| 1 | //======================================================================== |
|---|
| 2 | // |
|---|
| 3 | // CertificateInfo.h |
|---|
| 4 | // |
|---|
| 5 | // This file is licensed under the GPLv2 or later |
|---|
| 6 | // |
|---|
| 7 | // Copyright 2018 Chinmoy Ranjan Pradhan <chinmoyrp65@gmail.com> |
|---|
| 8 | // Copyright 2018, 2019 Albert Astals Cid <aacid@kde.org> |
|---|
| 9 | // Copyright 2018 Oliver Sander <oliver.sander@tu-dresden.de> |
|---|
| 10 | // Copyright 2020 Thorsten Behrens <Thorsten.Behrens@CIB.de> |
|---|
| 11 | // Copyright 2023 g10 Code GmbH, Author: Sune Stolborg Vuorela <sune@vuorela.dk> |
|---|
| 12 | // |
|---|
| 13 | //======================================================================== |
|---|
| 14 | |
|---|
| 15 | #ifndef CERTIFICATEINFO_H |
|---|
| 16 | #define CERTIFICATEINFO_H |
|---|
| 17 | |
|---|
| 18 | #include <memory> |
|---|
| 19 | #include <ctime> |
|---|
| 20 | #include "goo/GooString.h" |
|---|
| 21 | #include "poppler_private_export.h" |
|---|
| 22 | |
|---|
| 23 | enum CertificateKeyUsageExtension |
|---|
| 24 | { |
|---|
| 25 | KU_DIGITAL_SIGNATURE = 0x80, |
|---|
| 26 | KU_NON_REPUDIATION = 0x40, |
|---|
| 27 | KU_KEY_ENCIPHERMENT = 0x20, |
|---|
| 28 | KU_DATA_ENCIPHERMENT = 0x10, |
|---|
| 29 | KU_KEY_AGREEMENT = 0x08, |
|---|
| 30 | KU_KEY_CERT_SIGN = 0x04, |
|---|
| 31 | KU_CRL_SIGN = 0x02, |
|---|
| 32 | KU_ENCIPHER_ONLY = 0x01, |
|---|
| 33 | KU_NONE = 0x00 |
|---|
| 34 | }; |
|---|
| 35 | |
|---|
| 36 | enum PublicKeyType |
|---|
| 37 | { |
|---|
| 38 | RSAKEY, |
|---|
| 39 | DSAKEY, |
|---|
| 40 | ECKEY, |
|---|
| 41 | OTHERKEY |
|---|
| 42 | }; |
|---|
| 43 | |
|---|
| 44 | /** A signing key can be located in different places |
|---|
| 45 | sometimes. For the user, it might be easier to pick |
|---|
| 46 | the key located on a card if it has some visual |
|---|
| 47 | indicator that it is somehow removable. |
|---|
| 48 | |
|---|
| 49 | \note a keylocation for a certificate without a private |
|---|
| 50 | key (cannot be used for signing) will likely be "Unknown" |
|---|
| 51 | */ |
|---|
| 52 | enum class KeyLocation |
|---|
| 53 | { |
|---|
| 54 | Unknown, /** We don't know the location */ |
|---|
| 55 | Other, /** We know the location, but it is somehow not covered by this enum */ |
|---|
| 56 | Computer, /** The key is on this computer */ |
|---|
| 57 | HardwareToken /** The key is on a dedicated hardware token, either a smartcard or a dedicated usb token (e.g. gnuk, nitrokey or yubikey) */ |
|---|
| 58 | }; |
|---|
| 59 | |
|---|
| 60 | class POPPLER_PRIVATE_EXPORT X509CertificateInfo |
|---|
| 61 | { |
|---|
| 62 | public: |
|---|
| 63 | X509CertificateInfo(); |
|---|
| 64 | ~X509CertificateInfo(); |
|---|
| 65 | |
|---|
| 66 | X509CertificateInfo(const X509CertificateInfo &) = delete; |
|---|
| 67 | X509CertificateInfo &operator=(const X509CertificateInfo &) = delete; |
|---|
| 68 | |
|---|
| 69 | struct PublicKeyInfo |
|---|
| 70 | { |
|---|
| 71 | PublicKeyInfo() = default; |
|---|
| 72 | |
|---|
| 73 | PublicKeyInfo(PublicKeyInfo &&) noexcept = default; |
|---|
| 74 | PublicKeyInfo &operator=(PublicKeyInfo &&) noexcept = default; |
|---|
| 75 | |
|---|
| 76 | PublicKeyInfo(const PublicKeyInfo &) = delete; |
|---|
| 77 | PublicKeyInfo &operator=(const PublicKeyInfo &) = delete; |
|---|
| 78 | |
|---|
| 79 | GooString publicKey; |
|---|
| 80 | PublicKeyType publicKeyType = OTHERKEY; |
|---|
| 81 | unsigned int publicKeyStrength = 0; // in bits |
|---|
| 82 | }; |
|---|
| 83 | |
|---|
| 84 | struct EntityInfo |
|---|
| 85 | { |
|---|
| 86 | EntityInfo() = default; |
|---|
| 87 | ~EntityInfo() = default; |
|---|
| 88 | |
|---|
| 89 | EntityInfo(EntityInfo &&) noexcept = default; |
|---|
| 90 | EntityInfo &operator=(EntityInfo &&) noexcept = default; |
|---|
| 91 | |
|---|
| 92 | EntityInfo(const EntityInfo &) = delete; |
|---|
| 93 | EntityInfo &operator=(const EntityInfo &) = delete; |
|---|
| 94 | |
|---|
| 95 | std::string commonName; |
|---|
| 96 | std::string distinguishedName; |
|---|
| 97 | std::string email; |
|---|
| 98 | std::string organization; |
|---|
| 99 | }; |
|---|
| 100 | |
|---|
| 101 | struct Validity |
|---|
| 102 | { |
|---|
| 103 | Validity() : notBefore(0), notAfter(0) { } |
|---|
| 104 | |
|---|
| 105 | time_t notBefore; |
|---|
| 106 | time_t notAfter; |
|---|
| 107 | }; |
|---|
| 108 | |
|---|
| 109 | /* GETTERS */ |
|---|
| 110 | int getVersion() const; |
|---|
| 111 | const GooString &getSerialNumber() const; |
|---|
| 112 | const GooString &getNickName() const; |
|---|
| 113 | const EntityInfo &getIssuerInfo() const; |
|---|
| 114 | const Validity &getValidity() const; |
|---|
| 115 | const EntityInfo &getSubjectInfo() const; |
|---|
| 116 | const PublicKeyInfo &getPublicKeyInfo() const; |
|---|
| 117 | unsigned int getKeyUsageExtensions() const; |
|---|
| 118 | const GooString &getCertificateDER() const; |
|---|
| 119 | bool getIsSelfSigned() const; |
|---|
| 120 | KeyLocation getKeyLocation() const; |
|---|
| 121 | |
|---|
| 122 | /* SETTERS */ |
|---|
| 123 | void setVersion(int); |
|---|
| 124 | void setSerialNumber(const GooString &); |
|---|
| 125 | void setNickName(const GooString &); |
|---|
| 126 | void setIssuerInfo(EntityInfo &&); |
|---|
| 127 | void setValidity(Validity); |
|---|
| 128 | void setSubjectInfo(EntityInfo &&); |
|---|
| 129 | void setPublicKeyInfo(PublicKeyInfo &&); |
|---|
| 130 | void setKeyUsageExtensions(unsigned int); |
|---|
| 131 | void setCertificateDER(const GooString &); |
|---|
| 132 | void setIsSelfSigned(bool); |
|---|
| 133 | void setKeyLocation(KeyLocation location); |
|---|
| 134 | |
|---|
| 135 | private: |
|---|
| 136 | EntityInfo issuer_info; |
|---|
| 137 | EntityInfo subject_info; |
|---|
| 138 | PublicKeyInfo public_key_info; |
|---|
| 139 | Validity cert_validity; |
|---|
| 140 | GooString cert_serial; |
|---|
| 141 | GooString cert_der; |
|---|
| 142 | GooString cert_nick; |
|---|
| 143 | unsigned int ku_extensions; |
|---|
| 144 | int cert_version; |
|---|
| 145 | bool is_self_signed; |
|---|
| 146 | KeyLocation keyLocation; |
|---|
| 147 | }; |
|---|
| 148 | |
|---|
| 149 | #endif |
|---|
| 150 | |
|---|
