aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/cert
diff options
context:
space:
mode:
authorMatthias Gierlings <[email protected]>2016-04-29 20:44:30 +0200
committerMatthias Gierlings <[email protected]>2016-06-19 18:25:46 +0200
commitd4f3e7c4ac584daa9d7e1ae10cb3412e450e25cf (patch)
tree5541bf045d77110a55f1858e385f54d7b761851b /src/lib/cert
parent23d6f67e76b633077b5de91945f61290ff091e1e (diff)
Reduction of code complexity in TLS classes.
-reduced number of parameters in various methods -reduced cyclomatic complexity (McCabe-Metric) -removed "TLSEXT_HEARTBEAT_SUPPORT" from tls_extensions.h (leftover from heartbeat extension removal?)
Diffstat (limited to 'src/lib/cert')
-rw-r--r--src/lib/cert/x509/x509_ca.cpp19
-rw-r--r--src/lib/cert/x509/x509_ca.h24
-rw-r--r--src/lib/cert/x509/x509self.cpp11
3 files changed, 37 insertions, 17 deletions
diff --git a/src/lib/cert/x509/x509_ca.cpp b/src/lib/cert/x509/x509_ca.cpp
index 147fdd6ad..3f7af77f5 100644
--- a/src/lib/cert/x509/x509_ca.cpp
+++ b/src/lib/cert/x509/x509_ca.cpp
@@ -78,8 +78,10 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
return make_cert(m_signer, rng, m_ca_sig_algo,
req.raw_public_key(),
- not_before, not_after,
- m_cert.subject_dn(), req.subject_dn(),
+ Certificate_Properties(not_before,
+ not_after,
+ m_cert.subject_dn(),
+ req.subject_dn()),
extensions);
}
@@ -90,10 +92,7 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
RandomNumberGenerator& rng,
const AlgorithmIdentifier& sig_algo,
const std::vector<byte>& pub_key,
- const X509_Time& not_before,
- const X509_Time& not_after,
- const X509_DN& issuer_dn,
- const X509_DN& subject_dn,
+ const Certificate_Properties properties,
const Extensions& extensions)
{
const size_t X509_CERT_VERSION = 3;
@@ -112,14 +111,14 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
.encode(serial_no)
.encode(sig_algo)
- .encode(issuer_dn)
+ .encode(properties.get_issuer_dn())
.start_cons(SEQUENCE)
- .encode(not_before)
- .encode(not_after)
+ .encode(properties.get_not_before())
+ .encode(properties.get_not_after())
.end_cons()
- .encode(subject_dn)
+ .encode(properties.get_subject_dn())
.raw_bytes(pub_key)
.start_explicit(3)
diff --git a/src/lib/cert/x509/x509_ca.h b/src/lib/cert/x509/x509_ca.h
index 6ea51cd06..8cedb9db9 100644
--- a/src/lib/cert/x509/x509_ca.h
+++ b/src/lib/cert/x509/x509_ca.h
@@ -22,6 +22,25 @@ namespace Botan {
class BOTAN_DLL X509_CA
{
public:
+ class Certificate_Properties
+ {
+ public:
+ Certificate_Properties(X509_Time not_before, X509_Time not_after,
+ X509_DN issuer_dn, X509_DN subject_dn)
+ : m_not_before(not_before), m_not_after(not_after),
+ m_issuer_dn(issuer_dn), m_subject_dn(subject_dn) {}
+
+ const X509_Time& get_not_before() const { return m_not_before; }
+ const X509_Time& get_not_after() const { return m_not_after; }
+ const X509_DN& get_issuer_dn() const { return m_issuer_dn; }
+ const X509_DN& get_subject_dn() const { return m_subject_dn; }
+
+ private:
+ X509_Time m_not_before;
+ X509_Time m_not_after;
+ X509_DN m_issuer_dn;
+ X509_DN m_subject_dn;
+ };
/**
* Sign a PKCS#10 Request.
@@ -82,10 +101,7 @@ class BOTAN_DLL X509_CA
RandomNumberGenerator& rng,
const AlgorithmIdentifier& sig_algo,
const std::vector<byte>& pub_key,
- const X509_Time& not_before,
- const X509_Time& not_after,
- const X509_DN& issuer_dn,
- const X509_DN& subject_dn,
+ const Certificate_Properties properties,
const Extensions& extensions);
/**
diff --git a/src/lib/cert/x509/x509self.cpp b/src/lib/cert/x509/x509self.cpp
index 8b9aeda09..62f9fc370 100644
--- a/src/lib/cert/x509/x509self.cpp
+++ b/src/lib/cert/x509/x509self.cpp
@@ -75,9 +75,14 @@ X509_Certificate create_self_signed_cert(const X509_Cert_Options& opts,
extensions.add(
new Cert_Extension::Extended_Key_Usage(opts.ex_constraints));
- return X509_CA::make_cert(signer.get(), rng, sig_algo, pub_key,
- opts.start, opts.end,
- subject_dn, subject_dn,
+ return X509_CA::make_cert(signer.get(),
+ rng,
+ sig_algo,
+ pub_key,
+ X509_CA::Certificate_Properties(opts.start,
+ opts.end,
+ subject_dn,
+ subject_dn),
extensions);
}