Botan  1.11.15
src/lib/cert/x509/certstor.h
Go to the documentation of this file.
00001 /*
00002 * Certificate Store
00003 * (C) 1999-2010,2013 Jack Lloyd
00004 *
00005 * Botan is released under the Simplified BSD License (see license.txt)
00006 */
00007 
00008 #ifndef BOTAN_CERT_STORE_H__
00009 #define BOTAN_CERT_STORE_H__
00010 
00011 #include <botan/x509cert.h>
00012 #include <botan/x509_crl.h>
00013 
00014 namespace Botan {
00015 
00016 /**
00017 * Certificate Store Interface
00018 */
00019 class BOTAN_DLL Certificate_Store
00020    {
00021    public:
00022       virtual ~Certificate_Store() {}
00023 
00024       /**
00025       * Subject DN and (optionally) key identifier
00026       */
00027       virtual const X509_Certificate*
00028          find_cert(const X509_DN& subject_dn, const std::vector<byte>& key_id) const = 0;
00029 
00030       virtual const X509_CRL* find_crl_for(const X509_Certificate& subject) const;
00031 
00032       bool certificate_known(const X509_Certificate& cert) const
00033          {
00034          return find_cert(cert.subject_dn(), cert.subject_key_id()) != nullptr;
00035          }
00036 
00037       // remove this (used by TLS::Server)
00038       virtual std::vector<X509_DN> all_subjects() const = 0;
00039    };
00040 
00041 /**
00042 * In Memory Certificate Store
00043 */
00044 class BOTAN_DLL Certificate_Store_In_Memory : public Certificate_Store
00045    {
00046    public:
00047       /**
00048       * Attempt to parse all files in dir (including subdirectories)
00049       * as certificates. Ignores errors.
00050       */
00051       Certificate_Store_In_Memory(const std::string& dir);
00052 
00053       Certificate_Store_In_Memory() {}
00054 
00055       void add_certificate(const X509_Certificate& cert);
00056 
00057       void add_crl(const X509_CRL& crl);
00058 
00059       std::vector<X509_DN> all_subjects() const override;
00060 
00061       const X509_Certificate* find_cert(
00062          const X509_DN& subject_dn,
00063          const std::vector<byte>& key_id) const override;
00064 
00065       const X509_CRL* find_crl_for(const X509_Certificate& subject) const override;
00066    private:
00067       // TODO: Add indexing on the DN and key id to avoid linear search
00068       std::vector<X509_Certificate> m_certs;
00069       std::vector<X509_CRL> m_crls;
00070    };
00071 
00072 class BOTAN_DLL Certificate_Store_Overlay : public Certificate_Store
00073    {
00074    public:
00075       Certificate_Store_Overlay(const std::vector<X509_Certificate>& certs) :
00076          m_certs(certs) {}
00077 
00078       std::vector<X509_DN> all_subjects() const override;
00079 
00080       const X509_Certificate* find_cert(
00081          const X509_DN& subject_dn,
00082          const std::vector<byte>& key_id) const override;
00083    private:
00084       const std::vector<X509_Certificate>& m_certs;
00085    };
00086 
00087 }
00088 
00089 #endif