-
Notifications
You must be signed in to change notification settings - Fork 74
Expand file tree
/
Copy pathc4Certificate.hh
More file actions
158 lines (103 loc) · 4.33 KB
/
Copy pathc4Certificate.hh
File metadata and controls
158 lines (103 loc) · 4.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
//
// c4Certificate.hh
//
// Copyright 2021-Present Couchbase, Inc.
//
// Use of this software is governed by the Business Source License included
// in the file licenses/BSL-Couchbase.txt. As of the Change Date specified
// in that file, in accordance with the Business Source License, use of this
// software will be governed by the Apache License, Version 2.0, included in
// the file licenses/APL2.txt.
//
#pragma once
#include "c4Base.hh"
#include "c4CertificateTypes.h"
#include "fleece/InstanceCounted.hh"
#include <functional>
#include <vector>
C4_ASSUME_NONNULL_BEGIN
// ************************************************************************
// This header is part of the LiteCore C++ API.
// If you use this API, you must _statically_ link LiteCore;
// the dynamic library only exports the C API.
// ************************************************************************
struct C4Cert final
: public fleece::RefCounted
, public fleece::InstanceCountedIn<C4Cert>
, C4Base {
#ifdef COUCHBASE_ENTERPRISE
static Ref<C4Cert> fromData(slice certData);
alloc_slice getData(bool pemEncoded);
alloc_slice getChainData();
alloc_slice getSummary();
alloc_slice getSubjectName();
alloc_slice getSubjectNameComponent(C4CertNameAttributeID);
struct NameInfo {
alloc_slice id; ///< X.509 attribute name (e.g. "CN" or "O"), like a C4CertNameAttributeID
alloc_slice value; ///< The value of the name component, i.e. the name.
};
NameInfo getSubjectNameAtIndex(unsigned index);
#endif // COUCHBASE_ENTERPRISE
std::pair<C4Timestamp, C4Timestamp> getValidTimespan();
#ifdef COUCHBASE_ENTERPRISE
C4CertUsage getUsages();
bool isSelfSigned();
bool isSignedBy(C4Cert* issuer);
Retained<C4KeyPair> getPublicKey();
Retained<C4KeyPair> loadPersistentPrivateKey();
Retained<C4Cert> getNextInChain();
// Certificate signing requests:
static Ref<C4Cert> createRequest(const std::vector<C4CertNameComponent>& nameComponents, C4CertUsage certUsages,
C4KeyPair* subjectKey);
static Ref<C4Cert> requestFromData(slice certRequestData);
bool isSigned();
using SigningCallback = std::function<void(C4Cert*, C4Error)>;
void sendSigningRequest(const C4Address& address, slice optionsDictFleece, const SigningCallback& callback);
Ref<C4Cert> signRequest(const C4CertIssuerParameters& params, C4KeyPair* issuerPrivateKey,
C4Cert* C4NULLABLE issuerCert);
// Persistence:
void save(bool entireChain, slice name);
static void deleteNamed(slice name);
static Retained<C4Cert> load(slice name);
static bool exists(slice name);
// Internal:
litecore::crypto::Cert* assertSignedCert();
private:
explicit C4Cert(litecore::crypto::CertBase*);
~C4Cert() override;
litecore::crypto::CertSigningRequest* assertUnsignedCert();
#endif // COUCHBASE_ENTERPRISE
litecore::crypto::Cert* C4NULLABLE asSignedCert();
Ref<litecore::crypto::CertBase> _impl;
};
#ifdef COUCHBASE_ENTERPRISE
# pragma mark - KEY PAIRS:
struct C4KeyPair final
: public fleece::RefCounted
, C4Base {
static Ref<C4KeyPair> generate(C4KeyPairAlgorithm algorithm, unsigned sizeInBits, bool persistent);
static Ref<C4KeyPair> fromPublicKeyData(slice publicKeyData);
static Ref<C4KeyPair> fromPrivateKeyData(slice privateKeyData, slice passwordOrNull);
bool hasPrivateKey();
alloc_slice getPublicKeyDigest();
alloc_slice getPublicKeyData();
alloc_slice getPrivateKeyData();
// Persistence:
bool isPersistent();
static Retained<C4KeyPair> persistentWithPublicKey(C4KeyPair*);
void removePersistent();
// Externally-Implemented Key-Pairs:
static Ref<C4KeyPair> fromExternal(C4KeyPairAlgorithm algorithm, size_t keySizeInBits, void* externalKey,
const C4ExternalKeyCallbacks& callbacks);
// Internal:
litecore::crypto::PrivateKey* C4NULLABLE getPrivateKey();
private:
friend struct C4Cert;
explicit C4KeyPair(litecore::crypto::Key*);
~C4KeyPair() override;
Ref<litecore::crypto::PublicKey> getPublicKey();
litecore::crypto::PersistentPrivateKey* getPersistentPrivateKey();
Ref<litecore::crypto::Key> _impl;
};
#endif // COUCHBASE_ENTERPRISE
C4_ASSUME_NONNULL_END