aboutsummaryrefslogtreecommitdiffstats
path: root/include/x509_ext.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/x509_ext.h')
-rw-r--r--include/x509_ext.h84
1 files changed, 70 insertions, 14 deletions
diff --git a/include/x509_ext.h b/include/x509_ext.h
index 7e3b68288..138a334c6 100644
--- a/include/x509_ext.h
+++ b/include/x509_ext.h
@@ -9,54 +9,58 @@
#include <botan/asn1_int.h>
#include <botan/asn1_oid.h>
#include <botan/asn1_obj.h>
+#include <botan/datastor.h>
+#include <botan/enums.h>
namespace Botan {
/*************************************************
* X.509 Certificate Extension *
*************************************************/
-class Certificate_Extension : public ASN1_Object
+class Certificate_Extension
{
public:
- void encode_into(class DER_Encoder&) const;
- void decode_from(class BER_Decoder&);
void maybe_add(class DER_Encoder&) const;
OID oid_of() const;
void make_critical() { critical = true; }
bool is_critical() const { return critical; }
- //virtual std::multimap<std::string, std::string> contents() const = 0;
+ virtual void contents_to(Data_Store&, Data_Store&) const = 0;
virtual std::string config_id() const = 0;
virtual std::string oid_name() const = 0;
Certificate_Extension() { critical = false; }
virtual ~Certificate_Extension() {}
protected:
+ friend class Extensions;
virtual bool should_encode() const { return true; }
virtual MemoryVector<byte> encode_inner() const = 0;
virtual void decode_inner(const MemoryRegion<byte>&) = 0;
private:
- void encode_into(class DER_Encoder&, bool) const;
bool critical;
};
/*************************************************
-* X.509 Certificate Extensions *
+* X.509 Certificate Extension List *
*************************************************/
class Extensions : public ASN1_Object
{
public:
void encode_into(class DER_Encoder&) const;
+ void decode_from(class BER_Decoder&);
+ std::vector<Certificate_Extension*> get() const
+ { return extensions; }
void add(Certificate_Extension* extn)
{ extensions.push_back(extn); }
-
+
~Extensions();
private:
std::vector<Certificate_Extension*> extensions;
};
+
namespace Cert_Extension {
/*************************************************
@@ -65,13 +69,15 @@ namespace Cert_Extension {
class Basic_Constraints : public Certificate_Extension
{
public:
- Basic_Constraints(bool = false, u32bit = 0);
+ Basic_Constraints(bool ca = false, u32bit limit = 0) :
+ is_ca(ca), path_limit(limit) {}
private:
std::string config_id() const { return "basic_constraints"; }
std::string oid_name() const { return "X509v3.BasicConstraints"; }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
bool is_ca;
u32bit path_limit;
@@ -83,7 +89,7 @@ class Basic_Constraints : public Certificate_Extension
class Key_Usage : public Certificate_Extension
{
public:
- Key_Usage(Key_Constraints);
+ Key_Usage(Key_Constraints c = NO_CONSTRAINTS) : constraints(c) {}
private:
std::string config_id() const { return "key_usage"; }
std::string oid_name() const { return "X509v3.KeyUsage"; }
@@ -91,6 +97,7 @@ class Key_Usage : public Certificate_Extension
bool should_encode() const { return (constraints != NO_CONSTRAINTS); }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
Key_Constraints constraints;
};
@@ -101,13 +108,16 @@ class Key_Usage : public Certificate_Extension
class Subject_Key_ID : public Certificate_Extension
{
public:
+ Subject_Key_ID() {}
Subject_Key_ID(const MemoryRegion<byte>&);
private:
std::string config_id() const { return "subject_key_id"; }
std::string oid_name() const { return "X509v3.SubjectKeyIdentifier"; }
+ bool should_encode() const { return (key_id.size() > 0); }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
MemoryVector<byte> key_id;
};
@@ -118,7 +128,8 @@ class Subject_Key_ID : public Certificate_Extension
class Authority_Key_ID : public Certificate_Extension
{
public:
- Authority_Key_ID(const MemoryRegion<byte>&);
+ Authority_Key_ID() {}
+ Authority_Key_ID(const MemoryRegion<byte>& k) : key_id(k) {}
private:
std::string config_id() const { return "authority_key_id"; }
std::string oid_name() const { return "X509v3.AuthorityKeyIdentifier"; }
@@ -126,6 +137,7 @@ class Authority_Key_ID : public Certificate_Extension
bool should_encode() const { return (key_id.size() > 0); }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
MemoryVector<byte> key_id;
};
@@ -145,6 +157,7 @@ class Alternative_Name : public Certificate_Extension
bool should_encode() const { return alt_name.has_items(); }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
std::string config_name_str, oid_name_str;
AlternativeName alt_name;
@@ -156,7 +169,8 @@ class Alternative_Name : public Certificate_Extension
class Extended_Key_Usage : public Certificate_Extension
{
public:
- Extended_Key_Usage(const std::vector<OID>&);
+ Extended_Key_Usage() {}
+ Extended_Key_Usage(const std::vector<OID>& o) : oids(o) {}
private:
std::string config_id() const { return "extended_key_usage"; }
std::string oid_name() const { return "X509v3.ExtendedKeyUsage"; }
@@ -164,6 +178,27 @@ class Extended_Key_Usage : public Certificate_Extension
bool should_encode() const { return (oids.size() > 0); }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
+
+ std::vector<OID> oids;
+ };
+
+/*************************************************
+* Certificate Policies Extension *
+*************************************************/
+class Certificate_Policies : public Certificate_Extension
+ {
+ public:
+ Certificate_Policies() {}
+ Certificate_Policies(const std::vector<OID>& o) : oids(o) {}
+ private:
+ std::string config_id() const { return "policy_info"; }
+ std::string oid_name() const { return "X509v3.CertificatePolicies"; }
+
+ bool should_encode() const { return (oids.size() > 0); }
+ MemoryVector<byte> encode_inner() const;
+ void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
std::vector<OID> oids;
};
@@ -174,19 +209,40 @@ class Extended_Key_Usage : public Certificate_Extension
class CRL_Number : public Certificate_Extension
{
public:
- CRL_Number(u32bit = 0);
+ CRL_Number() : has_value(false) {}
+ CRL_Number(u32bit n) : has_value(true), crl_number(n) {}
private:
std::string config_id() const { return "crl_number"; }
std::string oid_name() const { return "X509v3.CRLNumber"; }
- bool should_encode() const { return (crl_number != 0); }
-
+ bool should_encode() const { return has_value; }
MemoryVector<byte> encode_inner() const;
void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
+ bool has_value;
u32bit crl_number;
};
+/*************************************************
+* CRL Entry Reason Code Extension *
+*************************************************/
+class CRL_ReasonCode : public Certificate_Extension
+ {
+ public:
+ CRL_ReasonCode(CRL_Code r = UNSPECIFIED) : reason(r) {}
+ private:
+ std::string config_id() const { return "crl_reason"; }
+ std::string oid_name() const { return "X509v3.ReasonCode"; }
+
+ bool should_encode() const { return (reason != UNSPECIFIED); }
+ MemoryVector<byte> encode_inner() const;
+ void decode_inner(const MemoryRegion<byte>&);
+ void contents_to(Data_Store&, Data_Store&) const;
+
+ CRL_Code reason;
+ };
+
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-05 01:16:25 +0000