aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorlloyd <[email protected]>2006-05-19 00:07:25 +0000
committerlloyd <[email protected]>2006-05-19 00:07:25 +0000
commitf090e030be53e574fecbe7cf50edfb5fdacb53e1 (patch)
tree0bff0c249a9dbcb674fcd2491ab17e3d123ef1f9 /include
parenta0af7b26591f8fb79d1f06fe42548e1eb0c35e90 (diff)
Syntax changes to the BER and DER APIs to improve readability of code
that uses them. These changes are not backwards compatible, this commit updates all uses of the APIs within the library.
Diffstat (limited to 'include')
-rw-r--r--include/asn1_int.h17
-rw-r--r--include/asn1_obj.h66
-rw-r--r--include/asn1_oid.h1
-rw-r--r--include/ber_dec.h108
-rw-r--r--include/crl_ent.h23
-rw-r--r--include/datastor.h6
-rw-r--r--include/der_enc.h49
-rw-r--r--include/x509_ext.h84
-rw-r--r--include/x509_obj.h2
-rw-r--r--include/x509cert.h24
10 files changed, 221 insertions, 159 deletions
diff --git a/include/asn1_int.h b/include/asn1_int.h
index 40ddbb444..85f763f26 100644
--- a/include/asn1_int.h
+++ b/include/asn1_int.h
@@ -6,8 +6,9 @@
#ifndef BOTAN_ASN1_H__
#define BOTAN_ASN1_H__
-#include <botan/bigint.h>
+#include <botan/secmem.h>
#include <botan/enums.h>
+#include <botan/exceptn.h>
namespace Botan {
@@ -18,10 +19,23 @@ class ASN1_Object
{
public:
virtual void encode_into(class DER_Encoder&) const = 0;
+ virtual void decode_from(class BER_Decoder&) = 0;
virtual ~ASN1_Object() {}
};
/*************************************************
+* BER Encoded Object *
+*************************************************/
+class BER_Object
+ {
+ public:
+ void assert_is_a(ASN1_Tag, ASN1_Tag);
+
+ ASN1_Tag type_tag, class_tag;
+ SecureVector<byte> value;
+ };
+
+/*************************************************
* ASN.1 Utility Functions *
*************************************************/
class DataSource;
@@ -29,6 +43,7 @@ class DataSource;
namespace ASN1 {
SecureVector<byte> put_in_sequence(const MemoryRegion<byte>&);
+std::string to_string(const BER_Object&);
bool maybe_BER(DataSource&);
}
diff --git a/include/asn1_obj.h b/include/asn1_obj.h
index c36c2ac14..2ead6b54c 100644
--- a/include/asn1_obj.h
+++ b/include/asn1_obj.h
@@ -7,10 +7,9 @@
#define BOTAN_ASN1_OBJ_H__
#include <botan/asn1_int.h>
-#include <botan/der_enc.h>
-#include <botan/ber_dec.h>
-#include <map>
+#include <botan/asn1_oid.h>
#include <vector>
+#include <map>
namespace Botan {
@@ -20,12 +19,13 @@ namespace Botan {
class AlgorithmIdentifier : public ASN1_Object
{
public:
- void encode_into(DER_Encoder&) const;
+ void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
AlgorithmIdentifier() {}
AlgorithmIdentifier(const OID&, const MemoryRegion<byte>&);
AlgorithmIdentifier(const std::string&, const MemoryRegion<byte>&);
- public:
+
OID oid;
SecureVector<byte> parameters;
};
@@ -36,12 +36,13 @@ class AlgorithmIdentifier : public ASN1_Object
class Extension : public ASN1_Object
{
public:
+ void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
+
bool critical;
OID oid;
SecureVector<byte> value;
- void encode_into(DER_Encoder&) const;
-
Extension() { critical = false; }
Extension(const OID&, const MemoryRegion<byte>&);
Extension(const std::string&, const MemoryRegion<byte>&);
@@ -53,7 +54,8 @@ class Extension : public ASN1_Object
class Attribute : public ASN1_Object
{
public:
- void encode_into(DER_Encoder&) const;
+ void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
OID oid;
SecureVector<byte> parameters;
@@ -69,7 +71,8 @@ class Attribute : public ASN1_Object
class X509_Time : public ASN1_Object
{
public:
- void encode_into(DER_Encoder&) const;
+ void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
std::string as_string() const;
std::string readable_string() const;
@@ -92,7 +95,8 @@ class X509_Time : public ASN1_Object
class ASN1_String : public ASN1_Object
{
public:
- void encode_into(DER_Encoder&) const;
+ void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
std::string value() const;
std::string iso_8859() const;
@@ -112,11 +116,14 @@ class ASN1_String : public ASN1_Object
class X509_DN : public ASN1_Object
{
public:
- void encode_into(DER_Encoder&) const;
+ void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
std::multimap<OID, std::string> get_attributes() const;
std::vector<std::string> get_attribute(const std::string&) const;
+ std::multimap<std::string, std::string> contents() const;
+
void add_attribute(const std::string&, const std::string&);
void add_attribute(const OID&, const std::string&);
@@ -139,7 +146,10 @@ class X509_DN : public ASN1_Object
class AlternativeName : public ASN1_Object
{
public:
- void encode_into(DER_Encoder&) const;
+ void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
+
+ std::multimap<std::string, std::string> contents() const;
void add_attribute(const std::string&, const std::string&);
std::multimap<std::string, std::string> get_attributes() const;
@@ -171,38 +181,12 @@ bool operator==(const X509_DN&, const X509_DN&);
bool operator!=(const X509_DN&, const X509_DN&);
bool operator<(const X509_DN&, const X509_DN&);
-s32bit validity_check(const X509_Time&, const X509_Time&, u64bit);
-
-bool is_string_type(ASN1_Tag);
-
-/*************************************************
-* DER Encoding Functions *
-*************************************************/
-namespace DER {
-
-//void encode(DER_Encoder&, const Attribute&);
-//void encode(DER_Encoder&, const ASN1_String&);
-void encode(DER_Encoder&, const ASN1_String&,
- ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC);
-
-}
-
/*************************************************
-* BER Decoding Functions *
+* Helper Functions *
*************************************************/
-namespace BER {
-
-void decode(BER_Decoder&, AlgorithmIdentifier&);
-void decode(BER_Decoder&, Extension&);
-void decode(BER_Decoder&, Attribute&);
-void decode(BER_Decoder&, X509_Time&);
-void decode(BER_Decoder&, ASN1_String&);
-void decode(BER_Decoder&, ASN1_String&, ASN1_Tag, ASN1_Tag);
-void decode(BER_Decoder&, X509_DN&);
-void decode(BER_Decoder&, AlternativeName&);
-void decode(BER_Decoder&, Key_Constraints&);
+s32bit validity_check(const X509_Time&, const X509_Time&, u64bit);
-}
+bool is_string_type(ASN1_Tag);
}
diff --git a/include/asn1_oid.h b/include/asn1_oid.h
index b2bdd4867..94794607a 100644
--- a/include/asn1_oid.h
+++ b/include/asn1_oid.h
@@ -19,6 +19,7 @@ class OID : public ASN1_Object
{
public:
void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
bool is_empty() const { return id.size() == 0; }
std::vector<u32bit> get_id() const { return id; }
diff --git a/include/ber_dec.h b/include/ber_dec.h
index 32feb43e1..f1147e052 100644
--- a/include/ber_dec.h
+++ b/include/ber_dec.h
@@ -7,33 +7,28 @@
#define BOTAN_BER_DECODER_H__
#include <botan/asn1_oid.h>
-#include <botan/bigint.h>
#include <botan/data_src.h>
namespace Botan {
/*************************************************
-* BER Encoded Object *
-*************************************************/
-struct BER_Object
- {
- ASN1_Tag type_tag, class_tag;
- SecureVector<byte> value;
- };
-
-/*************************************************
* BER Decoding Object *
*************************************************/
class BER_Decoder
{
public:
- bool more_items() const;
- void verify_end() const;
- SecureVector<byte> get_remaining();
- void discard_remaining();
BER_Object get_next_object();
void push_back(const BER_Object&);
+ bool more_items() const;
+ BER_Decoder& verify_end();
+ BER_Decoder& discard_remaining();
+
+ BER_Decoder start_cons(ASN1_Tag);
+ BER_Decoder& end_cons();
+
+ BER_Decoder& raw_bytes(MemoryRegion<byte>&);
+
BER_Decoder& decode_null();
BER_Decoder& decode(bool&);
BER_Decoder& decode(u32bit&);
@@ -47,6 +42,17 @@ class BER_Decoder
BER_Decoder& decode(MemoryRegion<byte>&, ASN1_Tag,
ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC);
+ BER_Decoder& decode(class ASN1_Object&);
+
+ template<typename T>
+ BER_Decoder& decode_optional(T&, ASN1_Tag, ASN1_Tag, const T& = T());
+
+ template<typename T>
+ BER_Decoder& decode_list(std::vector<T>&, bool = true);
+
+ BER_Decoder& decode_optional_string(MemoryRegion<byte>&,
+ ASN1_Tag, u16bit);
+
BER_Decoder(DataSource&);
BER_Decoder(const byte[], u32bit);
BER_Decoder(const MemoryRegion<byte>&);
@@ -54,64 +60,68 @@ class BER_Decoder
~BER_Decoder();
private:
BER_Decoder& operator=(const BER_Decoder&) { return (*this); }
+
+ BER_Decoder* parent;
DataSource* source;
BER_Object pushed;
mutable bool owns;
};
/*************************************************
-* BER Decoding Functions *
-*************************************************/
-namespace BER {
-
-void decode(BER_Decoder&, OID&);
-
-BER_Decoder get_subsequence(BER_Decoder&);
-BER_Decoder get_subset(BER_Decoder&);
-
-BER_Decoder get_subsequence(BER_Decoder&, ASN1_Tag,
- ASN1_Tag = CONTEXT_SPECIFIC);
-BER_Decoder get_subset(BER_Decoder&, ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC);
-
-std::string to_string(const BER_Object&);
-bool decode_optional_string(BER_Decoder&, MemoryRegion<byte>&,
- ASN1_Tag, ASN1_Tag, ASN1_Tag);
-
-/*************************************************
* Decode an OPTIONAL or DEFAULT element *
*************************************************/
-template<class T>
-bool decode_optional(BER_Decoder& in, T& out,
- ASN1_Tag type_tag, ASN1_Tag class_tag,
- const T& default_value = T())
+template<typename T>
+BER_Decoder& BER_Decoder::decode_optional(T& out,
+ ASN1_Tag type_tag,
+ ASN1_Tag class_tag,
+ const T& default_value)
{
- BER_Object obj = in.get_next_object();
+ BER_Object obj = get_next_object();
if(obj.type_tag == type_tag && obj.class_tag == class_tag)
{
if(class_tag & CONSTRUCTED)
- {
- BER_Decoder stored_value(obj.value);
- //BER::decode(stored_value, out);
- stored_value.decode(out);
- stored_value.verify_end();
- }
+ BER_Decoder(obj.value).decode(out).verify_end();
else
{
- in.push_back(obj);
- //BER::decode(in, out, type_tag, class_tag);
- in.decode(out, type_tag, class_tag);
+ push_back(obj);
+ decode(out, type_tag, class_tag);
}
- return true;
}
else
{
out = default_value;
- in.push_back(obj);
- return false;
+ push_back(obj);
+ }
+
+ return (*this);
+ }
+
+/*************************************************
+* Decode a list of homogenously typed values *
+*************************************************/
+template<typename T>
+BER_Decoder& BER_Decoder::decode_list(std::vector<T>& vec, bool clear_it)
+ {
+ if(clear_it)
+ vec.clear();
+
+ while(more_items())
+ {
+ T value;
+ decode(value);
+ vec.push_back(value);
}
+ return (*this);
}
+/*************************************************
+* BER Decoding Functions *
+*************************************************/
+namespace BER {
+
+void decode(BER_Decoder&, Key_Constraints&);
+
}
}
diff --git a/include/crl_ent.h b/include/crl_ent.h
index 660148211..510c4f5a8 100644
--- a/include/crl_ent.h
+++ b/include/crl_ent.h
@@ -13,9 +13,12 @@ namespace Botan {
/*************************************************
* CRL Entry *
*************************************************/
-class CRL_Entry
+class CRL_Entry : public ASN1_Object
{
public:
+ void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
+
MemoryVector<byte> serial;
X509_Time time;
CRL_Code reason;
@@ -30,24 +33,6 @@ bool operator==(const CRL_Entry&, const CRL_Entry&);
bool operator!=(const CRL_Entry&, const CRL_Entry&);
bool operator<(const CRL_Entry&, const CRL_Entry&);
-/*************************************************
-* DER Encoding Functions *
-*************************************************/
-namespace DER {
-
-void encode(DER_Encoder&, const CRL_Entry&);
-
-}
-
-/*************************************************
-* BER Decoding Functions *
-*************************************************/
-namespace BER {
-
-void decode(BER_Decoder&, CRL_Entry&);
-
-}
-
}
#endif
diff --git a/include/datastor.h b/include/datastor.h
index 86a607feb..365c0d32b 100644
--- a/include/datastor.h
+++ b/include/datastor.h
@@ -34,7 +34,9 @@ class Data_Store
bool operator==(const Data_Store&) const;
- std::multimap<std::string, std::string> get(const Matcher&) const;
+ std::multimap<std::string, std::string>
+ search_with(const Matcher&) const;
+
std::vector<std::string> get(const std::string&) const;
std::string get1(const std::string&) const;
@@ -42,6 +44,8 @@ class Data_Store
MemoryVector<byte> get1_memvec(const std::string&) const;
u32bit get1_u32bit(const std::string&, u32bit = 0) const;
+ bool has_value(const std::string&) const;
+
void add(const std::multimap<std::string, std::string>&);
void add(const std::string&, const std::string&);
void add(const std::string&, u32bit);
diff --git a/include/der_enc.h b/include/der_enc.h
index b07c76172..d0e655ad7 100644
--- a/include/der_enc.h
+++ b/include/der_enc.h
@@ -6,7 +6,8 @@
#ifndef BOTAN_DER_ENCODER_H__
#define BOTAN_DER_ENCODER_H__
-#include <botan/asn1_oid.h>
+#include <botan/secmem.h>
+#include <botan/enums.h>
#include <vector>
namespace Botan {
@@ -19,21 +20,14 @@ class DER_Encoder
public:
SecureVector<byte> get_contents();
- DER_Encoder& start_sequence(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC);
- DER_Encoder& end_sequence(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC);
- DER_Encoder& start_set(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC);
- DER_Encoder& end_set(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC);
+ DER_Encoder& start_cons(ASN1_Tag, ASN1_Tag = UNIVERSAL);
+ DER_Encoder& end_cons();
- DER_Encoder& start_sequence();
- DER_Encoder& end_sequence();
- DER_Encoder& start_set();
- DER_Encoder& end_set();
+ DER_Encoder& start_explicit(u16bit);
+ DER_Encoder& end_explicit();
- DER_Encoder& start_explicit(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC);
- DER_Encoder& end_explicit(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC);
-
- DER_Encoder& add_raw_octets(const byte[], u32bit);
- DER_Encoder& add_raw_octets(const MemoryRegion<byte>&);
+ DER_Encoder& raw_bytes(const byte[], u32bit);
+ DER_Encoder& raw_bytes(const MemoryRegion<byte>&);
DER_Encoder& encode_null();
DER_Encoder& encode(bool);
@@ -51,33 +45,44 @@ class DER_Encoder
DER_Encoder& encode(const byte[], u32bit, ASN1_Tag,
ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC);
+ template<typename T>
+ DER_Encoder& encode_optional(const T& value, const T& default_value)
+ {
+ if(value != default_value)
+ encode(value);
+ return (*this);
+ }
+
+ template<typename T>
+ DER_Encoder& encode_list(const std::vector<T>& values)
+ {
+ for(u32bit j = 0; j != values.size(); ++j)
+ encode(values[j]);
+ return (*this);
+ }
+
DER_Encoder& encode(const class ASN1_Object&);
+ DER_Encoder& encode_if(bool, DER_Encoder&);
+
DER_Encoder& add_object(ASN1_Tag, ASN1_Tag, const byte[], u32bit);
DER_Encoder& add_object(ASN1_Tag, ASN1_Tag, const MemoryRegion<byte>&);
DER_Encoder& add_object(ASN1_Tag, ASN1_Tag, const std::string&);
DER_Encoder& add_object(ASN1_Tag, ASN1_Tag, byte);
-
- DER_Encoder();
private:
- DER_Encoder& start_cons(ASN1_Tag, ASN1_Tag, bool);
- DER_Encoder& end_cons(ASN1_Tag, ASN1_Tag);
-
class DER_Sequence
{
public:
ASN1_Tag tag_of() const;
SecureVector<byte> get_contents();
void add_bytes(const byte[], u32bit);
- DER_Sequence(ASN1_Tag, ASN1_Tag, bool = false);
+ DER_Sequence(ASN1_Tag, ASN1_Tag);
private:
ASN1_Tag type_tag, class_tag;
- bool is_a_set;
SecureVector<byte> contents;
std::vector< SecureVector<byte> > set_contents;
};
SecureVector<byte> contents;
std::vector<DER_Sequence> subsequences;
- u32bit sequence_level;
};
}
diff --git a/include/x509_ext.h b/include/x509_ext.h
index 7e3b68288..138a334c6 100644
--- a/include/x509_ext.h
+++ b/include/x509_ext.h
@@ -9,54 +9,58 @@
#include <botan/asn1_int.h>
#include <botan/asn1_oid.h>
#include <botan/asn1_obj.h>
+#include <botan/datastor.h>
+#include <botan/enums.h>
namespace Botan {
/*************************************************
* X.509 Certificate Extension *
*************************************************/
-class Certificate_Extension : public ASN1_Object
+class Certificate_Extension
{
public:
- void encode_into(class DER_Encoder&) const;
- void decode_from(class BER_Decoder&);
void maybe_add(class DER_Encoder&) const;
OID oid_of() const;
void make_critical() { critical = true; }
bool is_critical() const { return critical; }
- //virtual std::multimap<std::string, std::string> contents() const = 0;
+ virtual void contents_to(Data_Store&, Data_Store&) const = 0;
virtual std::string config_id() const = 0;
virtual std::string oid_name() const = 0;
Certificate_Extension() { critical = false; }
virtual ~Certificate_Extension() {}
protected:
+ friend class Extensions;
virtual bool should_encode() const { return true; }
virtual MemoryVector<byte> encode_inner() const = 0;
virtual void decode_inner(const MemoryRegion<byte>&) = 0;
private:
- void encode_into(class DER_Encoder&, bool) const;
bool critical;
};
/*************************************************
-* X.509 Certificate Extensions *
+* X.509 Certificate Extension List *
*************************************************/
class Extensions : public ASN1_Object
{
public:
void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
+ std::vector<Certificate_Extension*> get() const
+ { return extensions; }
void add(Certificate_Extension* extn)
{ extensions.push_back(extn); }
-
+
~Extensions();
private:
std::vector<Certificate_Extension*> extensions;
};
+
namespace Cert_Extension {
/*************************************************
@@ -65,13 +69,15 @@ namespace Cert_Extension {
class Basic_Constraints : public Certificate_Extension
{
public:
- Basic_Constraints(bool = false, u32bit = 0);
+ Basic_Constraints(bool ca = false, u32bit limit = 0) :
+ is_ca(ca), path_limit(limit) {}
private:
std::string config_id() const { return "basic_constraints"; }
std::string oid_name() const { return "X509v3.BasicConstraints"; }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
bool is_ca;
u32bit path_limit;
@@ -83,7 +89,7 @@ class Basic_Constraints : public Certificate_Extension
class Key_Usage : public Certificate_Extension
{
public:
- Key_Usage(Key_Constraints);
+ Key_Usage(Key_Constraints c = NO_CONSTRAINTS) : constraints(c) {}
private:
std::string config_id() const { return "key_usage"; }
std::string oid_name() const { return "X509v3.KeyUsage"; }
@@ -91,6 +97,7 @@ class Key_Usage : public Certificate_Extension
bool should_encode() const { return (constraints != NO_CONSTRAINTS); }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
Key_Constraints constraints;
};
@@ -101,13 +108,16 @@ class Key_Usage : public Certificate_Extension
class Subject_Key_ID : public Certificate_Extension
{
public:
+ Subject_Key_ID() {}
Subject_Key_ID(const MemoryRegion<byte>&);
private:
std::string config_id() const { return "subject_key_id"; }
std::string oid_name() const { return "X509v3.SubjectKeyIdentifier"; }
+ bool should_encode() const { return (key_id.size() > 0); }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
MemoryVector<byte> key_id;
};
@@ -118,7 +128,8 @@ class Subject_Key_ID : public Certificate_Extension
class Authority_Key_ID : public Certificate_Extension
{
public:
- Authority_Key_ID(const MemoryRegion<byte>&);
+ Authority_Key_ID() {}
+ Authority_Key_ID(const MemoryRegion<byte>& k) : key_id(k) {}
private:
std::string config_id() const { return "authority_key_id"; }
std::string oid_name() const { return "X509v3.AuthorityKeyIdentifier"; }
@@ -126,6 +137,7 @@ class Authority_Key_ID : public Certificate_Extension
bool should_encode() const { return (key_id.size() > 0); }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
MemoryVector<byte> key_id;
};
@@ -145,6 +157,7 @@ class Alternative_Name : public Certificate_Extension
bool should_encode() const { return alt_name.has_items(); }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
std::string config_name_str, oid_name_str;
AlternativeName alt_name;
@@ -156,7 +169,8 @@ class Alternative_Name : public Certificate_Extension
class Extended_Key_Usage : public Certificate_Extension
{
public:
- Extended_Key_Usage(const std::vector<OID>&);
+ Extended_Key_Usage() {}
+ Extended_Key_Usage(const std::vector<OID>& o) : oids(o) {}
private:
std::string config_id() const { return "extended_key_usage"; }
std::string oid_name() const { return "X509v3.ExtendedKeyUsage"; }
@@ -164,6 +178,27 @@ class Extended_Key_Usage : public Certificate_Extension
bool should_encode() const { return (oids.size() > 0); }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
+
+ std::vector<OID> oids;
+ };
+
+/*************************************************
+* Certificate Policies Extension *
+*************************************************/
+class Certificate_Policies : public Certificate_Extension
+ {
+ public:
+ Certificate_Policies() {}
+ Certificate_Policies(const std::vector<OID>& o) : oids(o) {}
+ private:
+ std::string config_id() const { return "policy_info"; }
+ std::string oid_name() const { return "X509v3.CertificatePolicies"; }
+
+ bool should_encode() const { return (oids.size() > 0); }
+ MemoryVector<byte> encode_inner() const;
+ void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
std::vector<OID> oids;
};
@@ -174,19 +209,40 @@ class Extended_Key_Usage : public Certificate_Extension
class CRL_Number : public Certificate_Extension
{
public:
- CRL_Number(u32bit = 0);
+ CRL_Number() : has_value(false) {}
+ CRL_Number(u32bit n) : has_value(true), crl_number(n) {}
private:
std::string config_id() const { return "crl_number"; }
std::string oid_name() const { return "X509v3.CRLNumber"; }
- bool should_encode() const { return (crl_number != 0); }
-
+ bool should_encode() const { return has_value; }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
+ bool has_value;
u32bit crl_number;
};
+/*************************************************
+* CRL Entry Reason Code Extension *
+*************************************************/
+class CRL_ReasonCode : public Certificate_Extension
+ {
+ public:
+ CRL_ReasonCode(CRL_Code r = UNSPECIFIED) : reason(r) {}
+ private:
+ std::string config_id() const { return "crl_reason"; }
+ std::string oid_name() const { return "X509v3.ReasonCode"; }
+
+ bool should_encode() const { return (reason != UNSPECIFIED); }
+ MemoryVector<byte> encode_inner() const;
+ void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
+
+ CRL_Code reason;
+ };
+
}
}
diff --git a/include/x509_obj.h b/include/x509_obj.h
index 18c1e574b..f7f110a42 100644
--- a/include/x509_obj.h
+++ b/include/x509_obj.h
@@ -22,6 +22,8 @@ class X509_Object
SecureVector<byte> signature() const;
AlgorithmIdentifier signature_algorithm() const;
+ bool check_signature(class X509_PublicKey&) const;
+
void encode(Pipe&, X509_Encoding = PEM) const;
SecureVector<byte> BER_encode() const;
std::string PEM_encode() const;
diff --git a/include/x509cert.h b/include/x509cert.h
index 60534c769..0a6d0ec83 100644
--- a/include/x509cert.h
+++ b/include/x509cert.h
@@ -13,7 +13,7 @@
namespace Botan {
-static const u32bit NO_CERT_PATH_LIMIT = 0xFFFFFFFF;
+static const u32bit NO_CERT_PATH_LIMIT = 0xFFFFFFF0;
/*************************************************
* X.509 Certificate *
@@ -23,36 +23,36 @@ class X509_Certificate : public X509_Object
public:
X509_PublicKey* subject_public_key() const;
- u32bit x509_version() const;
- MemoryVector<byte> serial_number() const;
- MemoryVector<byte> authority_key_id() const;
- MemoryVector<byte> subject_key_id() const;
- Key_Constraints constraints() const;
+ X509_DN issuer_dn() const;
+ X509_DN subject_dn() const;
+ std::string subject_info(const std::string&) const;
+ std::string issuer_info(const std::string&) const;
std::string start_time() const;
std::string end_time() const;
- std::string subject_info(const std::string&) const;
- std::string issuer_info(const std::string&) const;
- X509_DN issuer_dn() const;
- X509_DN subject_dn() const;
+ u32bit x509_version() const;
+ MemoryVector<byte> serial_number() const;
+ MemoryVector<byte> authority_key_id() const;
+ MemoryVector<byte> subject_key_id() const;
bool self_signed() const;
bool is_CA_cert() const;
u32bit path_limit() const;
+ Key_Constraints constraints() const;
std::vector<std::string> ex_constraints() const;
std::vector<std::string> policies() const;
bool operator==(const X509_Certificate&) const;
- void force_decode();
-
X509_Certificate(DataSource&);
X509_Certificate(const std::string&);
private:
friend class X509_CA;
X509_Certificate() {}
+ void force_decode();
+
void handle_v3_extension(const Extension&);
Data_Store info;