A descriptor of encryption method and key to be used in container.
More...
#include <Recipient.h>
|
| | Recipient ()=default |
| |
| bool | isEmpty () const |
| | test whether the Recipient structure is initialized
|
| |
| bool | isSymmetric () const |
| | check whether Recipient is based on symmetric key
|
| |
| bool | isPKI () const |
| | check whether Recipient is based on public key
|
| |
| bool | isCertificate () const |
| | check whether Recipient is based on certificate
|
| |
| bool | isKeyServer () const |
| | check whether Recipient is keyserver
|
| |
| bool | isKeyShare () const |
| | check whether Recipient is keyshare
|
| |
| void | clear () |
| | Clear all values and set type to NONE.
|
| |
| bool | isTheSameRecipient (const Recipient &other) const |
| | A convenience method to check whether two recipients are both public key based and have the same keys.
|
| |
| bool | isTheSameRecipient (const std::vector< uint8_t > &public_key) const |
| | A convenience method to check whether a recipient is public key based and has the given keys.
|
| |
| std::string | getLabel (const std::vector< std::pair< std::string_view, std::string_view > > &extra) const |
| | Get the label for this recipient.
|
| |
| bool | operator== (const Recipient &other) const =default |
| |
|
| static Recipient | makeSymmetric (std::string label, int32_t kdf_iter) |
| | Create a new symmetric key based Recipient.
|
| |
| static Recipient | makePublicKey (std::string label, const std::vector< uint8_t > &public_key, PKType pk_type) |
| | Create a new public key based Recipient.
|
| |
| static Recipient | makeCertificate (std::string label, std::vector< uint8_t > cert) |
| | Create a new certificate based Recipient.
|
| |
| static Recipient | makeServer (std::string label, std::vector< uint8_t > public_key, PKType pk_type, std::string server_id) |
| | Create a new capsule server based Recipient If the label is empty, a machine-readable label text (public key version) is automatically generated according to CDoc2 specification.
|
| |
| static Recipient | makeServer (std::string label, std::vector< uint8_t > cert, std::string server_id) |
| | Create a new capsule server based Recipient If the label is empty, a machine-readable label text (either eID or certificate version) is automatically generated according to CDoc2 specification.
|
| |
| static Recipient | makeShare (const std::string &label, const std::string &server_id, const std::string &recipient_id) |
| | Create new keyshare recipient.
|
| |
| static std::map< std::string, std::string > | parseLabel (const std::string &label) |
| | parse machine-readable CDoc2 label
|
| |
|
| Type | type = Type::NONE |
| | The recipient type.
|
| |
| PKType | pk_type = PKType::ECC |
| | The public key type.
|
| |
| int32_t | kdf_iter = 0 |
| | The number of iterations for PBKDF. Value 0 means directly provided symmetric key.
|
| |
| std::string | label |
| | The recipient's label (if empty the lock label will be autogenerated)
|
| |
| std::vector< uint8_t > | rcpt_key |
| | Recipient's public key (for all PKI types)
|
| |
| std::vector< uint8_t > | cert |
| | The recipient's certificate (if present)
|
| |
| std::string | id |
| | The recipient id for share server (PNOEE-XXXXXXXXXXX)
|
| |
| std::string | server_id |
| | The keyserver or share server list id (if present)
|
| |
| uint64_t | expiry_ts = 0 |
| | The requested capsule expiry timestamp (0 - use server default)
|
| |
| std::string | file_name |
| | key/certificate filename for machine-readable label
|
| |
| std::string | key_name |
| | public key/password name for machine-readable label
|
| |
A descriptor of encryption method and key to be used in container.
Recipient determines all the relevant properties to encrypt the FMK for a certain target.
◆ EIDType
The EID type.
| Enumerator |
|---|
| Unknown | |
| IDCard | |
| DigiID | |
| DigiID_EResident | |
◆ PKType
The public key type.
| Enumerator |
|---|
| ECC | Elliptic curve
|
| RSA | RSA
|
◆ Type
The recipient type.
| Enumerator |
|---|
| NONE | Uninitialized recipient
|
| SYMMETRIC_KEY | Symmetric key (or password)
|
| PUBLIC_KEY | Public key.
|
| KEYSHARE | n of n shared symmetric key
|
◆ Recipient() [1/2]
| libcdoc::Recipient::Recipient |
( |
| ) |
|
|
default |
◆ Recipient() [2/2]
| libcdoc::Recipient::Recipient |
( |
Type |
_type | ) |
|
|
inlineprotected |
◆ clear()
| void libcdoc::Recipient::clear |
( |
| ) |
|
|
inline |
Clear all values and set type to NONE.
◆ getLabel()
| std::string libcdoc::Recipient::getLabel |
( |
const std::vector< std::pair< std::string_view, std::string_view > > & |
extra | ) |
const |
Get the label for this recipient.
Either returns user-specified label or generate machine-readable if empty
- Parameters
-
| extra | additional parameter values to use |
- Returns
- a label value
◆ isCertificate()
| bool libcdoc::Recipient::isCertificate |
( |
| ) |
const |
|
inline |
check whether Recipient is based on certificate
- Returns
- true if type is CERTIFICATE
◆ isEmpty()
| bool libcdoc::Recipient::isEmpty |
( |
| ) |
const |
|
inline |
test whether the Recipient structure is initialized
- Returns
- true if not initialized
◆ isKeyServer()
| bool libcdoc::Recipient::isKeyServer |
( |
| ) |
const |
|
inline |
check whether Recipient is keyserver
- Returns
- true if type is SERVER
◆ isKeyShare()
| bool libcdoc::Recipient::isKeyShare |
( |
| ) |
const |
|
inline |
check whether Recipient is keyshare
- Returns
- true if type is KEYSHARE
◆ isPKI()
| bool libcdoc::Recipient::isPKI |
( |
| ) |
const |
|
inline |
check whether Recipient is based on public key
- Returns
- true if type is CERTIFICATE, PUBLIC_KEY or SERVER
◆ isSymmetric()
| bool libcdoc::Recipient::isSymmetric |
( |
| ) |
const |
|
inline |
check whether Recipient is based on symmetric key
- Returns
- true if type is SYMMETRIC_KEY
◆ isTheSameRecipient() [1/2]
| bool libcdoc::Recipient::isTheSameRecipient |
( |
const Recipient & |
other | ) |
const |
A convenience method to check whether two recipients are both public key based and have the same keys.
- Parameters
-
- Returns
- true if the public keys are identical
◆ isTheSameRecipient() [2/2]
| bool libcdoc::Recipient::isTheSameRecipient |
( |
const std::vector< uint8_t > & |
public_key | ) |
const |
A convenience method to check whether a recipient is public key based and has the given keys.
- Parameters
-
| public_key | a public key to test |
- Returns
- true if the public keys are identical
◆ makeCertificate()
| static Recipient libcdoc::Recipient::makeCertificate |
( |
std::string |
label, |
|
|
std::vector< uint8_t > |
cert |
|
) |
| |
|
static |
Create a new certificate based Recipient.
- Parameters
-
| label | the label text |
| cert | the certificate value (der-encoded) |
- Returns
- a new Recipient structure
◆ makePublicKey()
| static Recipient libcdoc::Recipient::makePublicKey |
( |
std::string |
label, |
|
|
const std::vector< uint8_t > & |
public_key, |
|
|
PKType |
pk_type |
|
) |
| |
|
static |
Create a new public key based Recipient.
- Parameters
-
| label | the label text |
| public_key | the public key value |
| pk_type | the algorithm type (either ECC or RSA) |
- Returns
- a new Recipient structure
◆ makeServer() [1/2]
| static Recipient libcdoc::Recipient::makeServer |
( |
std::string |
label, |
|
|
std::vector< uint8_t > |
cert, |
|
|
std::string |
server_id |
|
) |
| |
|
static |
Create a new capsule server based Recipient If the label is empty, a machine-readable label text (either eID or certificate version) is automatically generated according to CDoc2 specification.
- Parameters
-
| label | the label text |
| cert | the recipient's certificate (der-encoded) |
| server_id | the keyserver id |
- Returns
- a new Recipient structure
◆ makeServer() [2/2]
| static Recipient libcdoc::Recipient::makeServer |
( |
std::string |
label, |
|
|
std::vector< uint8_t > |
public_key, |
|
|
PKType |
pk_type, |
|
|
std::string |
server_id |
|
) |
| |
|
static |
Create a new capsule server based Recipient If the label is empty, a machine-readable label text (public key version) is automatically generated according to CDoc2 specification.
- Parameters
-
| label | the label text |
| public_key | the public key value |
| pk_type | the algorithm type (either ECC or RSA) |
| server_id | the keyserver id |
- Returns
- a new Recipient structure
◆ makeShare()
| static Recipient libcdoc::Recipient::makeShare |
( |
const std::string & |
label, |
|
|
const std::string & |
server_id, |
|
|
const std::string & |
recipient_id |
|
) |
| |
|
static |
Create new keyshare recipient.
- Parameters
-
| label | the label text |
| server_id | the id of share server group |
| recipient_id | the recipient id (PNOEE-01234567890) |
- Returns
- Recipient a new Recipient structure
◆ makeSymmetric()
| static Recipient libcdoc::Recipient::makeSymmetric |
( |
std::string |
label, |
|
|
int32_t |
kdf_iter |
|
) |
| |
|
static |
Create a new symmetric key based Recipient.
- Parameters
-
| label | the label text |
| kdf_iter | the number of PBKDF iterations (0 if full key is provided) |
- Returns
- a new Recipient structure
◆ operator==()
| bool libcdoc::Recipient::operator== |
( |
const Recipient & |
other | ) |
const |
|
default |
◆ parseLabel()
| static std::map< std::string, std::string > libcdoc::Recipient::parseLabel |
( |
const std::string & |
label | ) |
|
|
static |
parse machine-readable CDoc2 label
- Parameters
-
- Returns
- a map of key-value pairs
◆ cert
| std::vector<uint8_t> libcdoc::Recipient::cert |
The recipient's certificate (if present)
◆ expiry_ts
| uint64_t libcdoc::Recipient::expiry_ts = 0 |
The requested capsule expiry timestamp (0 - use server default)
◆ file_name
| std::string libcdoc::Recipient::file_name |
key/certificate filename for machine-readable label
◆ id
| std::string libcdoc::Recipient::id |
The recipient id for share server (PNOEE-XXXXXXXXXXX)
◆ kdf_iter
| int32_t libcdoc::Recipient::kdf_iter = 0 |
The number of iterations for PBKDF. Value 0 means directly provided symmetric key.
◆ key_name
| std::string libcdoc::Recipient::key_name |
public key/password name for machine-readable label
◆ label
| std::string libcdoc::Recipient::label |
The recipient's label (if empty the lock label will be autogenerated)
◆ pk_type
◆ rcpt_key
| std::vector<uint8_t> libcdoc::Recipient::rcpt_key |
◆ server_id
| std::string libcdoc::Recipient::server_id |
The keyserver or share server list id (if present)
◆ type
The documentation for this struct was generated from the following file:
1.9.8