diff options
author | lloyd <[email protected]> | 2012-05-27 02:55:22 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-05-27 02:55:22 +0000 |
commit | b4bdefd0ebcf57d686a383d7460f0ade9fb9883b (patch) | |
tree | 3ccf5f472bf51d565704344d173cf115c9e60004 /src/cert | |
parent | ff8414b174b4a05a80fbcea689babedeea4140fb (diff) |
Several new hooks in X509_Certificate to get raw (from the cert
binary) values which we need for OCSP.
Diffstat (limited to 'src/cert')
-rw-r--r-- | src/cert/x509/x509cert.cpp | 32 | ||||
-rw-r--r-- | src/cert/x509/x509cert.h | 16 |
2 files changed, 39 insertions, 9 deletions
diff --git a/src/cert/x509/x509cert.cpp b/src/cert/x509/x509cert.cpp index d757c2b58..a2dc1d7b5 100644 --- a/src/cert/x509/x509cert.cpp +++ b/src/cert/x509/x509cert.cpp @@ -18,6 +18,7 @@ #include <algorithm> #include <iterator> #include <sstream> +#include <memory> namespace Botan { @@ -102,6 +103,9 @@ void X509_Certificate::force_decode() subject.add(dn_subject.contents()); issuer.add(dn_issuer.contents()); + subject.add("X509.Certificate.dn_bits", ASN1::put_in_sequence(dn_subject.get_bits())); + issuer.add("X509.Certificate.dn_bits", ASN1::put_in_sequence(dn_issuer.get_bits())); + BER_Object public_key = tbs_cert.get_next_object(); if(public_key.type_tag != SEQUENCE || public_key.class_tag != CONSTRUCTED) throw BER_Bad_Tag("X509_Certificate: Unexpected tag for public key", @@ -138,11 +142,7 @@ void X509_Certificate::force_decode() subject.add("X509.Certificate.v2.key_id", v2_subject_key_id); subject.add("X509.Certificate.public_key", - PEM_Code::encode( - ASN1::put_in_sequence(unlock(public_key.value)), - "PUBLIC KEY" - ) - ); + hex_encode(public_key.value)); if(is_CA_cert() && !subject.has_value("X509v3.BasicConstraints.path_constraint")) @@ -201,8 +201,13 @@ X509_Certificate::issuer_info(const std::string& what) const */ Public_Key* X509_Certificate::subject_public_key() const { - DataSource_Memory source(subject.get1("X509.Certificate.public_key")); - return X509::load_key(source); + return X509::load_key( + ASN1::put_in_sequence(this->subject_public_key_bits())); + } + +std::vector<byte> X509_Certificate::subject_public_key_bits() const + { + return hex_decode(subject.get1("X509.Certificate.public_key")); } /* @@ -288,6 +293,11 @@ X509_DN X509_Certificate::issuer_dn() const return create_dn(issuer); } +std::vector<byte> X509_Certificate::raw_issuer_dn() const + { + return issuer.get1_memvec("X509.Certificate.dn_bits"); + } + /* * Return the distinguished name of the subject */ @@ -296,6 +306,11 @@ X509_DN X509_Certificate::subject_dn() const return create_dn(subject); } +std::vector<byte> X509_Certificate::raw_subject_dn() const + { + return subject.get1_memvec("X509.Certificate.dn_bits"); + } + namespace { bool cert_subject_dns_match(const std::string& name, @@ -475,9 +490,8 @@ std::string X509_Certificate::to_string() const if(this->subject_key_id().size()) out << "Subject keyid: " << hex_encode(this->subject_key_id()) << "\n"; - X509_PublicKey* pubkey = this->subject_public_key(); + std::unique_ptr<X509_PublicKey> pubkey(this->subject_public_key()); out << "Public Key:\n" << X509::PEM_encode(*pubkey); - delete pubkey; return out.str(); } diff --git a/src/cert/x509/x509cert.h b/src/cert/x509/x509cert.h index e204fb274..9f8fdadb8 100644 --- a/src/cert/x509/x509cert.h +++ b/src/cert/x509/x509cert.h @@ -30,6 +30,12 @@ class BOTAN_DLL X509_Certificate : public X509_Object Public_Key* subject_public_key() const; /** + * Get the public key associated with this certificate. + * @return subject public key of this certificate + */ + std::vector<byte> subject_public_key_bits() const; + + /** * Get the issuer certificate DN. * @return issuer DN of this certificate */ @@ -64,6 +70,16 @@ class BOTAN_DLL X509_Certificate : public X509_Object std::vector<std::string> issuer_info(const std::string& name) const; /** + * Raw subject DN + */ + std::vector<byte> raw_issuer_dn() const; + + /** + * Raw issuer DN + */ + std::vector<byte> raw_subject_dn() const; + + /** * Get the notBefore of the certificate. * @return notBefore of the certificate */ |