blob: c9f43146eeb48bac2d61a0e4b1401cdcabdecbf4 [file] [log] [blame]
// Copyright 2011 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BSSL_PKI_PEM_H_
#define BSSL_PKI_PEM_H_
#include <stddef.h>
#include <string>
#include <string_view>
#include <vector>
#include <openssl/base.h>
BSSL_NAMESPACE_BEGIN
// PEMTokenizer is a utility class for the parsing of data encapsulated
// using RFC 1421, Privacy Enhancement for Internet Electronic Mail. It
// does not implement the full specification, most notably it does not
// support the Encapsulated Header Portion described in Section 4.4.
class OPENSSL_EXPORT PEMTokenizer {
public:
// Create a new PEMTokenizer that iterates through |str| searching for
// instances of PEM encoded blocks that are of the |allowed_block_types|.
// |str| must remain valid for the duration of the PEMTokenizer.
PEMTokenizer(std::string_view str,
const std::vector<std::string> &allowed_block_types);
PEMTokenizer(const PEMTokenizer &) = delete;
PEMTokenizer &operator=(const PEMTokenizer &) = delete;
~PEMTokenizer();
// Attempts to decode the next PEM block in the string. Returns false if no
// PEM blocks can be decoded. The decoded PEM block will be available via
// data().
bool GetNext();
// Returns the PEM block type (eg: CERTIFICATE) of the last successfully
// decoded PEM block.
// GetNext() must have returned true before calling this method.
const std::string &block_type() const { return block_type_; }
// Returns the raw, Base64-decoded data of the last successfully decoded
// PEM block.
// GetNext() must have returned true before calling this method.
const std::string &data() const { return data_; }
private:
void Init(std::string_view str,
const std::vector<std::string> &allowed_block_types);
// A simple cache of the allowed PEM header and footer for a given PEM
// block type, so that it is only computed once.
struct PEMType;
// The string to search, which must remain valid for as long as this class
// is around.
std::string_view str_;
// The current position within |str_| that searching should begin from,
// or std::string_view::npos if iteration is complete
std::string_view::size_type pos_;
// The type of data that was encoded, as indicated in the PEM
// Pre-Encapsulation Boundary (eg: CERTIFICATE, PKCS7, or
// PRIVACY-ENHANCED MESSAGE).
std::string block_type_;
// The types of PEM blocks that are allowed. PEM blocks that are not of
// one of these types will be skipped.
std::vector<PEMType> block_types_;
// The raw (Base64-decoded) data of the last successfully decoded block.
std::string data_;
};
// Encodes |data| in the encapsulated message format described in RFC 1421,
// with |type| as the PEM block type (eg: CERTIFICATE).
OPENSSL_EXPORT std::string PEMEncode(std::string_view data,
const std::string &type);
BSSL_NAMESPACE_END
#endif // BSSL_PKI_PEM_H_