1 /*
2  * FDBLibTLSVerify.h
3  *
4  * This source file is part of the FoundationDB open source project
5  *
6  * Copyright 2013-2018 Apple Inc. and the FoundationDB project authors
7  *
8  * Licensed under the Apache License, Version 2.0 (the "License");
9  * you may not use this file except in compliance with the License.
10  * You may obtain a copy of the License at
11  *
12  *     http://www.apache.org/licenses/LICENSE-2.0
13  *
14  * Unless required by applicable law or agreed to in writing, software
15  * distributed under the License is distributed on an "AS IS" BASIS,
16  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17  * See the License for the specific language governing permissions and
18  * limitations under the License.
19  */
20 
21 #ifndef FDB_LIBTLS_VERIFY_H
22 #define FDB_LIBTLS_VERIFY_H
23 
24 #pragma once
25 
26 #include <stdint.h>
27 
28 #include "ReferenceCounted.h"
29 
30 #include <map>
31 #include <string>
32 #include <utility>
33 
34 typedef int NID;
35 
36 enum class MatchType {
37 	EXACT,
38 	PREFIX,
39 	SUFFIX,
40 };
41 
42 enum class X509Location {
43 	// This NID is located within a X509_NAME
44 	NAME,
45 	// This NID is an X509 extension, and should be parsed accordingly
46 	EXTENSION,
47 };
48 
49 struct Criteria {
CriteriaCriteria50 	Criteria( const std::string& s )
51 		: criteria(s), match_type(MatchType::EXACT), location(X509Location::NAME) {}
CriteriaCriteria52 	Criteria( const std::string& s, MatchType mt )
53 		: criteria(s), match_type(mt), location(X509Location::NAME) {}
CriteriaCriteria54 	Criteria( const std::string& s, X509Location loc)
55 		: criteria(s), match_type(MatchType::EXACT), location(loc) {}
CriteriaCriteria56 	Criteria( const std::string& s, MatchType mt, X509Location loc)
57 		: criteria(s), match_type(mt), location(loc) {}
58 
59 	std::string criteria;
60 	MatchType match_type;
61 	X509Location location;
62 
63 	bool operator==(const Criteria& c) const {
64 		return criteria == c.criteria && match_type == c.match_type && location == c.location;
65 	}
66 };
67 
68 struct FDBLibTLSVerify: ReferenceCounted<FDBLibTLSVerify> {
69 	FDBLibTLSVerify(std::string verify);
70 	virtual ~FDBLibTLSVerify();
71 
addrefFDBLibTLSVerify72 	virtual void addref() { ReferenceCounted<FDBLibTLSVerify>::addref(); }
delrefFDBLibTLSVerify73 	virtual void delref() { ReferenceCounted<FDBLibTLSVerify>::delref(); }
74 
75 	void parse_verify(std::string input);
76 
77 	bool verify_cert;
78 	bool verify_time;
79 
80 	std::map< NID, Criteria > subject_criteria;
81 	std::map< NID, Criteria > issuer_criteria;
82 	std::map< NID, Criteria > root_criteria;
83 };
84 
85 #endif /* FDB_LIBTLS_VERIFY_H */
86