PLCnext API Documentation 23.0.2.9
Certificate.hpp
1
2//
3// Copyright PHOENIX CONTACT Electronics GmbH
4//
6#pragma once
8#include "Arp/System/Core/AppDomainSingleton.hxx"
9#include "Arp/System/Commons/Logging.h"
10#include "Arp/System/Commons/Security/Asn1Time.hpp"
11#include "Arp/System/Commons/Security/ItemInfo.hpp"
12#include "Arp/System/Commons/Security/Internal/OpenSslBio.hpp"
13#include <map>
14#include <vector>
15
16#include <openssl/x509.h>
17#include <openssl/x509v3.h>
18
19using namespace Arp::System::Commons::Security::Internal;
20
21namespace Arp { namespace System { namespace Commons { namespace Security
22{
23
25class Certificate : private Loggable<Certificate>
26{
27public: // typedefs
28
29public: // construction/destruction
33 Certificate(const String& filename);
35 Certificate(const std::vector<byte>& pemOrDerEncoding);
36 explicit Certificate(X509* cert);
37
38
41 Certificate(Certificate&& arg) noexcept;
43 virtual Certificate& operator=(const Certificate& arg);
44 Certificate& operator=(Certificate&& arg) noexcept;
46 virtual ~Certificate(void);
47
48public: // operators
50 operator X509*() const;
51
52public: // static operations
54 static String Rfc2253Format(X509_NAME* name);
55
66 static String GetAttributeValueByNid(X509_NAME *name, int nid);
67
75 static String HexString(ASN1_INTEGER* integer);
76
77public: // setter/getter operations
82 const String& GetFilename(void) const;
83
86
88 String GetSubject(void) const;
89
92
95
97 String GetIssuer(void) const;
98
101
103 const String& GetIdentifier(void) const;
104
106 DateTime GetValidityNotBefore(void) const; // please care: for some values DateTime::ToIso8601String does not work on 32 bit systems
107
110
112 DateTime GetValidityNotAfter(void) const; // please care: for some values DateTime::ToIso8601String does not work on 32 bit systems
113
116
118 std::vector<byte> GetPemData(void) const;
119
121 std::vector<byte> GetDerData(void) const;
122
125
126public: // operations
128 void LoadFromFile(const String& filename);
129
131 int LoadFromMemory(const std::vector<byte>& data, int offset = 0);
132
138 bool TryLoadFromMemory(const std::vector<byte>& data, int& offset);
139
145 bool TryLoadFromBio(OpenSslBio& bio, int& offset);
146
148 void SaveToFilePem(const String& filename) const;
149
151 void AppendToFilePem(const String& filename) const;
152
154 void SaveToFileDer(const String& filename) const;
155
156private: // static methods
157
158private: // methods
159 bool loadPemFile(OpenSslBio& pBio);
160 bool loadDerFile(OpenSslBio& pBio);
161 void generateIdentifier(void);
162
163protected: // fields
164 String identifier;
165 X509* internalCertificate;
166
167private: // fields
168 String filename;
169
170private: // static fields
171};
172
174// inline methods of class Certificate
175
176inline Certificate::operator X509*() const
177{
178 return this->internalCertificate;
179}
180
181inline const String& Certificate::GetFilename() const
182{
183 return this->filename;
184}
185
186}}}} // end of namespace Arp::System::Commons::Security
The class contains date and time informations.
Definition: DateTime.hpp:45
Helper class to handle ASN1Time objects in x.509 Certificates
Definition: Asn1Time.hpp:23
Class to handle x.509 certificates
Definition: Certificate.hpp:26
virtual ~Certificate(void)
Destructs this instance and frees all resources.
DateTime GetValidityNotAfter(void) const
returns the notAfter field of the x.509 as DateTime object
Asn1Time GetValidityNotBeforeAsn1(void) const
returns the notBefore field of the x.509 as Asn1Time object
Certificate(const std::vector< byte > &pemOrDerEncoding)
Constructs an Certificate instance load from memory
bool TryLoadFromMemory(const std::vector< byte > &data, int &offset)
tries to load the certificate from memory. byte vector can be PEM or DER encoded
void AppendToFilePem(const String &filename) const
appends the certificate in PEM format to filename
static String Rfc2253Format(X509_NAME *name)
static function to convert an openssl X509_NAME to an rfc2253 string
Certificate(const String &filename)
Constructs an Certificate instance load from a file
String GetSerialNumberHex(void) const
returns the filename were this x.509 certificate was loaded from
String GetSubjectCommonName(void) const
returns the common name of the subject
void SaveToFilePem(const String &filename) const
saves the certificate in PEM format to filename
void SaveToFileDer(const String &filename) const
saves the certificate in DER format to filename
virtual Certificate & operator=(const Certificate &arg)
Assignment operator.
ItemInfo GetItemInfo(void) const
returns ItemInfo for the Certificate
bool TryLoadFromBio(OpenSslBio &bio, int &offset)
tries to load the certificate from OpenSslBio.
static String GetAttributeValueByNid(X509_NAME *name, int nid)
static function to extract an attribute value out of an openssl X509_NAME object identified by NID
String GetSubjectSerialNumber(void) const
return the serialnumber of the subject as string
std::vector< byte > GetPemData(void) const
returns the certificate encoded in PEM format
int LoadFromMemory(const std::vector< byte > &data, int offset=0)
loads the certificate from memory. byte vector can be PEM or DER encoded
String GetSubject(void) const
returns the subject of the x.509 certificate as string (rfc2253 formatted)
DateTime GetValidityNotBefore(void) const
returns the notBefore field of the x.509 as DateTime object
Certificate(void)
Constructs an empty Certificate instance to be loaded from file or memory.
std::vector< byte > GetDerData(void) const
returns the certificate encoded in DER format
void LoadFromFile(const String &filename)
loads the certificate from a file. File can be PEM or DER encoded
Asn1Time GetValidityNotAfterAsn1(void) const
returns the notAfter field of the x.509 as Asn1Time object
String GetIssuerCommonName(void) const
returns the common name of the issuer
const String & GetFilename(void) const
returns the filename were this x.509 certificate was loaded from
Definition: Certificate.hpp:181
static String HexString(ASN1_INTEGER *integer)
static function convert an openssl ASN1_INTEGER to hexadecimal String representation
String GetIssuer(void) const
returns the issuer of the x.509 certificate as string (rfc2253 formatted)
const String & GetIdentifier(void) const
returns an unique identifier for this certificate as string (sha256 hash of the x....
Certificate(const Certificate &arg)
Copy constructor.
Definition: ItemInfo.hpp:12
@ System
System components used by the System, Device, Plc or Io domains.
Root namespace for the PLCnext API