aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/pkcs8.cpp
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-05-22 11:04:15 -0400
committerJack Lloyd <[email protected]>2018-05-22 11:04:15 -0400
commit3789138906cecbcc5e33bb0d5784e6b576171080 (patch)
tree147c442020bec8ad6effe62727fdb6b300d0f7f7 /src/lib/pubkey/pkcs8.cpp
parentcd0bcd90817ece3e4fcba32e06a372580bbe3008 (diff)
DER improvements
Let DER_Encoder write to a user specified vector instead of only to an internal vector. This allows encoding to a std::vector without having to first write to a locked vector and then copying out the result. Add ASN1_Object::BER_encode convenience method. Replaces X509_Object::BER_encode which had the same logic but was restricted to a subtype. This replaces many cases where DER_Encoder was just used to encode a single object (X509_DN, AlgorithmIdentifier, etc).
Diffstat (limited to 'src/lib/pubkey/pkcs8.cpp')
-rw-r--r--src/lib/pubkey/pkcs8.cpp43
1 files changed, 25 insertions, 18 deletions
diff --git a/src/lib/pubkey/pkcs8.cpp b/src/lib/pubkey/pkcs8.cpp
index bea3beec0..1034dfa99 100644
--- a/src/lib/pubkey/pkcs8.cpp
+++ b/src/lib/pubkey/pkcs8.cpp
@@ -192,12 +192,14 @@ std::vector<uint8_t> BER_encode(const Private_Key& key,
pbes2_encrypt_msec(PKCS8::BER_encode(key), pass, msec, nullptr,
pbe_params.first, pbe_params.second, rng);
- return DER_Encoder()
- .start_cons(SEQUENCE)
- .encode(pbe_info.first)
- .encode(pbe_info.second, OCTET_STRING)
- .end_cons()
- .get_contents_unlocked();
+ std::vector<uint8_t> output;
+ DER_Encoder der(output);
+ der.start_cons(SEQUENCE)
+ .encode(pbe_info.first)
+ .encode(pbe_info.second, OCTET_STRING)
+ .end_cons();
+
+ return output;
#else
BOTAN_UNUSED(key, rng, pass, msec, pbe_algo);
throw Encoding_Error("PKCS8::BER_encode cannot encrypt because PBES2 was disabled in build");
@@ -238,12 +240,15 @@ std::vector<uint8_t> BER_encode_encrypted_pbkdf_iter(const Private_Key& key,
pbkdf_hash.empty() ? "SHA-256" : pbkdf_hash,
rng);
- return DER_Encoder()
- .start_cons(SEQUENCE)
- .encode(pbe_info.first)
- .encode(pbe_info.second, OCTET_STRING)
- .end_cons()
- .get_contents_unlocked();
+ std::vector<uint8_t> output;
+ DER_Encoder der(output);
+ der.start_cons(SEQUENCE)
+ .encode(pbe_info.first)
+ .encode(pbe_info.second, OCTET_STRING)
+ .end_cons();
+
+ return output;
+
#else
BOTAN_UNUSED(key, rng, pass, pbkdf_iterations, cipher, pbkdf_hash);
throw Encoding_Error("PKCS8::BER_encode_encrypted_pbkdf_iter cannot encrypt because PBES2 disabled in build");
@@ -284,12 +289,14 @@ std::vector<uint8_t> BER_encode_encrypted_pbkdf_msec(const Private_Key& key,
pbkdf_hash.empty() ? "SHA-256" : pbkdf_hash,
rng);
- return DER_Encoder()
- .start_cons(SEQUENCE)
- .encode(pbe_info.first)
- .encode(pbe_info.second, OCTET_STRING)
- .end_cons()
- .get_contents_unlocked();
+ std::vector<uint8_t> output;
+ DER_Encoder(output)
+ .start_cons(SEQUENCE)
+ .encode(pbe_info.first)
+ .encode(pbe_info.second, OCTET_STRING)
+ .end_cons();
+
+ return output;
#else
BOTAN_UNUSED(key, rng, pass, pbkdf_msec, pbkdf_iterations, cipher, pbkdf_hash);
throw Encoding_Error("BER_encode_encrypted_pbkdf_msec cannot encrypt because PBES2 disabled in build");