1 | /* $Id: CertificateImpl.h 93115 2022-01-01 11:31:46Z vboxsync $ */
|
---|
2 | /** @file
|
---|
3 | * VirtualBox COM ICertificate implementation.
|
---|
4 | */
|
---|
5 |
|
---|
6 | /*
|
---|
7 | * Copyright (C) 2006-2022 Oracle Corporation
|
---|
8 | *
|
---|
9 | * This file is part of VirtualBox Open Source Edition (OSE), as
|
---|
10 | * available from http://www.virtualbox.org. This file is free software;
|
---|
11 | * you can redistribute it and/or modify it under the terms of the GNU
|
---|
12 | * General Public License (GPL) as published by the Free Software
|
---|
13 | * Foundation, in version 2 as it comes in the "COPYING" file of the
|
---|
14 | * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
|
---|
15 | * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
|
---|
16 | */
|
---|
17 |
|
---|
18 | #ifndef MAIN_INCLUDED_CertificateImpl_h
|
---|
19 | #define MAIN_INCLUDED_CertificateImpl_h
|
---|
20 | #ifndef RT_WITHOUT_PRAGMA_ONCE
|
---|
21 | # pragma once
|
---|
22 | #endif
|
---|
23 |
|
---|
24 | /* VBox includes */
|
---|
25 | #include <iprt/crypto/x509.h>
|
---|
26 | #include "CertificateWrap.h"
|
---|
27 |
|
---|
28 | #include <vector>
|
---|
29 |
|
---|
30 | using namespace std;
|
---|
31 |
|
---|
32 | /**
|
---|
33 | * Implemenation of ICertificate.
|
---|
34 | *
|
---|
35 | * This implemenation is a very thin wrapper around an immutable
|
---|
36 | * RTCRX509CERTIFICATE and a few caller stated views.
|
---|
37 | *
|
---|
38 | * The views are whether the caller thinks the certificate is trustworthly, and
|
---|
39 | * whether the caller thinks it's expired or not. The caller could be sitting
|
---|
40 | * on more information, like timestamp and intermediate certificates, that helps
|
---|
41 | * inform the caller's view on these two topics.
|
---|
42 | *
|
---|
43 | * @remarks It could be helpful to let the caller also add certificate paths
|
---|
44 | * showing how this certificate ends up being trusted. However, that's
|
---|
45 | * possibly quite some work and will have to wait till required...
|
---|
46 | */
|
---|
47 | class ATL_NO_VTABLE Certificate
|
---|
48 | : public CertificateWrap
|
---|
49 | {
|
---|
50 |
|
---|
51 | public:
|
---|
52 |
|
---|
53 | DECLARE_COMMON_CLASS_METHODS(Certificate)
|
---|
54 |
|
---|
55 | HRESULT initCertificate(PCRTCRX509CERTIFICATE a_pCert, bool a_fTrusted, bool a_fExpired);
|
---|
56 | void uninit();
|
---|
57 |
|
---|
58 | HRESULT FinalConstruct();
|
---|
59 | void FinalRelease();
|
---|
60 |
|
---|
61 | private:
|
---|
62 | // Wrapped ICertificate properties
|
---|
63 | HRESULT getVersionNumber(CertificateVersion_T *aVersionNumber);
|
---|
64 | HRESULT getSerialNumber(com::Utf8Str &aSerialNumber);
|
---|
65 | HRESULT getSignatureAlgorithmOID(com::Utf8Str &aSignatureAlgorithmOID);
|
---|
66 | HRESULT getSignatureAlgorithmName(com::Utf8Str &aSignatureAlgorithmName);
|
---|
67 | HRESULT getPublicKeyAlgorithmOID(com::Utf8Str &aPublicKeyAlgorithmOID);
|
---|
68 | HRESULT getPublicKeyAlgorithm(com::Utf8Str &aPublicKeyAlgorithm);
|
---|
69 | HRESULT getIssuerName(std::vector<com::Utf8Str> &aIssuerName);
|
---|
70 | HRESULT getSubjectName(std::vector<com::Utf8Str> &aSubjectName);
|
---|
71 | HRESULT getFriendlyName(com::Utf8Str &aFriendlyName);
|
---|
72 | HRESULT getValidityPeriodNotBefore(com::Utf8Str &aValidityPeriodNotBefore);
|
---|
73 | HRESULT getValidityPeriodNotAfter(com::Utf8Str &aValidityPeriodNotAfter);
|
---|
74 | HRESULT getSubjectPublicKey(std::vector<BYTE> &aSubjectPublicKey);
|
---|
75 | HRESULT getIssuerUniqueIdentifier(com::Utf8Str &aIssuerUniqueIdentifier);
|
---|
76 | HRESULT getSubjectUniqueIdentifier(com::Utf8Str &aSubjectUniqueIdentifier);
|
---|
77 | HRESULT getCertificateAuthority(BOOL *aCertificateAuthority);
|
---|
78 | HRESULT getKeyUsage(ULONG *aKeyUsage);
|
---|
79 | HRESULT getExtendedKeyUsage(std::vector<com::Utf8Str> &aExtendedKeyUsage);
|
---|
80 | HRESULT getRawCertData(std::vector<BYTE> &aRawCertData);
|
---|
81 | HRESULT getSelfSigned(BOOL *aSelfSigned);
|
---|
82 | HRESULT getTrusted(BOOL *aTrusted);
|
---|
83 | HRESULT getExpired(BOOL *aExpired);
|
---|
84 |
|
---|
85 | // Wrapped ICertificate methods
|
---|
86 | HRESULT isCurrentlyExpired(BOOL *aResult);
|
---|
87 | HRESULT queryInfo(LONG aWhat, com::Utf8Str &aResult);
|
---|
88 |
|
---|
89 | // Methods extracting COM data from the certificate object
|
---|
90 | HRESULT i_getAlgorithmName(PCRTCRX509ALGORITHMIDENTIFIER a_pAlgId, com::Utf8Str &a_rReturn);
|
---|
91 | HRESULT i_getX509Name(PCRTCRX509NAME a_pName, std::vector<com::Utf8Str> &a_rReturn);
|
---|
92 | HRESULT i_getTime(PCRTASN1TIME a_pTime, com::Utf8Str &a_rReturn);
|
---|
93 | HRESULT i_getUniqueIdentifier(PCRTCRX509UNIQUEIDENTIFIER a_pUniqueId, com::Utf8Str &a_rReturn);
|
---|
94 | HRESULT i_getEncodedBytes(PRTASN1CORE a_pAsn1Obj, std::vector<BYTE> &a_rReturn);
|
---|
95 |
|
---|
96 | struct Data;
|
---|
97 | /** Pointer to the private instance data */
|
---|
98 | Data *m;
|
---|
99 | };
|
---|
100 |
|
---|
101 | #endif /* !MAIN_INCLUDED_CertificateImpl_h */
|
---|
102 |
|
---|