Botan 2.19.3
Crypto and TLS for C&
certstor_flatfile.h
Go to the documentation of this file.
1/*
2* Certificate Store
3* (C) 1999-2019 Jack Lloyd
4* (C) 2019 Patrick Schmidt
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_CERT_STORE_FLATFILE_H_
10#define BOTAN_CERT_STORE_FLATFILE_H_
11
12#include <botan/certstor.h>
13
14#include <vector>
15#include <memory>
16#include <map>
17
18namespace Botan {
19/**
20* Certificate Store that is backed by a file of PEMs of trusted CAs.
21*/
23 {
24 public:
25 /**
26 * Construct a new Certificate_Store given a file path to a file including
27 * PEMs of trusted self-signed CAs.
28 *
29 * @param file the name of the file to read certificates from
30 * @param ignore_non_ca if true, certs that are not self-signed CA certs will
31 * be ignored. Otherwise (if false), an exception will be thrown instead.
32 */
33 Flatfile_Certificate_Store(const std::string& file, bool ignore_non_ca = false);
34
39
40 /**
41 * @return DNs for all certificates managed by the store
42 */
43 std::vector<X509_DN> all_subjects() const override;
44
45 /**
46 * Find all certificates with a given Subject DN.
47 * Subject DN and even the key identifier might not be unique.
48 */
49 std::vector<std::shared_ptr<const X509_Certificate>> find_all_certs(
50 const X509_DN& subject_dn, const std::vector<uint8_t>& key_id) const override;
51
52 /**
53 * Find a certificate by searching for one with a matching SHA-1 hash of
54 * public key.
55 * @return a matching certificate or nullptr otherwise
56 */
57 std::shared_ptr<const X509_Certificate>
58 find_cert_by_pubkey_sha1(const std::vector<uint8_t>& key_hash) const override;
59
60 std::shared_ptr<const X509_Certificate>
61 find_cert_by_raw_subject_dn_sha256(const std::vector<uint8_t>& subject_hash) const override;
62
63 /**
64 * Fetching CRLs is not supported by this certificate store. This will
65 * always return an empty list.
66 */
67 std::shared_ptr<const X509_CRL> find_crl_for(const X509_Certificate& subject) const override;
68
69 private:
70 std::vector<X509_DN> m_all_subjects;
71 std::map<X509_DN, std::vector<std::shared_ptr<const X509_Certificate>>> m_dn_to_cert;
72 std::map<std::vector<uint8_t>, std::shared_ptr<const X509_Certificate>> m_pubkey_sha1_to_cert;
73 std::map<std::vector<uint8_t>, std::shared_ptr<const X509_Certificate>> m_subject_dn_sha256_to_cert;
74 };
75}
76
77#endif
Flatfile_Certificate_Store & operator=(const Flatfile_Certificate_Store &)=default
Flatfile_Certificate_Store(const Flatfile_Certificate_Store &)=default
Flatfile_Certificate_Store(Flatfile_Certificate_Store &&)=default
Flatfile_Certificate_Store & operator=(Flatfile_Certificate_Store &&)=default
int(* final)(unsigned char *, CTX *)
#define BOTAN_PUBLIC_API(maj, min)
Definition compiler.h:31