scclib
Stable Cloud Computing C++ Library
Files | Classes | Typedefs | Enumerations
X.509 and RSA certificates
cryptography

Certificate encoding using PEM format: https://tools.ietf.org/html/rfc7468. More...

Collaboration diagram for X.509 and RSA certificates:

Files

file  cert.h
 X.509 and RSA certificates.
 
file  cert.cc
 Test file for X.509 and RSA certificates.
 

Classes

struct  scc::crypto::PublicKeyCert
 Public key information certificate. More...
 
struct  scc::crypto::RsaPublicKeyCert
 RSA public key certificate. More...
 
struct  scc::crypto::RsaPrivateKeyCert
 RSA private key certificate. More...
 
struct  scc::crypto::EcParametersCert
 From: https://tools.ietf.org/html/rfc3279#section-2.3.5. More...
 
struct  scc::crypto::EcPublicKeyCert
 Elliptic curve public key. More...
 
struct  scc::crypto::EcPrivateKeyCert
 Private key certificate utility. More...
 
struct  scc::crypto::DirectoryString
 An x.509 directory string is used to store generic names. More...
 
struct  scc::crypto::RDNComp
 
struct  scc::crypto::RelativeDistinguishedName
 
struct  scc::crypto::GeneralName
 General name. More...
 
struct  scc::crypto::ExtBase
 X.509 extensions. More...
 
struct  scc::crypto::ExtSubjectAlternativeName
 Subject alternative name. More...
 
struct  scc::crypto::ExtAuthorityKeyIdentifier
 Authority key identifier. More...
 
struct  scc::crypto::ExtSubjectKeyIdentifier
 Subject key identifier. More...
 
struct  scc::crypto::ExtIssuerAlternativeName
 Issuer alternative name. More...
 
struct  scc::crypto::ExtBasicConstraints
 Basic constraints. More...
 
struct  scc::crypto::ExtKeyUsage
 Key usage. More...
 
struct  scc::crypto::ExtExtendedKeyUsage
 Extended key usage. More...
 
struct  scc::crypto::X509Cert
 X.509 certificate. More...
 
struct  scc::crypto::CertBundle
 Certificate bundle. More...
 

Typedefs

using scc::crypto::RDNPair = std::pair< oid_value, DirectoryString >
 An x.509 relative distingushed name is a set of attribute / directory string names. More...
 
using scc::crypto::ExtBasePtr = std::shared_ptr< ExtBase >
 

Enumerations

enum  scc::crypto::KeyAlgoType {
  unknown = 0 , scc::crypto::rsa , scc::crypto::ec_p192r1 , scc::crypto::ec_p224r1 ,
  scc::crypto::ec_p256r1 , scc::crypto::ec_p384r1 , scc::crypto::ec_p521r1
}
 Key algorithm type. More...
 
enum class  scc::crypto::AttributeType {
  unknown , name , surname , given_name ,
  generation_qualifier , common_name , locality_name , state_or_province_name ,
  organization_name , organizational_unit_name , title , dn_qualifier ,
  country_name , serial_number , pseudonym , organization_id ,
  street_address , domain_component , email_address
}
 Attribute types. More...
 
enum class  ExtType {
  subject_alternative_name , authority_key_identifier , subject_key_identifier , issuer_alternative_name ,
  basic_constraints , key_usage , extended_key_usage
}
 
enum class  scc::crypto::X509SignatureAlgo : int {
  unknown = 0x0 , rsa_md5 = 0x01 , rsa_sha1 = 0x02 , rsa_sha224 = 0x03 ,
  rsa_sha256 = 0x04 , rsa_sha384 = 0x05 , rsa_sha512 = 0x06 , ecdsa_sha1 = 0x10 ,
  ecdsa_sha224 = 0x20 , ecdsa_sha256 = 0x30 , ecdsa_sha384 = 0x40 , ecdsa_sha512 = 0x50
}
 Signature algorithms for X.509 certificates. More...
 

Detailed Description

Certificate encoding using PEM format: https://tools.ietf.org/html/rfc7468.

RSA public and private key ASN.1 syntax: https://tools.ietf.org/html/rfc8017#appendix-A PKCS#1: https://tools.ietf.org/html/rfc8017#page-68

X.509 certificates: https://tools.ietf.org/html/rfc5280 Information on algorithms used in certificates: https://tools.ietf.org/html/rfc3279 PKCS exchange syntax: https://tools.ietf.org/html/rfc7292 Rsa syntax defined in: https://tools.ietf.org/html/rfc3447#page-44

Typedef Documentation

◆ RDNPair

using scc::crypto::RDNPair = typedef std::pair<oid_value, DirectoryString>

An x.509 relative distingushed name is a set of attribute / directory string names.

https://tools.ietf.org/html/rfc5280#section-4.1.2.4

Name ::= CHOICE { – only one possibility for now – rdnSequence RDNSequence }

RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue

AttributeTypeAndValue ::= SEQUENCE { type AttributeType, value AttributeValue }

AttributeType ::= OBJECT IDENTIFIER

AttributeValue ::= ANY – DEFINED BY AttributeType

Definition at line 426 of file cert.h.

Enumeration Type Documentation

◆ AttributeType

enum scc::crypto::AttributeType
strong

Attribute types.

These are defined in x.509 spec, and various other docs.

Main https://tools.ietf.org/html/rfc5280#page-110

id-at OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) ds(5) 4 }

Enumerator
name 

{2, 5, 4, 41} },

surname 

{2, 5, 4, 4} },

given_name 

{2, 5, 4, 42} },

generation_qualifier 

{2, 5, 4, 44} },

common_name 

{2, 5, 4, 3} },

locality_name 

{2, 5, 4, 7} },

state_or_province_name 

{2, 5, 4, 8} },

organization_name 

{2, 5, 4, 10} },

organizational_unit_name 

{2, 5, 4, 11} },

title 

{2, 5, 4, 12} },

dn_qualifier 

{2, 5, 4, 46} },

country_name 

{2, 5, 4, 6} },

serial_number 

{2, 5, 4, 5} },

pseudonym 

{2, 5, 4, 65} },

organization_id 

{2, 5, 4, 97} },

street_address 

{2, 5, 4, 9} },

domain_component 

{ 0, 9, 2342, 19200300, 100, 1, 25 } },

email_address 

{1, 2, 840, 113549, 1, 9, 1} },

Definition at line 381 of file cert.h.

◆ KeyAlgoType

enum scc::crypto::KeyAlgoType

Key algorithm type.

rsa public keys have algorithm_id = {1, 2, 840, 113549, 1, 1, 1}, see https://tools.ietf.org/html/rfc3279#section-2.3.1 ecdsa public keys have algorithm_id = {1, 2, 840, 10045, 2, 1}, see https://tools.ietf.org/html/rfc3279#section-2.3.5

ecdsa supports standard curves where the parameters are an oid identifying the named (standard) curve, see https://tools.ietf.org/html/rfc3279#page-19, and https://tools.ietf.org/html/rfc5480#page-17

Enumerator
rsa 

parameter null

ec_p192r1 

parameter {1, 2, 840, 10045, 3, 1, 1}

ec_p224r1 

parameter {1, 3, 132, 0, 33}

ec_p256r1 

parameter {1, 2, 840, 10045, 3, 1, 7}

ec_p384r1 

parameter {1, 3, 132, 0, 34}

ec_p521r1 

parameter {1, 3, 132, 0, 35}

Definition at line 77 of file cert.h.

◆ X509SignatureAlgo

enum scc::crypto::X509SignatureAlgo : int
strong

Signature algorithms for X.509 certificates.

A list of signature algorithms which can be used to sign certificates.

Algorithms which are unsupported are listed as unknown.

See:

Enumerator
rsa_md5 

{1, 2, 840, 113549, 1, 1, 4}

rsa_sha1 

{1, 2, 840, 113549, 1, 1, 5}

rsa_sha224 

{1, 2, 840, 113549, 1, 1, 14}

rsa_sha256 

{1, 2, 840, 113549, 1, 1, 11}

rsa_sha384 

{1, 2, 840, 113549, 1, 1, 12}

rsa_sha512 

{1, 2, 840, 113549, 1, 1, 13}

ecdsa_sha1 

{1, 2, 840, 10045, 4, 1}

ecdsa_sha224 

{1, 2, 840, 10045, 4, 3, 1}

ecdsa_sha256 

{1, 2, 840, 10045, 4, 3, 2}

ecdsa_sha384 

{1, 2, 840, 10045, 4, 3, 3}

ecdsa_sha512 

{1, 2, 840, 10045, 4, 3, 4}

Definition at line 1257 of file cert.h.

Generated by doxygen 1.9.1