diff options
author | lloyd <[email protected]> | 2012-11-06 15:00:15 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-11-06 15:00:15 +0000 |
commit | 9fa2b506ec836b9438ad0b81c881f63b37e934cc (patch) | |
tree | aeb29f1fcd9e46a30458dd48774573113c8e1bee | |
parent | 4d99f95923789513528617347c435e981b20689b (diff) | |
parent | 2458460b4478b7464dede87dc3beff8ea2838789 (diff) |
merge of '61085e01f4099e38b7d9b3222172233fe47f3158'
and 'e96eee61a4430bb3ae59b8727ac964d57dcfbd40'
-rw-r--r-- | src/asn1/asn1_alt_name.cpp (renamed from src/asn1/asn1_alt.cpp) | 2 | ||||
-rw-r--r-- | src/asn1/asn1_alt_name.h | 47 | ||||
-rw-r--r-- | src/asn1/asn1_att.cpp | 2 | ||||
-rw-r--r-- | src/asn1/asn1_attribute.h | 36 | ||||
-rw-r--r-- | src/asn1/asn1_obj.h | 104 | ||||
-rw-r--r-- | src/asn1/asn1_time.h | 55 | ||||
-rw-r--r-- | src/asn1/asn1_tm.cpp | 2 | ||||
-rw-r--r-- | src/asn1/info.txt | 24 | ||||
-rw-r--r-- | src/cert/ocsp/ocsp_types.h | 1 | ||||
-rw-r--r-- | src/cert/x509/crl_ent.h | 1 | ||||
-rw-r--r-- | src/cert/x509/pkcs10.h | 2 | ||||
-rw-r--r-- | src/cert/x509/x509_ext.h | 1 | ||||
-rw-r--r-- | src/cert/x509/x509_obj.h | 2 | ||||
-rw-r--r-- | src/cert/x509/x509cert.h | 1 | ||||
-rw-r--r-- | src/cert/x509/x509path.h | 50 | ||||
-rw-r--r-- | src/cert/x509/x509self.h | 1 | ||||
-rw-r--r-- | src/engine/core_engine/lookup_hash.cpp | 2 | ||||
-rw-r--r-- | src/libstate/policy.cpp | 1 | ||||
-rw-r--r-- | src/pbe/pbes2/pbes2.cpp | 2 | ||||
-rw-r--r-- | src/pubkey/pkcs8.cpp | 2 | ||||
-rw-r--r-- | src/pubkey/x509_key.cpp | 2 | ||||
-rw-r--r-- | src/tls/tls_messages.h | 6 | ||||
-rw-r--r-- | src/wrap/perl-xs/Botan.xs | 3 |
23 files changed, 210 insertions, 139 deletions
diff --git a/src/asn1/asn1_alt.cpp b/src/asn1/asn1_alt_name.cpp index 1a5c699cd..2e7116bac 100644 --- a/src/asn1/asn1_alt.cpp +++ b/src/asn1/asn1_alt_name.cpp @@ -6,7 +6,7 @@ * Distributed under the terms of the Botan license */ -#include <botan/asn1_obj.h> +#include <botan/asn1_alt_name.h> #include <botan/der_enc.h> #include <botan/ber_dec.h> #include <botan/oids.h> diff --git a/src/asn1/asn1_alt_name.h b/src/asn1/asn1_alt_name.h new file mode 100644 index 000000000..b71be1ff7 --- /dev/null +++ b/src/asn1/asn1_alt_name.h @@ -0,0 +1,47 @@ +/* +* Common ASN.1 Objects +* (C) 1999-2007 Jack Lloyd +* 2007 Yves Jerschow +* +* Distributed under the terms of the Botan license +*/ + +#ifndef BOTAN_ASN1_ALT_NAME_H__ +#define BOTAN_ASN1_ALT_NAME_H__ + +#include <botan/asn1_int.h> +#include <botan/asn1_str.h> +#include <botan/asn1_oid.h> +#include <map> + +namespace Botan { + +/** +* Alternative Name +*/ +class BOTAN_DLL AlternativeName : public ASN1_Object + { + public: + void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); + + std::multimap<std::string, std::string> contents() const; + + void add_attribute(const std::string&, const std::string&); + std::multimap<std::string, std::string> get_attributes() const; + + void add_othername(const OID&, const std::string&, ASN1_Tag); + std::multimap<OID, ASN1_String> get_othernames() const; + + bool has_items() const; + + AlternativeName(const std::string& = "", const std::string& = "", + const std::string& = "", const std::string& = ""); + private: + std::multimap<std::string, std::string> alt_info; + std::multimap<OID, ASN1_String> othernames; + }; + +} + +#endif diff --git a/src/asn1/asn1_att.cpp b/src/asn1/asn1_att.cpp index c0adae643..dff52bef9 100644 --- a/src/asn1/asn1_att.cpp +++ b/src/asn1/asn1_att.cpp @@ -5,7 +5,7 @@ * Distributed under the terms of the Botan license */ -#include <botan/asn1_obj.h> +#include <botan/asn1_attribute.h> #include <botan/der_enc.h> #include <botan/ber_dec.h> #include <botan/oids.h> diff --git a/src/asn1/asn1_attribute.h b/src/asn1/asn1_attribute.h new file mode 100644 index 000000000..b51811015 --- /dev/null +++ b/src/asn1/asn1_attribute.h @@ -0,0 +1,36 @@ +/* +* ASN.1 Attribute +* (C) 1999-2007,2012 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#ifndef BOTAN_ASN1_ATTRIBUTE_H__ +#define BOTAN_ASN1_ATTRIBUTE_H__ + +#include <botan/asn1_int.h> +#include <botan/asn1_oid.h> +#include <vector> + +namespace Botan { + +/** +* Attribute +*/ +class BOTAN_DLL Attribute : public ASN1_Object + { + public: + void encode_into(class DER_Encoder& to) const; + void decode_from(class BER_Decoder& from); + + OID oid; + std::vector<byte> parameters; + + Attribute() {} + Attribute(const OID&, const std::vector<byte>&); + Attribute(const std::string&, const std::vector<byte>&); + }; + +} + +#endif diff --git a/src/asn1/asn1_obj.h b/src/asn1/asn1_obj.h deleted file mode 100644 index cee5a18ed..000000000 --- a/src/asn1/asn1_obj.h +++ /dev/null @@ -1,104 +0,0 @@ -/* -* Common ASN.1 Objects -* (C) 1999-2007 Jack Lloyd -* 2007 Yves Jerschow -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_ASN1_OBJ_H__ -#define BOTAN_ASN1_OBJ_H__ - -#include <botan/asn1_int.h> -#include <botan/asn1_oid.h> -#include <botan/asn1_str.h> -#include <botan/alg_id.h> -#include <vector> -#include <map> -#include <chrono> - -namespace Botan { - -/** -* Attribute -*/ -class BOTAN_DLL Attribute : public ASN1_Object - { - public: - void encode_into(class DER_Encoder& to) const; - void decode_from(class BER_Decoder& from); - - OID oid; - std::vector<byte> parameters; - - Attribute() {} - Attribute(const OID&, const std::vector<byte>&); - Attribute(const std::string&, const std::vector<byte>&); - }; - -/** -* X.509 Time -*/ -class BOTAN_DLL X509_Time : public ASN1_Object - { - public: - void encode_into(class DER_Encoder&) const; - void decode_from(class BER_Decoder&); - - std::string as_string() const; - std::string readable_string() const; - bool time_is_set() const; - - s32bit cmp(const X509_Time&) const; - - void set_to(const std::string&); - void set_to(const std::string&, ASN1_Tag); - - X509_Time(const std::chrono::system_clock::time_point& time); - X509_Time(const std::string& = ""); - X509_Time(const std::string&, ASN1_Tag); - private: - bool passes_sanity_check() const; - u32bit year, month, day, hour, minute, second; - ASN1_Tag tag; - }; - -/** -* Alternative Name -*/ -class BOTAN_DLL AlternativeName : public ASN1_Object - { - public: - void encode_into(class DER_Encoder&) const; - void decode_from(class BER_Decoder&); - - std::multimap<std::string, std::string> contents() const; - - void add_attribute(const std::string&, const std::string&); - std::multimap<std::string, std::string> get_attributes() const; - - void add_othername(const OID&, const std::string&, ASN1_Tag); - std::multimap<OID, ASN1_String> get_othernames() const; - - bool has_items() const; - - AlternativeName(const std::string& = "", const std::string& = "", - const std::string& = "", const std::string& = ""); - private: - std::multimap<std::string, std::string> alt_info; - std::multimap<OID, ASN1_String> othernames; - }; - -/* -* Comparison Operations -*/ -bool BOTAN_DLL operator==(const X509_Time&, const X509_Time&); -bool BOTAN_DLL operator!=(const X509_Time&, const X509_Time&); -bool BOTAN_DLL operator<=(const X509_Time&, const X509_Time&); -bool BOTAN_DLL operator>=(const X509_Time&, const X509_Time&); -bool BOTAN_DLL operator<(const X509_Time&, const X509_Time&); -bool BOTAN_DLL operator>(const X509_Time&, const X509_Time&); - -} - -#endif diff --git a/src/asn1/asn1_time.h b/src/asn1/asn1_time.h new file mode 100644 index 000000000..ca8449178 --- /dev/null +++ b/src/asn1/asn1_time.h @@ -0,0 +1,55 @@ +/* +* ASN.1 Time Representation +* (C) 1999-2007,2012 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#ifndef BOTAN_ASN1_TIME_H__ +#define BOTAN_ASN1_TIME_H__ + +#include <botan/asn1_int.h> +#include <chrono> + +namespace Botan { + +/** +* X.509 Time +*/ +class BOTAN_DLL X509_Time : public ASN1_Object + { + public: + void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); + + std::string as_string() const; + std::string readable_string() const; + bool time_is_set() const; + + s32bit cmp(const X509_Time&) const; + + void set_to(const std::string&); + void set_to(const std::string&, ASN1_Tag); + + X509_Time(const std::chrono::system_clock::time_point& time); + X509_Time(const std::string& = ""); + X509_Time(const std::string&, ASN1_Tag); + private: + bool passes_sanity_check() const; + u32bit year, month, day, hour, minute, second; + ASN1_Tag tag; + }; + +/* +* Comparison Operations +*/ +bool BOTAN_DLL operator==(const X509_Time&, const X509_Time&); +bool BOTAN_DLL operator!=(const X509_Time&, const X509_Time&); +bool BOTAN_DLL operator<=(const X509_Time&, const X509_Time&); +bool BOTAN_DLL operator>=(const X509_Time&, const X509_Time&); +bool BOTAN_DLL operator<(const X509_Time&, const X509_Time&); +bool BOTAN_DLL operator>(const X509_Time&, const X509_Time&); + +} + +#endif diff --git a/src/asn1/asn1_tm.cpp b/src/asn1/asn1_tm.cpp index b8095a41c..b1093158c 100644 --- a/src/asn1/asn1_tm.cpp +++ b/src/asn1/asn1_tm.cpp @@ -5,7 +5,7 @@ * Distributed under the terms of the Botan license */ -#include <botan/asn1_obj.h> +#include <botan/asn1_time.h> #include <botan/der_enc.h> #include <botan/ber_dec.h> #include <botan/charset.h> diff --git a/src/asn1/info.txt b/src/asn1/info.txt index e190ad9ea..4bf31732f 100644 --- a/src/asn1/info.txt +++ b/src/asn1/info.txt @@ -2,30 +2,6 @@ define ASN1 load_on auto -<source> -alg_id.cpp -asn1_alt.cpp -asn1_att.cpp -asn1_int.cpp -asn1_oid.cpp -asn1_str.cpp -asn1_tm.cpp -ber_dec.cpp -der_enc.cpp -x509_dn.cpp -</source> - -<header:public> -alg_id.h -asn1_int.h -asn1_obj.h -asn1_oid.h -asn1_str.h -ber_dec.h -der_enc.h -x509_dn.h -</header:public> - <requires> alloc bigint diff --git a/src/cert/ocsp/ocsp_types.h b/src/cert/ocsp/ocsp_types.h index 5a5beb567..e51089aca 100644 --- a/src/cert/ocsp/ocsp_types.h +++ b/src/cert/ocsp/ocsp_types.h @@ -9,6 +9,7 @@ #define BOTAN_OCSP_TYPES_H__ #include <botan/x509cert.h> +#include <botan/asn1_time.h> #include <botan/bigint.h> namespace Botan { diff --git a/src/cert/x509/crl_ent.h b/src/cert/x509/crl_ent.h index 769519f78..e68008b70 100644 --- a/src/cert/x509/crl_ent.h +++ b/src/cert/x509/crl_ent.h @@ -9,6 +9,7 @@ #define BOTAN_CRL_ENTRY_H__ #include <botan/x509cert.h> +#include <botan/asn1_time.h> namespace Botan { diff --git a/src/cert/x509/pkcs10.h b/src/cert/x509/pkcs10.h index 974ea0070..b54425133 100644 --- a/src/cert/x509/pkcs10.h +++ b/src/cert/x509/pkcs10.h @@ -13,6 +13,8 @@ #include <botan/pkcs8.h> #include <botan/datastor.h> #include <botan/key_constraint.h> +#include <botan/asn1_attribute.h> +#include <botan/asn1_alt_name.h> #include <vector> namespace Botan { diff --git a/src/cert/x509/x509_ext.h b/src/cert/x509/x509_ext.h index 42434c4c2..07da1b8f8 100644 --- a/src/cert/x509/x509_ext.h +++ b/src/cert/x509/x509_ext.h @@ -10,7 +10,6 @@ #include <botan/asn1_int.h> #include <botan/asn1_oid.h> -#include <botan/asn1_obj.h> #include <botan/datastor.h> #include <botan/crl_ent.h> diff --git a/src/cert/x509/x509_obj.h b/src/cert/x509/x509_obj.h index 5905e1b37..42aead195 100644 --- a/src/cert/x509/x509_obj.h +++ b/src/cert/x509/x509_obj.h @@ -8,7 +8,7 @@ #ifndef BOTAN_X509_OBJECT_H__ #define BOTAN_X509_OBJECT_H__ -#include <botan/asn1_obj.h> +#include <botan/asn1_int.h> #include <botan/pipe.h> #include <botan/x509_key.h> #include <botan/rng.h> diff --git a/src/cert/x509/x509cert.h b/src/cert/x509/x509cert.h index 97758ea5a..bd341b6e0 100644 --- a/src/cert/x509/x509cert.h +++ b/src/cert/x509/x509cert.h @@ -11,6 +11,7 @@ #include <botan/x509_obj.h> #include <botan/x509_dn.h> #include <botan/x509_key.h> +#include <botan/asn1_alt_name.h> #include <botan/datastor.h> #include <botan/key_constraint.h> #include <map> diff --git a/src/cert/x509/x509path.h b/src/cert/x509/x509path.h index ae28599b0..829aa9d91 100644 --- a/src/cert/x509/x509path.h +++ b/src/cert/x509/x509path.h @@ -14,12 +14,30 @@ namespace Botan { +/** +* Specifies restrictions on the PKIX path validation +*/ class BOTAN_DLL Path_Validation_Restrictions { public: + /** + * @param require_rev if true, revocation information is required + * @param minimum_key_strength is the minimum strength (in terms of + * operations, eg 80 means 2^80) of a signature. Signatures + * weaker than this are rejected. + */ Path_Validation_Restrictions(bool require_rev = false, size_t minimum_key_strength = 80); + /** + * @param require_rev if true, revocation information is required + * @param minimum_key_strength is the minimum strength (in terms of + * operations, eg 80 means 2^80) of a signature. Signatures + * weaker than this are rejected. + * @param trusted_hashes a set of trusted hashes. Any signatures + * created using a hash other than one of these will be + * rejected. + */ Path_Validation_Restrictions(bool require_rev, size_t minimum_key_strength, const std::set<std::string>& trusted_hashes) : @@ -42,6 +60,9 @@ class BOTAN_DLL Path_Validation_Restrictions size_t m_minimum_key_strength; }; +/** +* Represents the result of a PKIX path validation +*/ class BOTAN_DLL Path_Validation_Result { public: @@ -79,19 +100,34 @@ class BOTAN_DLL Path_Validation_Result }; /** - * Returns the set of hash functions you are implicitly + * @return the set of hash functions you are implicitly * trusting by trusting this result. */ std::set<std::string> trusted_hashes() const; + /** + * @return the trust root of the validation + */ const X509_Certificate& trust_root() const; + /** + * @return the full path from subject to trust root + */ const std::vector<X509_Certificate>& cert_path() const { return m_cert_path; } + /** + * @return true iff the validation was succesful + */ bool successful_validation() const { return result() == VERIFIED; } + /** + * @return validation result code + */ Code result() const { return m_result; } + /** + * @return string representation of the validation result + */ std::string result_string() const; private: @@ -109,21 +145,33 @@ class BOTAN_DLL Path_Validation_Result std::vector<X509_Certificate> m_cert_path; }; +/** +* PKIX Path Validation +*/ Path_Validation_Result BOTAN_DLL x509_path_validate( const std::vector<X509_Certificate>& end_certs, const Path_Validation_Restrictions& restrictions, const std::vector<Certificate_Store*>& certstores); +/** +* PKIX Path Validation +*/ Path_Validation_Result BOTAN_DLL x509_path_validate( const X509_Certificate& end_cert, const Path_Validation_Restrictions& restrictions, const std::vector<Certificate_Store*>& certstores); +/** +* PKIX Path Validation +*/ Path_Validation_Result BOTAN_DLL x509_path_validate( const X509_Certificate& end_cert, const Path_Validation_Restrictions& restrictions, const Certificate_Store& store); +/** +* PKIX Path Validation +*/ Path_Validation_Result BOTAN_DLL x509_path_validate( const std::vector<X509_Certificate>& end_certs, const Path_Validation_Restrictions& restrictions, diff --git a/src/cert/x509/x509self.h b/src/cert/x509/x509self.h index 2850096c8..eee4d10c6 100644 --- a/src/cert/x509/x509self.h +++ b/src/cert/x509/x509self.h @@ -11,6 +11,7 @@ #include <botan/x509cert.h> #include <botan/pkcs8.h> #include <botan/pkcs10.h> +#include <botan/asn1_time.h> namespace Botan { diff --git a/src/engine/core_engine/lookup_hash.cpp b/src/engine/core_engine/lookup_hash.cpp index 9958d18b9..7a9a0148d 100644 --- a/src/engine/core_engine/lookup_hash.cpp +++ b/src/engine/core_engine/lookup_hash.cpp @@ -119,7 +119,7 @@ HashFunction* Core_Engine::find_hash(const SCAN_Name& request, #endif #if defined(BOTAN_HAS_GOST_34_11) - if(request.algo_name() == "GOST-34.11") + if(request.algo_name() == "GOST-R-34.11-94") return new GOST_34_11; #endif diff --git a/src/libstate/policy.cpp b/src/libstate/policy.cpp index fc127478e..75b7c0db8 100644 --- a/src/libstate/policy.cpp +++ b/src/libstate/policy.cpp @@ -293,6 +293,7 @@ void set_default_aliases(Library_State& config) config.add_alias("MARK-4", "ARC4(256)"); config.add_alias("OMAC", "CMAC"); config.add_alias("GOST", "GOST-28147-89"); + config.add_alias("GOST-34.11", "GOST-R-34.11-94"); } /* diff --git a/src/pbe/pbes2/pbes2.cpp b/src/pbe/pbes2/pbes2.cpp index d29bc06f6..b27ad445e 100644 --- a/src/pbe/pbes2/pbes2.cpp +++ b/src/pbe/pbes2/pbes2.cpp @@ -13,7 +13,7 @@ #include <botan/der_enc.h> #include <botan/ber_dec.h> #include <botan/parsing.h> -#include <botan/asn1_obj.h> +#include <botan/alg_id.h> #include <botan/oids.h> #include <algorithm> #include <memory> diff --git a/src/pubkey/pkcs8.cpp b/src/pubkey/pkcs8.cpp index d9b92dc23..0dd97a866 100644 --- a/src/pubkey/pkcs8.cpp +++ b/src/pubkey/pkcs8.cpp @@ -9,7 +9,7 @@ #include <botan/get_pbe.h> #include <botan/der_enc.h> #include <botan/ber_dec.h> -#include <botan/asn1_obj.h> +#include <botan/alg_id.h> #include <botan/oids.h> #include <botan/pem.h> #include <botan/internal/pk_algs.h> diff --git a/src/pubkey/x509_key.cpp b/src/pubkey/x509_key.cpp index 8080dc993..62d626d9b 100644 --- a/src/pubkey/x509_key.cpp +++ b/src/pubkey/x509_key.cpp @@ -7,10 +7,10 @@ #include <botan/x509_key.h> #include <botan/filters.h> -#include <botan/asn1_obj.h> #include <botan/der_enc.h> #include <botan/ber_dec.h> #include <botan/pem.h> +#include <botan/alg_id.h> #include <botan/internal/pk_algs.h> #include <memory> diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h index f1d4aa887..52ff52c12 100644 --- a/src/tls/tls_messages.h +++ b/src/tls/tls_messages.h @@ -522,6 +522,9 @@ class Next_Protocol : public Handshake_Message std::string m_protocol; }; +/** +* New Session Ticket Message +*/ class New_Session_Ticket : public Handshake_Message { public: @@ -546,6 +549,9 @@ class New_Session_Ticket : public Handshake_Message std::vector<byte> m_ticket; }; +/** +* Change Cipher Spec +*/ class Change_Cipher_Spec : public Handshake_Message { public: diff --git a/src/wrap/perl-xs/Botan.xs b/src/wrap/perl-xs/Botan.xs index fc0c00ff5..135da0d5d 100644 --- a/src/wrap/perl-xs/Botan.xs +++ b/src/wrap/perl-xs/Botan.xs @@ -10,7 +10,8 @@ extern "C" { } #endif -#include <botan/asn1_obj.h> +#include <botan/alg_id.h> +#include <botan/asn1_alt_name.h> #include <botan/asn1_oid.h> #include <botan/filters.h> #include <botan/init.h> |