aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-11-06 15:00:15 +0000
committerlloyd <[email protected]>2012-11-06 15:00:15 +0000
commit9fa2b506ec836b9438ad0b81c881f63b37e934cc (patch)
treeaeb29f1fcd9e46a30458dd48774573113c8e1bee
parent4d99f95923789513528617347c435e981b20689b (diff)
parent2458460b4478b7464dede87dc3beff8ea2838789 (diff)
merge of '61085e01f4099e38b7d9b3222172233fe47f3158'
and 'e96eee61a4430bb3ae59b8727ac964d57dcfbd40'
-rw-r--r--src/asn1/asn1_alt_name.cpp (renamed from src/asn1/asn1_alt.cpp)2
-rw-r--r--src/asn1/asn1_alt_name.h47
-rw-r--r--src/asn1/asn1_att.cpp2
-rw-r--r--src/asn1/asn1_attribute.h36
-rw-r--r--src/asn1/asn1_obj.h104
-rw-r--r--src/asn1/asn1_time.h55
-rw-r--r--src/asn1/asn1_tm.cpp2
-rw-r--r--src/asn1/info.txt24
-rw-r--r--src/cert/ocsp/ocsp_types.h1
-rw-r--r--src/cert/x509/crl_ent.h1
-rw-r--r--src/cert/x509/pkcs10.h2
-rw-r--r--src/cert/x509/x509_ext.h1
-rw-r--r--src/cert/x509/x509_obj.h2
-rw-r--r--src/cert/x509/x509cert.h1
-rw-r--r--src/cert/x509/x509path.h50
-rw-r--r--src/cert/x509/x509self.h1
-rw-r--r--src/engine/core_engine/lookup_hash.cpp2
-rw-r--r--src/libstate/policy.cpp1
-rw-r--r--src/pbe/pbes2/pbes2.cpp2
-rw-r--r--src/pubkey/pkcs8.cpp2
-rw-r--r--src/pubkey/x509_key.cpp2
-rw-r--r--src/tls/tls_messages.h6
-rw-r--r--src/wrap/perl-xs/Botan.xs3
23 files changed, 210 insertions, 139 deletions
diff --git a/src/asn1/asn1_alt.cpp b/src/asn1/asn1_alt_name.cpp
index 1a5c699cd..2e7116bac 100644
--- a/src/asn1/asn1_alt.cpp
+++ b/src/asn1/asn1_alt_name.cpp
@@ -6,7 +6,7 @@
* Distributed under the terms of the Botan license
*/
-#include <botan/asn1_obj.h>
+#include <botan/asn1_alt_name.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/oids.h>
diff --git a/src/asn1/asn1_alt_name.h b/src/asn1/asn1_alt_name.h
new file mode 100644
index 000000000..b71be1ff7
--- /dev/null
+++ b/src/asn1/asn1_alt_name.h
@@ -0,0 +1,47 @@
+/*
+* Common ASN.1 Objects
+* (C) 1999-2007 Jack Lloyd
+* 2007 Yves Jerschow
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_ASN1_ALT_NAME_H__
+#define BOTAN_ASN1_ALT_NAME_H__
+
+#include <botan/asn1_int.h>
+#include <botan/asn1_str.h>
+#include <botan/asn1_oid.h>
+#include <map>
+
+namespace Botan {
+
+/**
+* Alternative Name
+*/
+class BOTAN_DLL AlternativeName : public ASN1_Object
+ {
+ public:
+ void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
+
+ std::multimap<std::string, std::string> contents() const;
+
+ void add_attribute(const std::string&, const std::string&);
+ std::multimap<std::string, std::string> get_attributes() const;
+
+ void add_othername(const OID&, const std::string&, ASN1_Tag);
+ std::multimap<OID, ASN1_String> get_othernames() const;
+
+ bool has_items() const;
+
+ AlternativeName(const std::string& = "", const std::string& = "",
+ const std::string& = "", const std::string& = "");
+ private:
+ std::multimap<std::string, std::string> alt_info;
+ std::multimap<OID, ASN1_String> othernames;
+ };
+
+}
+
+#endif
diff --git a/src/asn1/asn1_att.cpp b/src/asn1/asn1_att.cpp
index c0adae643..dff52bef9 100644
--- a/src/asn1/asn1_att.cpp
+++ b/src/asn1/asn1_att.cpp
@@ -5,7 +5,7 @@
* Distributed under the terms of the Botan license
*/
-#include <botan/asn1_obj.h>
+#include <botan/asn1_attribute.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/oids.h>
diff --git a/src/asn1/asn1_attribute.h b/src/asn1/asn1_attribute.h
new file mode 100644
index 000000000..b51811015
--- /dev/null
+++ b/src/asn1/asn1_attribute.h
@@ -0,0 +1,36 @@
+/*
+* ASN.1 Attribute
+* (C) 1999-2007,2012 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_ASN1_ATTRIBUTE_H__
+#define BOTAN_ASN1_ATTRIBUTE_H__
+
+#include <botan/asn1_int.h>
+#include <botan/asn1_oid.h>
+#include <vector>
+
+namespace Botan {
+
+/**
+* Attribute
+*/
+class BOTAN_DLL Attribute : public ASN1_Object
+ {
+ public:
+ void encode_into(class DER_Encoder& to) const;
+ void decode_from(class BER_Decoder& from);
+
+ OID oid;
+ std::vector<byte> parameters;
+
+ Attribute() {}
+ Attribute(const OID&, const std::vector<byte>&);
+ Attribute(const std::string&, const std::vector<byte>&);
+ };
+
+}
+
+#endif
diff --git a/src/asn1/asn1_obj.h b/src/asn1/asn1_obj.h
deleted file mode 100644
index cee5a18ed..000000000
--- a/src/asn1/asn1_obj.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
-* Common ASN.1 Objects
-* (C) 1999-2007 Jack Lloyd
-* 2007 Yves Jerschow
-*
-* Distributed under the terms of the Botan license
-*/
-
-#ifndef BOTAN_ASN1_OBJ_H__
-#define BOTAN_ASN1_OBJ_H__
-
-#include <botan/asn1_int.h>
-#include <botan/asn1_oid.h>
-#include <botan/asn1_str.h>
-#include <botan/alg_id.h>
-#include <vector>
-#include <map>
-#include <chrono>
-
-namespace Botan {
-
-/**
-* Attribute
-*/
-class BOTAN_DLL Attribute : public ASN1_Object
- {
- public:
- void encode_into(class DER_Encoder& to) const;
- void decode_from(class BER_Decoder& from);
-
- OID oid;
- std::vector<byte> parameters;
-
- Attribute() {}
- Attribute(const OID&, const std::vector<byte>&);
- Attribute(const std::string&, const std::vector<byte>&);
- };
-
-/**
-* X.509 Time
-*/
-class BOTAN_DLL X509_Time : public ASN1_Object
- {
- public:
- void encode_into(class DER_Encoder&) const;
- void decode_from(class BER_Decoder&);
-
- std::string as_string() const;
- std::string readable_string() const;
- bool time_is_set() const;
-
- s32bit cmp(const X509_Time&) const;
-
- void set_to(const std::string&);
- void set_to(const std::string&, ASN1_Tag);
-
- X509_Time(const std::chrono::system_clock::time_point& time);
- X509_Time(const std::string& = "");
- X509_Time(const std::string&, ASN1_Tag);
- private:
- bool passes_sanity_check() const;
- u32bit year, month, day, hour, minute, second;
- ASN1_Tag tag;
- };
-
-/**
-* Alternative Name
-*/
-class BOTAN_DLL AlternativeName : public ASN1_Object
- {
- public:
- void encode_into(class DER_Encoder&) const;
- void decode_from(class BER_Decoder&);
-
- std::multimap<std::string, std::string> contents() const;
-
- void add_attribute(const std::string&, const std::string&);
- std::multimap<std::string, std::string> get_attributes() const;
-
- void add_othername(const OID&, const std::string&, ASN1_Tag);
- std::multimap<OID, ASN1_String> get_othernames() const;
-
- bool has_items() const;
-
- AlternativeName(const std::string& = "", const std::string& = "",
- const std::string& = "", const std::string& = "");
- private:
- std::multimap<std::string, std::string> alt_info;
- std::multimap<OID, ASN1_String> othernames;
- };
-
-/*
-* Comparison Operations
-*/
-bool BOTAN_DLL operator==(const X509_Time&, const X509_Time&);
-bool BOTAN_DLL operator!=(const X509_Time&, const X509_Time&);
-bool BOTAN_DLL operator<=(const X509_Time&, const X509_Time&);
-bool BOTAN_DLL operator>=(const X509_Time&, const X509_Time&);
-bool BOTAN_DLL operator<(const X509_Time&, const X509_Time&);
-bool BOTAN_DLL operator>(const X509_Time&, const X509_Time&);
-
-}
-
-#endif
diff --git a/src/asn1/asn1_time.h b/src/asn1/asn1_time.h
new file mode 100644
index 000000000..ca8449178
--- /dev/null
+++ b/src/asn1/asn1_time.h
@@ -0,0 +1,55 @@
+/*
+* ASN.1 Time Representation
+* (C) 1999-2007,2012 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_ASN1_TIME_H__
+#define BOTAN_ASN1_TIME_H__
+
+#include <botan/asn1_int.h>
+#include <chrono>
+
+namespace Botan {
+
+/**
+* X.509 Time
+*/
+class BOTAN_DLL X509_Time : public ASN1_Object
+ {
+ public:
+ void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
+
+ std::string as_string() const;
+ std::string readable_string() const;
+ bool time_is_set() const;
+
+ s32bit cmp(const X509_Time&) const;
+
+ void set_to(const std::string&);
+ void set_to(const std::string&, ASN1_Tag);
+
+ X509_Time(const std::chrono::system_clock::time_point& time);
+ X509_Time(const std::string& = "");
+ X509_Time(const std::string&, ASN1_Tag);
+ private:
+ bool passes_sanity_check() const;
+ u32bit year, month, day, hour, minute, second;
+ ASN1_Tag tag;
+ };
+
+/*
+* Comparison Operations
+*/
+bool BOTAN_DLL operator==(const X509_Time&, const X509_Time&);
+bool BOTAN_DLL operator!=(const X509_Time&, const X509_Time&);
+bool BOTAN_DLL operator<=(const X509_Time&, const X509_Time&);
+bool BOTAN_DLL operator>=(const X509_Time&, const X509_Time&);
+bool BOTAN_DLL operator<(const X509_Time&, const X509_Time&);
+bool BOTAN_DLL operator>(const X509_Time&, const X509_Time&);
+
+}
+
+#endif
diff --git a/src/asn1/asn1_tm.cpp b/src/asn1/asn1_tm.cpp
index b8095a41c..b1093158c 100644
--- a/src/asn1/asn1_tm.cpp
+++ b/src/asn1/asn1_tm.cpp
@@ -5,7 +5,7 @@
* Distributed under the terms of the Botan license
*/
-#include <botan/asn1_obj.h>
+#include <botan/asn1_time.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/charset.h>
diff --git a/src/asn1/info.txt b/src/asn1/info.txt
index e190ad9ea..4bf31732f 100644
--- a/src/asn1/info.txt
+++ b/src/asn1/info.txt
@@ -2,30 +2,6 @@ define ASN1
load_on auto
-<source>
-alg_id.cpp
-asn1_alt.cpp
-asn1_att.cpp
-asn1_int.cpp
-asn1_oid.cpp
-asn1_str.cpp
-asn1_tm.cpp
-ber_dec.cpp
-der_enc.cpp
-x509_dn.cpp
-</source>
-
-<header:public>
-alg_id.h
-asn1_int.h
-asn1_obj.h
-asn1_oid.h
-asn1_str.h
-ber_dec.h
-der_enc.h
-x509_dn.h
-</header:public>
-
<requires>
alloc
bigint
diff --git a/src/cert/ocsp/ocsp_types.h b/src/cert/ocsp/ocsp_types.h
index 5a5beb567..e51089aca 100644
--- a/src/cert/ocsp/ocsp_types.h
+++ b/src/cert/ocsp/ocsp_types.h
@@ -9,6 +9,7 @@
#define BOTAN_OCSP_TYPES_H__
#include <botan/x509cert.h>
+#include <botan/asn1_time.h>
#include <botan/bigint.h>
namespace Botan {
diff --git a/src/cert/x509/crl_ent.h b/src/cert/x509/crl_ent.h
index 769519f78..e68008b70 100644
--- a/src/cert/x509/crl_ent.h
+++ b/src/cert/x509/crl_ent.h
@@ -9,6 +9,7 @@
#define BOTAN_CRL_ENTRY_H__
#include <botan/x509cert.h>
+#include <botan/asn1_time.h>
namespace Botan {
diff --git a/src/cert/x509/pkcs10.h b/src/cert/x509/pkcs10.h
index 974ea0070..b54425133 100644
--- a/src/cert/x509/pkcs10.h
+++ b/src/cert/x509/pkcs10.h
@@ -13,6 +13,8 @@
#include <botan/pkcs8.h>
#include <botan/datastor.h>
#include <botan/key_constraint.h>
+#include <botan/asn1_attribute.h>
+#include <botan/asn1_alt_name.h>
#include <vector>
namespace Botan {
diff --git a/src/cert/x509/x509_ext.h b/src/cert/x509/x509_ext.h
index 42434c4c2..07da1b8f8 100644
--- a/src/cert/x509/x509_ext.h
+++ b/src/cert/x509/x509_ext.h
@@ -10,7 +10,6 @@
#include <botan/asn1_int.h>
#include <botan/asn1_oid.h>
-#include <botan/asn1_obj.h>
#include <botan/datastor.h>
#include <botan/crl_ent.h>
diff --git a/src/cert/x509/x509_obj.h b/src/cert/x509/x509_obj.h
index 5905e1b37..42aead195 100644
--- a/src/cert/x509/x509_obj.h
+++ b/src/cert/x509/x509_obj.h
@@ -8,7 +8,7 @@
#ifndef BOTAN_X509_OBJECT_H__
#define BOTAN_X509_OBJECT_H__
-#include <botan/asn1_obj.h>
+#include <botan/asn1_int.h>
#include <botan/pipe.h>
#include <botan/x509_key.h>
#include <botan/rng.h>
diff --git a/src/cert/x509/x509cert.h b/src/cert/x509/x509cert.h
index 97758ea5a..bd341b6e0 100644
--- a/src/cert/x509/x509cert.h
+++ b/src/cert/x509/x509cert.h
@@ -11,6 +11,7 @@
#include <botan/x509_obj.h>
#include <botan/x509_dn.h>
#include <botan/x509_key.h>
+#include <botan/asn1_alt_name.h>
#include <botan/datastor.h>
#include <botan/key_constraint.h>
#include <map>
diff --git a/src/cert/x509/x509path.h b/src/cert/x509/x509path.h
index ae28599b0..829aa9d91 100644
--- a/src/cert/x509/x509path.h
+++ b/src/cert/x509/x509path.h
@@ -14,12 +14,30 @@
namespace Botan {
+/**
+* Specifies restrictions on the PKIX path validation
+*/
class BOTAN_DLL Path_Validation_Restrictions
{
public:
+ /**
+ * @param require_rev if true, revocation information is required
+ * @param minimum_key_strength is the minimum strength (in terms of
+ * operations, eg 80 means 2^80) of a signature. Signatures
+ * weaker than this are rejected.
+ */
Path_Validation_Restrictions(bool require_rev = false,
size_t minimum_key_strength = 80);
+ /**
+ * @param require_rev if true, revocation information is required
+ * @param minimum_key_strength is the minimum strength (in terms of
+ * operations, eg 80 means 2^80) of a signature. Signatures
+ * weaker than this are rejected.
+ * @param trusted_hashes a set of trusted hashes. Any signatures
+ * created using a hash other than one of these will be
+ * rejected.
+ */
Path_Validation_Restrictions(bool require_rev,
size_t minimum_key_strength,
const std::set<std::string>& trusted_hashes) :
@@ -42,6 +60,9 @@ class BOTAN_DLL Path_Validation_Restrictions
size_t m_minimum_key_strength;
};
+/**
+* Represents the result of a PKIX path validation
+*/
class BOTAN_DLL Path_Validation_Result
{
public:
@@ -79,19 +100,34 @@ class BOTAN_DLL Path_Validation_Result
};
/**
- * Returns the set of hash functions you are implicitly
+ * @return the set of hash functions you are implicitly
* trusting by trusting this result.
*/
std::set<std::string> trusted_hashes() const;
+ /**
+ * @return the trust root of the validation
+ */
const X509_Certificate& trust_root() const;
+ /**
+ * @return the full path from subject to trust root
+ */
const std::vector<X509_Certificate>& cert_path() const { return m_cert_path; }
+ /**
+ * @return true iff the validation was succesful
+ */
bool successful_validation() const { return result() == VERIFIED; }
+ /**
+ * @return validation result code
+ */
Code result() const { return m_result; }
+ /**
+ * @return string representation of the validation result
+ */
std::string result_string() const;
private:
@@ -109,21 +145,33 @@ class BOTAN_DLL Path_Validation_Result
std::vector<X509_Certificate> m_cert_path;
};
+/**
+* PKIX Path Validation
+*/
Path_Validation_Result BOTAN_DLL x509_path_validate(
const std::vector<X509_Certificate>& end_certs,
const Path_Validation_Restrictions& restrictions,
const std::vector<Certificate_Store*>& certstores);
+/**
+* PKIX Path Validation
+*/
Path_Validation_Result BOTAN_DLL x509_path_validate(
const X509_Certificate& end_cert,
const Path_Validation_Restrictions& restrictions,
const std::vector<Certificate_Store*>& certstores);
+/**
+* PKIX Path Validation
+*/
Path_Validation_Result BOTAN_DLL x509_path_validate(
const X509_Certificate& end_cert,
const Path_Validation_Restrictions& restrictions,
const Certificate_Store& store);
+/**
+* PKIX Path Validation
+*/
Path_Validation_Result BOTAN_DLL x509_path_validate(
const std::vector<X509_Certificate>& end_certs,
const Path_Validation_Restrictions& restrictions,
diff --git a/src/cert/x509/x509self.h b/src/cert/x509/x509self.h
index 2850096c8..eee4d10c6 100644
--- a/src/cert/x509/x509self.h
+++ b/src/cert/x509/x509self.h
@@ -11,6 +11,7 @@
#include <botan/x509cert.h>
#include <botan/pkcs8.h>
#include <botan/pkcs10.h>
+#include <botan/asn1_time.h>
namespace Botan {
diff --git a/src/engine/core_engine/lookup_hash.cpp b/src/engine/core_engine/lookup_hash.cpp
index 9958d18b9..7a9a0148d 100644
--- a/src/engine/core_engine/lookup_hash.cpp
+++ b/src/engine/core_engine/lookup_hash.cpp
@@ -119,7 +119,7 @@ HashFunction* Core_Engine::find_hash(const SCAN_Name& request,
#endif
#if defined(BOTAN_HAS_GOST_34_11)
- if(request.algo_name() == "GOST-34.11")
+ if(request.algo_name() == "GOST-R-34.11-94")
return new GOST_34_11;
#endif
diff --git a/src/libstate/policy.cpp b/src/libstate/policy.cpp
index fc127478e..75b7c0db8 100644
--- a/src/libstate/policy.cpp
+++ b/src/libstate/policy.cpp
@@ -293,6 +293,7 @@ void set_default_aliases(Library_State& config)
config.add_alias("MARK-4", "ARC4(256)");
config.add_alias("OMAC", "CMAC");
config.add_alias("GOST", "GOST-28147-89");
+ config.add_alias("GOST-34.11", "GOST-R-34.11-94");
}
/*
diff --git a/src/pbe/pbes2/pbes2.cpp b/src/pbe/pbes2/pbes2.cpp
index d29bc06f6..b27ad445e 100644
--- a/src/pbe/pbes2/pbes2.cpp
+++ b/src/pbe/pbes2/pbes2.cpp
@@ -13,7 +13,7 @@
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/parsing.h>
-#include <botan/asn1_obj.h>
+#include <botan/alg_id.h>
#include <botan/oids.h>
#include <algorithm>
#include <memory>
diff --git a/src/pubkey/pkcs8.cpp b/src/pubkey/pkcs8.cpp
index d9b92dc23..0dd97a866 100644
--- a/src/pubkey/pkcs8.cpp
+++ b/src/pubkey/pkcs8.cpp
@@ -9,7 +9,7 @@
#include <botan/get_pbe.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
-#include <botan/asn1_obj.h>
+#include <botan/alg_id.h>
#include <botan/oids.h>
#include <botan/pem.h>
#include <botan/internal/pk_algs.h>
diff --git a/src/pubkey/x509_key.cpp b/src/pubkey/x509_key.cpp
index 8080dc993..62d626d9b 100644
--- a/src/pubkey/x509_key.cpp
+++ b/src/pubkey/x509_key.cpp
@@ -7,10 +7,10 @@
#include <botan/x509_key.h>
#include <botan/filters.h>
-#include <botan/asn1_obj.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/pem.h>
+#include <botan/alg_id.h>
#include <botan/internal/pk_algs.h>
#include <memory>
diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h
index f1d4aa887..52ff52c12 100644
--- a/src/tls/tls_messages.h
+++ b/src/tls/tls_messages.h
@@ -522,6 +522,9 @@ class Next_Protocol : public Handshake_Message
std::string m_protocol;
};
+/**
+* New Session Ticket Message
+*/
class New_Session_Ticket : public Handshake_Message
{
public:
@@ -546,6 +549,9 @@ class New_Session_Ticket : public Handshake_Message
std::vector<byte> m_ticket;
};
+/**
+* Change Cipher Spec
+*/
class Change_Cipher_Spec : public Handshake_Message
{
public:
diff --git a/src/wrap/perl-xs/Botan.xs b/src/wrap/perl-xs/Botan.xs
index fc0c00ff5..135da0d5d 100644
--- a/src/wrap/perl-xs/Botan.xs
+++ b/src/wrap/perl-xs/Botan.xs
@@ -10,7 +10,8 @@ extern "C" {
}
#endif
-#include <botan/asn1_obj.h>
+#include <botan/alg_id.h>
+#include <botan/asn1_alt_name.h>
#include <botan/asn1_oid.h>
#include <botan/filters.h>
#include <botan/init.h>