CCF
Loading...
Searching...
No Matches
verifier.h
Go to the documentation of this file.
1// Copyright (c) Microsoft Corporation. All rights reserved.
2// Licensed under the Apache 2.0 License.
3#pragma once
4
5#include "ccf/crypto/jwk.h"
6#include "ccf/crypto/key_pair.h"
7#include "ccf/crypto/pem.h"
8#include "ccf/crypto/public_key.h"
9
10#include <chrono>
11
12namespace ccf::crypto
13{
14 class Verifier
15 {
16 protected:
17 std::shared_ptr<PublicKey> public_key;
18
19 public:
20 Verifier() : public_key(nullptr) {}
21 virtual ~Verifier() {}
22
23 virtual std::vector<uint8_t> cert_der() = 0;
24 virtual Pem cert_pem() = 0;
25
34 virtual bool verify(
35 const uint8_t* contents,
36 size_t contents_size,
37 const uint8_t* sig,
38 size_t sig_size,
39 MDType md_type = MDType::NONE) const
40 {
41 return public_key->verify(
42 contents, contents_size, sig, sig_size, md_type);
43 }
44
51 virtual bool verify(
52 std::span<const uint8_t> contents,
53 std::span<const uint8_t> sig,
54 MDType md_type = MDType::NONE) const
55 {
56 return verify(
57 contents.data(), contents.size(), sig.data(), sig.size(), md_type);
58 }
59
69 virtual bool verify(
70 const uint8_t* contents,
71 size_t contents_size,
72 const uint8_t* sig,
73 size_t sig_size,
74 MDType md_type,
75 HashBytes& hash_bytes) const
76 {
77 return public_key->verify(
78 contents, contents_size, sig, sig_size, md_type, hash_bytes);
79 }
80
87 virtual bool verify(
88 const std::vector<uint8_t>& contents,
89 const std::vector<uint8_t>& signature,
90 MDType md_type = MDType::NONE) const
91 {
92 return verify(
93 contents.data(),
94 contents.size(),
95 signature.data(),
96 signature.size(),
97 md_type);
98 }
99
107 virtual bool verify(
108 const std::vector<uint8_t>& contents,
109 const std::vector<uint8_t>& signature,
110 MDType md_type,
111 HashBytes& hash_bytes) const
112 {
113 return verify(
114 contents.data(),
115 contents.size(),
116 signature.data(),
117 signature.size(),
118 md_type,
119 hash_bytes);
120 }
121
130 virtual bool verify_hash(
131 const uint8_t* hash,
132 size_t hash_size,
133 const uint8_t* sig,
134 size_t sig_size,
135 MDType md_type = MDType::NONE)
136 {
137 return public_key->verify_hash(hash, hash_size, sig, sig_size, md_type);
138 }
139
146 virtual bool verify_hash(
147 const std::vector<uint8_t>& hash,
148 const std::vector<uint8_t>& signature,
149 MDType md_type = MDType::NONE)
150 {
151 return verify_hash(
152 hash.data(), hash.size(), signature.data(), signature.size(), md_type);
153 }
154
161 template <size_t SIZE>
162 bool verify_hash(
163 const std::array<uint8_t, SIZE>& hash,
164 const std::vector<uint8_t>& signature,
165 MDType md_type = MDType::NONE)
166 {
167 return verify_hash(
168 hash.data(), hash.size(), signature.data(), signature.size(), md_type);
169 }
170
174 virtual Pem public_key_pem() const
175 {
176 return public_key->public_key_pem();
177 }
178
182 virtual std::vector<uint8_t> public_key_der() const
183 {
184 return public_key->public_key_der();
185 }
186
194 virtual bool verify_certificate(
195 const std::vector<const Pem*>& trusted_certs,
196 const std::vector<const Pem*>& chain = {},
197 bool ignore_time = false) = 0;
198
200 virtual bool is_self_signed() const = 0;
201
203 virtual std::string serial_number() const = 0;
204
206 virtual std::pair<std::string, std::string> validity_period() const = 0;
207
210 virtual size_t remaining_seconds(
211 const std::chrono::system_clock::time_point& now) const = 0;
212
214 virtual double remaining_percentage(
215 const std::chrono::system_clock::time_point& now) const = 0;
216
218 virtual std::string subject() const = 0;
219
221 virtual JsonWebKeyECPublic public_key_jwk(
222 const std::optional<std::string>& kid = std::nullopt) const
223 {
224 return public_key->public_key_jwk(kid);
225 }
226 };
227
228 using VerifierPtr = std::shared_ptr<Verifier>;
229 using VerifierUniquePtr = std::unique_ptr<Verifier>;
230
235 VerifierUniquePtr make_unique_verifier(const std::vector<uint8_t>& cert);
236
241 VerifierPtr make_verifier(const std::vector<uint8_t>& cert);
242
247 VerifierUniquePtr make_unique_verifier(const Pem& pem);
248
253 VerifierPtr make_verifier(const Pem& pem);
254
255 ccf::crypto::Pem cert_der_to_pem(const std::vector<uint8_t>& der);
256 std::vector<uint8_t> cert_pem_to_der(const Pem& pem);
257
258 std::vector<uint8_t> public_key_der_from_cert(
259 const std::vector<uint8_t>& der);
260
261 ccf::crypto::Pem public_key_pem_from_cert(const std::vector<uint8_t>& der);
262
263 std::string get_subject_name(const Pem& cert);
264}
ccf::crypto::Pem
Definition pem.h:18
ccf::crypto::Verifier
Definition verifier.h:15
ccf::crypto::Verifier::remaining_percentage
virtual double remaining_percentage(const std::chrono::system_clock::time_point &now) const =0
ccf::crypto::Verifier::verify_hash
virtual bool verify_hash(const uint8_t *hash, size_t hash_size, const uint8_t *sig, size_t sig_size, MDType md_type=MDType::NONE)
Definition verifier.h:130
ccf::crypto::Verifier::verify
virtual bool verify(std::span< const uint8_t > contents, std::span< const uint8_t > sig, MDType md_type=MDType::NONE) const
Definition verifier.h:51
ccf::crypto::Verifier::~Verifier
virtual ~Verifier()
Definition verifier.h:21
ccf::crypto::Verifier::public_key_pem
virtual Pem public_key_pem() const
Definition verifier.h:174
ccf::crypto::Verifier::verify
virtual bool verify(const std::vector< uint8_t > &contents, const std::vector< uint8_t > &signature, MDType md_type=MDType::NONE) const
Definition verifier.h:87
ccf::crypto::Verifier::verify_hash
bool verify_hash(const std::array< uint8_t, SIZE > &hash, const std::vector< uint8_t > &signature, MDType md_type=MDType::NONE)
Definition verifier.h:162
ccf::crypto::Verifier::subject
virtual std::string subject() const =0
ccf::crypto::Verifier::verify_certificate
virtual bool verify_certificate(const std::vector< const Pem * > &trusted_certs, const std::vector< const Pem * > &chain={}, bool ignore_time=false)=0
ccf::crypto::Verifier::verify_hash
virtual bool verify_hash(const std::vector< uint8_t > &hash, const std::vector< uint8_t > &signature, MDType md_type=MDType::NONE)
Definition verifier.h:146
ccf::crypto::Verifier::cert_pem
virtual Pem cert_pem()=0
ccf::crypto::Verifier::public_key_jwk
virtual JsonWebKeyECPublic public_key_jwk(const std::optional< std::string > &kid=std::nullopt) const
Definition verifier.h:221
ccf::crypto::Verifier::Verifier
Verifier()
Definition verifier.h:20
ccf::crypto::Verifier::is_self_signed
virtual bool is_self_signed() const =0
ccf::crypto::Verifier::verify
virtual bool verify(const uint8_t *contents, size_t contents_size, const uint8_t *sig, size_t sig_size, MDType md_type, HashBytes &hash_bytes) const
Definition verifier.h:69
ccf::crypto::Verifier::public_key_der
virtual std::vector< uint8_t > public_key_der() const
Definition verifier.h:182
ccf::crypto::Verifier::cert_der
virtual std::vector< uint8_t > cert_der()=0
ccf::crypto::Verifier::verify
virtual bool verify(const uint8_t *contents, size_t contents_size, const uint8_t *sig, size_t sig_size, MDType md_type=MDType::NONE) const
Definition verifier.h:34
ccf::crypto::Verifier::verify
virtual bool verify(const std::vector< uint8_t > &contents, const std::vector< uint8_t > &signature, MDType md_type, HashBytes &hash_bytes) const
Definition verifier.h:107
ccf::crypto::Verifier::public_key
std::shared_ptr< PublicKey > public_key
Definition verifier.h:17
ccf::crypto::Verifier::validity_period
virtual std::pair< std::string, std::string > validity_period() const =0
ccf::crypto::Verifier::remaining_seconds
virtual size_t remaining_seconds(const std::chrono::system_clock::time_point &now) const =0
ccf::crypto::Verifier::serial_number
virtual std::string serial_number() const =0
key_pair.h
public_key.h
ccf::crypto
Definition base64.h:10
ccf::crypto::cert_der_to_pem
ccf::crypto::Pem cert_der_to_pem(const std::vector< uint8_t > &der)
Definition verifier.cpp:33
ccf::crypto::make_unique_verifier
VerifierUniquePtr make_unique_verifier(const std::vector< uint8_t > &cert)
Definition verifier.cpp:13
ccf::crypto::VerifierUniquePtr
std::unique_ptr< Verifier > VerifierUniquePtr
Definition verifier.h:229
ccf::crypto::public_key_pem_from_cert
ccf::crypto::Pem public_key_pem_from_cert(const std::vector< uint8_t > &der)
Definition verifier.cpp:48
ccf::crypto::HashBytes
std::vector< uint8_t > HashBytes
Definition hash_bytes.h:10
ccf::crypto::MDType
MDType
Definition md_type.h:10
ccf::crypto::VerifierPtr
std::shared_ptr< Verifier > VerifierPtr
Definition verifier.h:228
ccf::crypto::make_verifier
VerifierPtr make_verifier(const std::vector< uint8_t > &cert)
Definition verifier.cpp:18
ccf::crypto::get_subject_name
std::string get_subject_name(const Pem &cert)
Definition verifier.cpp:53
ccf::crypto::public_key_der_from_cert
std::vector< uint8_t > public_key_der_from_cert(const std::vector< uint8_t > &der)
Definition verifier.cpp:43
ccf::crypto::cert_pem_to_der
std::vector< uint8_t > cert_pem_to_der(const Pem &pem)
Definition verifier.cpp:38
Generated by doxygen 1.9.8