#include <verifier.h>

Inherited by ccf::crypto::Verifier_OpenSSL.

Public Member Functions
	Verifier ()=default

virtual	~Verifier ()=default

virtual std::vector< uint8_t >	cert_der ()=0

virtual Pem	cert_pem ()=0

virtual bool	verify (const uint8_t contents, size_t contents_size, const uint8_t sig, size_t sig_size, MDType md_type=MDType::NONE) const

virtual bool	verify (std::span< const uint8_t > contents, std::span< const uint8_t > sig, MDType md_type=MDType::NONE) const

virtual bool	verify (const std::vector< uint8_t > &contents, const std::vector< uint8_t > &signature, MDType md_type=MDType::NONE) const

virtual bool	verify_hash (const uint8_t hash, size_t hash_size, const uint8_t sig, size_t sig_size, MDType md_type=MDType::NONE)

virtual bool	verify_hash (const std::vector< uint8_t > &hash, const std::vector< uint8_t > &signature, MDType md_type=MDType::NONE)

template<size_t SIZE>
bool	verify_hash (const std::array< uint8_t, SIZE > &hash, const std::vector< uint8_t > &signature, MDType md_type=MDType::NONE)

virtual Pem	public_key_pem () const

virtual std::vector< uint8_t >	public_key_der () const

virtual bool	verify_certificate (const std::vector< const Pem * > &trusted_certs, const std::vector< const Pem * > &chain={}, bool ignore_time=false)=0

virtual bool	is_self_signed () const =0

virtual std::string	serial_number () const =0

virtual std::pair< std::string, std::string >	validity_period () const =0

virtual size_t	remaining_seconds (const std::chrono::system_clock::time_point &now) const =0

virtual double	remaining_percentage (const std::chrono::system_clock::time_point &now) const =0

virtual std::string	subject () const =0

Protected Attributes
std::variant< ccf::crypto::RSAPublicKeyPtr, ccf::crypto::ECPublicKeyPtr >	public_key

Constructor & Destructor Documentation

◆ Verifier()

ccf::crypto::Verifier::Verifier ( )

default

◆ ~Verifier()

virtual ccf::crypto::Verifier::~Verifier ( )

virtualdefault

Member Function Documentation

◆ cert_der()

virtual std::vector< uint8_t > ccf::crypto::Verifier::cert_der ( )

pure virtual

Implemented in ccf::crypto::Verifier_OpenSSL.

◆ cert_pem()

virtual Pem ccf::crypto::Verifier::cert_pem ( )

pure virtual

Implemented in ccf::crypto::Verifier_OpenSSL.

◆ is_self_signed()

virtual bool ccf::crypto::Verifier::is_self_signed ( ) const

pure virtual

Indicates whether the certificate (held intenally) is self-signed

Implemented in ccf::crypto::Verifier_OpenSSL.

◆ public_key_der()

std::vector< uint8_t > ccf::crypto::Verifier::public_key_der ( ) const

virtual

Extract the public key of the certificate in DER format

Returns: DER encoded public key

◆ public_key_pem()

Pem ccf::crypto::Verifier::public_key_pem ( ) const

virtual

Extract the public key of the certificate in PEM format

Returns: PEM encoded public key

◆ remaining_percentage()

virtual double ccf::crypto::Verifier::remaining_percentage ( const std::chrono::system_clock::time_point & now ) const

pure virtual

The percentage of the validity period of the certificate remaining

Implemented in ccf::crypto::Verifier_OpenSSL.

◆ remaining_seconds()

virtual size_t ccf::crypto::Verifier::remaining_seconds ( const std::chrono::system_clock::time_point & now ) const

pure virtual

The number of seconds of the validity period of the certificate remaining

Implemented in ccf::crypto::Verifier_OpenSSL.

◆ serial_number()

virtual std::string ccf::crypto::Verifier::serial_number ( ) const

pure virtual

The serial number of the certificate

Implemented in ccf::crypto::Verifier_OpenSSL.

◆ subject()

virtual std::string ccf::crypto::Verifier::subject ( ) const

pure virtual

The subject name of the certificate

Implemented in ccf::crypto::Verifier_OpenSSL.

◆ validity_period()

virtual std::pair< std::string, std::string > ccf::crypto::Verifier::validity_period ( ) const

pure virtual

The validity period of the certificate

Implemented in ccf::crypto::Verifier_OpenSSL.

◆ verify() [1/3]

virtual bool ccf::crypto::Verifier::verify	(	const std::vector< uint8_t > &	contents,
		const std::vector< uint8_t > &	signature,
		MDType	md_type = `MDType::NONE`
	)		const

inlinevirtual

Verify a signature

Parameters

contents	Contents over which the signature was generated
signature	Signature
md_type	Hash algorithm

Returns: Boolean indicating success

◆ verify() [2/3]

bool ccf::crypto::Verifier::verify	(	const uint8_t *	contents,
		size_t	contents_size,
		const uint8_t *	sig,
		size_t	sig_size,
		MDType	md_type = `MDType::NONE`
	)		const

virtual

Verify a signature

Parameters

contents	Contents over which the signature was generated
contents_size	Size of `contents`
sig	Signature
sig_size	Size of `sig`
md_type	Hash algorithm

Returns: Boolean indicating success

◆ verify() [3/3]

virtual bool ccf::crypto::Verifier::verify	(	std::span< const uint8_t >	contents,
		std::span< const uint8_t >	sig,
		MDType	md_type = `MDType::NONE`
	)		const

inlinevirtual

Verify a signature

Parameters

contents	Contents over which the signature was generated
sig	Signature
md_type	Hash algorithm

Returns: Boolean indicating success

◆ verify_certificate()

virtual bool ccf::crypto::Verifier::verify_certificate	(	const std::vector< const Pem * > &	trusted_certs,
		const std::vector< const Pem * > &	chain = `{}`,
		bool	ignore_time = `false`
	)

pure virtual

Verify the certificate (held internally)

Parameters

trusted_certs	Vector of trusted certificates
chain	Vector of ordered untrusted certificates used to build a chain to trusted certificates
ignore_time	Flag to disable certificate expiry checks

Returns: true if the verification is successful

Implemented in ccf::crypto::Verifier_OpenSSL.

◆ verify_hash() [1/3]

template<size_t SIZE>

bool ccf::crypto::Verifier::verify_hash	(	const std::array< uint8_t, SIZE > &	hash,
		const std::vector< uint8_t > &	signature,
		MDType	md_type = `MDType::NONE`
	)

inline

Verify a signature over a hash

Parameters

hash	Hash over which the signature was generated
signature	Signature
md_type	Hash algorithm

Returns: Boolean indicating success

◆ verify_hash() [2/3]

virtual bool ccf::crypto::Verifier::verify_hash	(	const std::vector< uint8_t > &	hash,
		const std::vector< uint8_t > &	signature,
		MDType	md_type = `MDType::NONE`
	)

inlinevirtual

Verify a signature over a hash

Parameters

hash	Hash over which the signature was generated
signature	Signature
md_type	Hash algorithm

Returns: Boolean indicating success

◆ verify_hash() [3/3]

bool ccf::crypto::Verifier::verify_hash	(	const uint8_t *	hash,
		size_t	hash_size,
		const uint8_t *	sig,
		size_t	sig_size,
		MDType	md_type = `MDType::NONE`
	)

virtual

Verify a signature over a hash

Parameters

hash	Hash over which the signature was generated
hash_size	Size of `hash`
sig	Signature
sig_size	Size of `sig`
md_type	Hash algorithm

Returns: Boolean indicating success

Member Data Documentation

◆ public_key

std::variant<ccf::crypto::RSAPublicKeyPtr, ccf::crypto::ECPublicKeyPtr> ccf::crypto::Verifier::public_key

protected

The documentation for this class was generated from the following files:

include/ccf/crypto/verifier.h
src/crypto/verifier.cpp

Public Member Functions

Protected Attributes

Constructor & Destructor Documentation

◆ Verifier()

◆ ~Verifier()

Member Function Documentation

◆ cert_der()

◆ cert_pem()

◆ is_self_signed()

◆ public_key_der()

◆ public_key_pem()

◆ remaining_percentage()

◆ remaining_seconds()

◆ serial_number()

◆ subject()

◆ validity_period()

◆ verify() [1/3]

◆ verify() [2/3]

◆ verify() [3/3]

◆ verify_certificate()

◆ verify_hash() [1/3]

◆ verify_hash() [2/3]

◆ verify_hash() [3/3]

Member Data Documentation

◆ public_key