xref: /aosp_15_r20/external/cronet/third_party/boringssl/src/pki/pem.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2011 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef BSSL_PKI_PEM_H_
6 #define BSSL_PKI_PEM_H_
7 
8 #include <stddef.h>
9 
10 #include <string>
11 #include <string_view>
12 #include <vector>
13 
14 #include <openssl/base.h>
15 
16 namespace bssl {
17 
18 // PEMTokenizer is a utility class for the parsing of data encapsulated
19 // using RFC 1421, Privacy Enhancement for Internet Electronic Mail. It
20 // does not implement the full specification, most notably it does not
21 // support the Encapsulated Header Portion described in Section 4.4.
22 class OPENSSL_EXPORT PEMTokenizer {
23  public:
24   // Create a new PEMTokenizer that iterates through |str| searching for
25   // instances of PEM encoded blocks that are of the |allowed_block_types|.
26   // |str| must remain valid for the duration of the PEMTokenizer.
27   PEMTokenizer(std::string_view str,
28                const std::vector<std::string> &allowed_block_types);
29 
30   PEMTokenizer(const PEMTokenizer &) = delete;
31   PEMTokenizer &operator=(const PEMTokenizer &) = delete;
32 
33   ~PEMTokenizer();
34 
35   // Attempts to decode the next PEM block in the string. Returns false if no
36   // PEM blocks can be decoded. The decoded PEM block will be available via
37   // data().
38   bool GetNext();
39 
40   // Returns the PEM block type (eg: CERTIFICATE) of the last successfully
41   // decoded PEM block.
42   // GetNext() must have returned true before calling this method.
block_type()43   const std::string &block_type() const { return block_type_; }
44 
45   // Returns the raw, Base64-decoded data of the last successfully decoded
46   // PEM block.
47   // GetNext() must have returned true before calling this method.
data()48   const std::string &data() const { return data_; }
49 
50  private:
51   void Init(std::string_view str,
52             const std::vector<std::string> &allowed_block_types);
53 
54   // A simple cache of the allowed PEM header and footer for a given PEM
55   // block type, so that it is only computed once.
56   struct PEMType;
57 
58   // The string to search, which must remain valid for as long as this class
59   // is around.
60   std::string_view str_;
61 
62   // The current position within |str_| that searching should begin from,
63   // or std::string_view::npos if iteration is complete
64   std::string_view::size_type pos_;
65 
66   // The type of data that was encoded, as indicated in the PEM
67   // Pre-Encapsulation Boundary (eg: CERTIFICATE, PKCS7, or
68   // PRIVACY-ENHANCED MESSAGE).
69   std::string block_type_;
70 
71   // The types of PEM blocks that are allowed. PEM blocks that are not of
72   // one of these types will be skipped.
73   std::vector<PEMType> block_types_;
74 
75   // The raw (Base64-decoded) data of the last successfully decoded block.
76   std::string data_;
77 };
78 
79 // Encodes |data| in the encapsulated message format described in RFC 1421,
80 // with |type| as the PEM block type (eg: CERTIFICATE).
81 OPENSSL_EXPORT std::string PEMEncode(std::string_view data,
82                                      const std::string &type);
83 
84 }  // namespace bssl
85 
86 #endif  // BSSL_PKI_PEM_H_
87