/////////////////////////////////////////////////////////////////////////////// // Copyright (C) 2002-2025, Open Design Alliance (the "Alliance"). // All rights reserved. // // This software and its documentation and related materials are owned by // the Alliance. The software may only be incorporated into application // programs owned by members of the Alliance, subject to a signed // Membership Agreement and Supplemental Software License Agreement with the // Alliance. The structure and organization of this software are the valuable // trade secrets of the Alliance and its suppliers. The software is also // protected by copyright law and international treaty provisions. Application // programs incorporating this software must include the following statement // with their copyright notices: // // This application incorporates Open Design Alliance software pursuant to a license // agreement with Open Design Alliance. // Open Design Alliance Copyright (C) 2002-2025 by Open Design Alliance. // All rights reserved. // // By use of this software, its documentation or related materials, you // acknowledge and accept the above terms. /////////////////////////////////////////////////////////////////////////////// #pragma once #include "OdCryptoServices/OdCryptoServices.h" #include "StringArray.h" #include "TD_PackPush.h" /** \details This class defines interface for alternative (custom PEM-based) certificate storage, allowing explicit control over file locations of end-entity certificates and private keys. */ class FIRSTDLL_EXPORT OdAlternativeCertificateStore : public OdRxObject { public: ODRX_DECLARE_MEMBERS(OdAlternativeCertificateStore); /** \details Returns personal certificates for which private key is available and trusted status. \param certificates [out] array to store descriptions. \returns number of certificates obtained. */ virtual OdUInt32 getPersonalCertsWithTrustedStatus(OdArray& certificates) const = 0; /** \details Returns certificate object corresponding to short description. \param certShortDesc [in] short description. \returns certificate object pointer, or NULL if not found. */ virtual OdCertificateObjectPtr getCertObjByShortDesc(const OdCertificateShortDesc& certShortDesc) const = 0; /** \details Checks trusted status of a certificate using CA files from this store only. \param cert [in] certificate to check. \returns true if trusted, false otherwise. */ virtual bool isTrusted(OdCertificateObjectPtr cert) const = 0; /** \details Sets directory where PEM certificates are located. */ virtual void setCertsDirectory(const OdString& dir) = 0; /** \details Returns directory where PEM certificates are located. */ virtual OdString certsDirectory() const = 0; /** \details Sets directory where PEM private keys are located. */ virtual void setPrivateKeysDirectory(const OdString& dir) = 0; /** \details Returns directory where PEM private keys are located. */ virtual OdString privateKeysDirectory() const = 0; /** \details Sets directory where trusted CA certificates for this store are located. */ virtual void setCaDirectory(const OdString& dir) = 0; /** \details Returns directory where trusted CA certificates for this store are located (may be the same as certsDirectory). By default, returns certsDirectory. */ virtual OdString caDirectory() const { return certsDirectory(); } /** \details Sets full path to CA bundle file for this store. */ virtual void setCaBundleFile(const OdString& fullPathToCaBundle) = 0; /** \details Returns filename of CA bundle for this store, if present (may return empty string). */ virtual OdString caBundleFile() const { return OdString::kEmpty; } /** \details Sets a flag to allow using self-signed certificates. \param allow [in] Flag to allow using self-signed certificates. */ virtual void setAllowSelfSignedCerts(bool allow) = 0; /** \details Fills string array with private key file names. */ virtual void getAllPrivateKeyFileNames(OdStringArray& privateKeyFileNames) = 0; }; typedef OdSmartPtr OdAlternativeCertificateStorePtr; #include "TD_PackPop.h"