Merge pull request #5504 from randombit/jack/pimpl-x509-object

Use a shared_ptr pimpl for X509_Object

Author: randombit

src/lib/x509/crl_ent.cpp

@@ -17,25 +17,30 @@
 
 namespace Botan {
 
-struct CRL_Entry_Data {
+class CRL_Entry_Data final {
+   public:
+      CRL_Entry_Data(const X509_Certificate& cert, CRL_Code why) :
+            m_serial(cert.serial_number()), m_time(X509_Time(std::chrono::system_clock::now())), m_reason(why) {
+         if(why != CRL_Code::Unspecified) {
+            m_extensions.add(std::make_unique<Cert_Extension::CRL_ReasonCode>(why));
+         }
+      }
+
+      CRL_Entry_Data() = default;
+
+      // NOLINTBEGIN(*non-private-member-variables-in-classes)
       std::vector<uint8_t> m_serial;
       X509_Time m_time;
       CRL_Code m_reason = CRL_Code::Unspecified;
       Extensions m_extensions;
+      // NOLINTEND(*non-private-member-variables-in-classes)
 };
 
 /*
 * Create a CRL_Entry
 */
 CRL_Entry::CRL_Entry(const X509_Certificate& cert, CRL_Code why) {
-   m_data = std::make_shared<CRL_Entry_Data>();
-   m_data->m_serial = cert.serial_number();
-   m_data->m_time = X509_Time(std::chrono::system_clock::now());
-   m_data->m_reason = why;
-
-   if(why != CRL_Code::Unspecified) {
-      m_data->m_extensions.add(std::make_unique<Cert_Extension::CRL_ReasonCode>(why));
-   }
+   m_data = std::make_shared<CRL_Entry_Data>(cert, why);
 }
 
 /*

src/lib/x509/x509_crl.cpp

@@ -16,7 +16,17 @@
 
 namespace Botan {
 
-struct CRL_Data {
+class CRL_Data final {
+   public:
+      CRL_Data(const X509_DN& issuer,
+               const X509_Time& this_update,
+               const X509_Time& next_update,
+               const std::vector<CRL_Entry>& revoked) :
+            m_issuer(issuer), m_this_update(this_update), m_next_update(next_update), m_entries(revoked) {}
+
+      CRL_Data() = default;
+
+      // NOLINTBEGIN(*non-private-member-variables-in-classes)
       X509_DN m_issuer;
       size_t m_version{};
       X509_Time m_this_update;
@@ -28,6 +38,7 @@ struct CRL_Data {
       size_t m_crl_number = 0;
       std::vector<uint8_t> m_auth_key_id;
       std::vector<std::string> m_idp_urls;
+      // NOLINTEND(*non-private-member-variables-in-classes)
 };
 
 std::string X509_CRL::PEM_label() const {
@@ -58,11 +69,7 @@ X509_CRL::X509_CRL(const X509_DN& issuer,
                    const X509_Time& this_update,
                    const X509_Time& next_update,
                    const std::vector<CRL_Entry>& revoked) {
-   m_data = std::make_shared<CRL_Data>();
-   m_data->m_issuer = issuer;
-   m_data->m_this_update = this_update;
-   m_data->m_next_update = next_update;
-   m_data->m_entries = revoked;
+   m_data = std::make_shared<CRL_Data>(issuer, this_update, next_update, revoked);
 }
 
 /**

src/lib/x509/x509_crl.h

@@ -20,8 +20,8 @@ class Extensions;
 class X509_Certificate;
 class X509_DN;
 
-struct CRL_Entry_Data;
-struct CRL_Data;
+class CRL_Entry_Data;
+class CRL_Data;
 
 /**
 * This class represents CRL entries
@@ -71,7 +71,7 @@ class BOTAN_PUBLIC_API(2, 0) CRL_Entry final : public ASN1_Object {
 
       const CRL_Entry_Data& data() const;
 
-      std::shared_ptr<CRL_Entry_Data> m_data;
+      std::shared_ptr<const CRL_Entry_Data> m_data;
 };
 
 /**
@@ -207,7 +207,7 @@ class BOTAN_PUBLIC_API(2, 0) X509_CRL final : public X509_Object {
 
       const CRL_Data& data() const;
 
-      std::shared_ptr<CRL_Data> m_data;
+      std::shared_ptr<const CRL_Data> m_data;
 };
 
 }  // namespace Botan

src/lib/x509/x509_obj.cpp

@@ -66,14 +66,17 @@ void X509_Object::encode_into(DER_Encoder& to) const {
 * Read a BER encoded X.509 object
 */
 void X509_Object::decode_from(BER_Decoder& from) {
+   auto data = std::make_shared<Signed_Data>();
+
    from.start_sequence()
       .start_sequence()
-      .raw_bytes(m_tbs_bits)
+      .raw_bytes(data->m_tbs_bits)
       .end_cons()
-      .decode(m_sig_algo)
-      .decode(m_sig, ASN1_Type::BitString)
+      .decode(data->m_sig_algo)
+      .decode(data->m_sig, ASN1_Type::BitString)
       .end_cons();
 
+   m_signed_data = std::move(data);
    force_decode();
 }
 
@@ -88,7 +91,7 @@ std::string X509_Object::PEM_encode() const {
 * Return the TBS data
 */
 std::vector<uint8_t> X509_Object::tbs_data() const {
-   return ASN1::put_in_sequence(m_tbs_bits);
+   return ASN1::put_in_sequence(signed_body());
 }
 
 /*

src/lib/x509/x509_obj.h

@@ -38,17 +38,17 @@ class BOTAN_PUBLIC_API(2, 0) X509_Object : public ASN1_Object {
       /**
       * @return signature on tbs_data()
       */
-      const std::vector<uint8_t>& signature() const { return m_sig; }
+      const std::vector<uint8_t>& signature() const { return m_signed_data->m_sig; }
 
       /**
       * @return signed body
       */
-      const std::vector<uint8_t>& signed_body() const { return m_tbs_bits; }
+      const std::vector<uint8_t>& signed_body() const { return m_signed_data->m_tbs_bits; }
 
       /**
       * @return signature algorithm that was used to generate signature
       */
-      const AlgorithmIdentifier& signature_algorithm() const { return m_sig_algo; }
+      const AlgorithmIdentifier& signature_algorithm() const { return m_signed_data->m_sig_algo; }
 
       /**
       * Create a signed X509 object.
@@ -127,9 +127,13 @@ class BOTAN_PUBLIC_API(2, 0) X509_Object : public ASN1_Object {
    private:
       virtual void force_decode() = 0;
 
-      AlgorithmIdentifier m_sig_algo;
-      std::vector<uint8_t> m_tbs_bits;
-      std::vector<uint8_t> m_sig;
+      struct Signed_Data {
+            AlgorithmIdentifier m_sig_algo;
+            std::vector<uint8_t> m_tbs_bits;
+            std::vector<uint8_t> m_sig;
+      };
+
+      std::shared_ptr<const Signed_Data> m_signed_data;
 };
 
 }  // namespace Botan

src/lib/x509/x509cert.h

@@ -436,7 +436,7 @@ class BOTAN_PUBLIC_API(2, 0) X509_Certificate : public X509_Object {
 
       const X509_Certificate_Data& data() const;
 
-      std::shared_ptr<X509_Certificate_Data> m_data;
+      std::shared_ptr<const X509_Certificate_Data> m_data;
 };
 
 /**