned char >()

X509Cert::operator std::vector< unsigned char > ( ) const

Encodes the X509 certificate using DER encoding.

Referenced by operator==().

◆ operator!()

bool X509Cert::operator! ( ) const

Negative operator to check if object is valid

◆ operator!=()

bool X509Cert::operator!= ( const X509Cert other) const

Not equal operator to compare two objects

References operator==().

◆ operator=() [1/2]

X509Cert & X509Cert::operator= ( const X509Cert other)
default

Assign operator

◆ operator=() [2/2]

X509Cert & X509Cert::operator= ( X509Cert &&  other)
defaultnoexcept

Move operator

◆ operator==() [1/2]

bool X509Cert::operator== ( const X509Cert other) const

Equal operator to compare two objects

References operator std::vector< unsigned char >().

◆ operator==() [2/2]

bool X509Cert::operator== ( X509 *  other) const

Equal operator to compare two objects

References operator==().

Referenced by operator!=(), and operator==().

◆ qcStatements()

vector< string > X509Cert::qcStatements ( ) const

Return QCStatements info https://www.ietf.org/rfc/rfc3739.txt

References QC_QCT, and QC_SYNTAX2.

◆ serial()

string X509Cert::serial ( ) const

Returns X.509 certificate serial number.

Exceptions
Exceptionexception is thrown if the serial is incorrect.

◆ subjectName()

string X509Cert::subjectName ( const std::string &  obj = std::string()) const

Return subject name as string.

Parameters
objempty string then returns whole issuer name. Otherwise, for example, if set to CN then returns Common name part from issuer name.
Exceptions
Exceptionexception is throws if the conversion failed.

Referenced by digidoc::Signature::signedBy().

◆ toString()

template<typename Func >
string digidoc::X509Cert::toString ( Func  func,
const string &  obj 
) const

Converts X509_NAME struct to string.

Parameters
funcX509_NAME struct that is converted to string.
objOptional parameter to get from X509_NAME (default CN).
Returns
converted value of X509_NAME.
Exceptions
Exceptionthrows exception if conversion failed.

Member Data Documentation

◆ QC_COMPLIANT

const string X509Cert::QC_COMPLIANT = "0.4.0.1862.1.1"
static

https://www.ietf.org/rfc/rfc3739.txt - id-etsi-qcs-QcCompliance

◆ QC_QCP

const string X509Cert::QC_QCP = "0.4.0.1862.1.5"
static

https://www.ietf.org/rfc/rfc3739.txt - id-etsi-qcs-QcPDS

◆ QC_QCT

const string X509Cert::QC_QCT = "0.4.0.1862.1.6"
static

https://www.ietf.org/rfc/rfc3739.txt - id-etsi-qcs-QcType

Referenced by qcStatements().

◆ QC_SSCD

const string X509Cert::QC_SSCD = "0.4.0.1862.1.4"
static

https://www.ietf.org/rfc/rfc3739.txt - id-etsi-qcs-QcSSCD

◆ QC_SYNTAX1

const string X509Cert::QC_SYNTAX1 = "1.3.6.1.5.5.7.11.1"
static

https://www.ietf.org/rfc/rfc3739.txt - id-qcs-pkixQCSyntax-v1

◆ QC_SYNTAX2

const string X509Cert::QC_SYNTAX2 = "1.3.6.1.5.5.7.11.2"
static

https://www.ietf.org/rfc/rfc3739.txt - id-qcs-pkixQCSyntax-v2

Referenced by qcStatements().

◆ QCP_LEGAL

const string X509Cert::QCP_LEGAL = "0.4.0.194112.1.1"
static

http://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.01.01_60/en_31941102v020101p.pdf

◆ QCP_LEGAL_QSCD

const string X509Cert::QCP_LEGAL_QSCD = "0.4.0.194112.1.3"
static

http://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.01.01_60/en_31941102v020101p.pdf

◆ QCP_NATURAL

const string X509Cert::QCP_NATURAL = "0.4.0.194112.1.0"
static

http://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.01.01_60/en_31941102v020101p.pdf

◆ QCP_NATURAL_QSCD

const string X509Cert::QCP_NATURAL_QSCD = "0.4.0.194112.1.2"
static

http://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.01.01_60/en_31941102v020101p.pdf

◆ QCP_PUBLIC

const string X509Cert::QCP_PUBLIC = "0.4.0.1456.1.2"
static

http://www.etsi.org/deliver/etsi_ts/101400_101499/101456/01.04.03_60/ts_101456v010403p.pdf

◆ QCP_PUBLIC_WITH_SSCD

const string X509Cert::QCP_PUBLIC_WITH_SSCD = "0.4.0.1456.1.1"
static

http://www.etsi.org/deliver/etsi_ts/101400_101499/101456/01.04.03_60/ts_101456v010403p.pdf

◆ QCP_WEB

const string X509Cert::QCP_WEB = "0.4.0.194112.1.4"
static

http://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.01.01_60/en_31941102v020101p.pdf

◆ QCS_LEGAL

const string X509Cert::QCS_LEGAL = "0.4.0.194121.1.2"
static

http://www.etsi.org/deliver/etsi_en/319400_319499/31941201/01.01.01_60/en_31941201v010101p.pdf - id-etsi-qcs-semanticsId-legal

◆ QCS_NATURAL

const string X509Cert::QCS_NATURAL = "0.4.0.194121.1.1"
static

http://www.etsi.org/deliver/etsi_en/319400_319499/31941201/01.01.01_60/en_31941201v010101p.pdf - id-etsi-qcs-semanticsId-natural

◆ QCT_ESEAL

const string X509Cert::QCT_ESEAL = "0.4.0.1862.1.6.2"
static

http://www.etsi.org/deliver/etsi_en/319400_319499/31941205/02.01.01_60/en_31941205v020101p.pdf - id-etsi-qct-eseal

◆ QCT_ESIGN

const string X509Cert::QCT_ESIGN = "0.4.0.1862.1.6.1"
static

http://www.etsi.org/deliver/etsi_en/319400_319499/31941205/02.01.01_60/en_31941205v020101p.pdf - id-etsi-qct-esign

◆ QCT_WEB

const string X509Cert::QCT_WEB = "0.4.0.1862.1.6.3"
static

http://www.etsi.org/deliver/etsi_en/319400_319499/31941205/02.01.01_60/en_31941205v020101p.pdf - id-etsi-qct-web

The documentation for this class was generated from the following files: