aboutsummaryrefslogtreecommitdiffstats
path: root/src/cert/x509cert
diff options
context:
space:
mode:
Diffstat (limited to 'src/cert/x509cert')
-rw-r--r--src/cert/x509cert/x509_ext.cpp60
-rw-r--r--src/cert/x509cert/x509_ext.h52
-rw-r--r--src/cert/x509cert/x509_obj.cpp25
-rw-r--r--src/cert/x509cert/x509_obj.h18
-rw-r--r--src/cert/x509cert/x509cert.cpp20
-rw-r--r--src/cert/x509cert/x509cert.h9
6 files changed, 104 insertions, 80 deletions
diff --git a/src/cert/x509cert/x509_ext.cpp b/src/cert/x509cert/x509_ext.cpp
index 6e0befaf3..873de4264 100644
--- a/src/cert/x509cert/x509_ext.cpp
+++ b/src/cert/x509cert/x509_ext.cpp
@@ -114,7 +114,7 @@ void Extensions::decode_from(BER_Decoder& from_source)
while(sequence.more_items())
{
OID oid;
- MemoryVector<byte> value;
+ std::vector<byte> value;
bool critical;
sequence.start_cons(SEQUENCE)
@@ -176,7 +176,7 @@ size_t Basic_Constraints::get_path_limit() const
/*
* Encode the extension
*/
-MemoryVector<byte> Basic_Constraints::encode_inner() const
+std::vector<byte> Basic_Constraints::encode_inner() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -186,13 +186,13 @@ MemoryVector<byte> Basic_Constraints::encode_inner() const
.encode_optional(path_limit, NO_CERT_PATH_LIMIT)
)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Basic_Constraints::decode_inner(const MemoryRegion<byte>& in)
+void Basic_Constraints::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in)
.start_cons(SEQUENCE)
@@ -217,14 +217,14 @@ void Basic_Constraints::contents_to(Data_Store& subject, Data_Store&) const
/*
* Encode the extension
*/
-MemoryVector<byte> Key_Usage::encode_inner() const
+std::vector<byte> Key_Usage::encode_inner() const
{
if(constraints == NO_CONSTRAINTS)
throw Encoding_Error("Cannot encode zero usage constraints");
const size_t unused_bits = low_bit(constraints) - 1;
- MemoryVector<byte> der;
+ std::vector<byte> der;
der.push_back(BIT_STRING);
der.push_back(2 + ((unused_bits < 8) ? 1 : 0));
der.push_back(unused_bits % 8);
@@ -238,7 +238,7 @@ MemoryVector<byte> Key_Usage::encode_inner() const
/*
* Decode the extension
*/
-void Key_Usage::decode_inner(const MemoryRegion<byte>& in)
+void Key_Usage::decode_inner(const std::vector<byte>& in)
{
BER_Decoder ber(in);
@@ -274,15 +274,15 @@ void Key_Usage::contents_to(Data_Store& subject, Data_Store&) const
/*
* Encode the extension
*/
-MemoryVector<byte> Subject_Key_ID::encode_inner() const
+std::vector<byte> Subject_Key_ID::encode_inner() const
{
- return DER_Encoder().encode(key_id, OCTET_STRING).get_contents();
+ return DER_Encoder().encode(key_id, OCTET_STRING).get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Subject_Key_ID::decode_inner(const MemoryRegion<byte>& in)
+void Subject_Key_ID::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in).decode(key_id, OCTET_STRING).verify_end();
}
@@ -298,28 +298,28 @@ void Subject_Key_ID::contents_to(Data_Store& subject, Data_Store&) const
/*
* Subject_Key_ID Constructor
*/
-Subject_Key_ID::Subject_Key_ID(const MemoryRegion<byte>& pub_key)
+Subject_Key_ID::Subject_Key_ID(const std::vector<byte>& pub_key)
{
SHA_160 hash;
- key_id = hash.process(pub_key);
+ key_id = unlock(hash.process(pub_key));
}
/*
* Encode the extension
*/
-MemoryVector<byte> Authority_Key_ID::encode_inner() const
+std::vector<byte> Authority_Key_ID::encode_inner() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
.encode(key_id, OCTET_STRING, ASN1_Tag(0), CONTEXT_SPECIFIC)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Authority_Key_ID::decode_inner(const MemoryRegion<byte>& in)
+void Authority_Key_ID::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in)
.start_cons(SEQUENCE)
@@ -338,15 +338,15 @@ void Authority_Key_ID::contents_to(Data_Store&, Data_Store& issuer) const
/*
* Encode the extension
*/
-MemoryVector<byte> Alternative_Name::encode_inner() const
+std::vector<byte> Alternative_Name::encode_inner() const
{
- return DER_Encoder().encode(alt_name).get_contents();
+ return DER_Encoder().encode(alt_name).get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Alternative_Name::decode_inner(const MemoryRegion<byte>& in)
+void Alternative_Name::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in).decode(alt_name);
}
@@ -404,19 +404,19 @@ Issuer_Alternative_Name::Issuer_Alternative_Name(const AlternativeName& name) :
/*
* Encode the extension
*/
-MemoryVector<byte> Extended_Key_Usage::encode_inner() const
+std::vector<byte> Extended_Key_Usage::encode_inner() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
.encode_list(oids)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Extended_Key_Usage::decode_inner(const MemoryRegion<byte>& in)
+void Extended_Key_Usage::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in)
.start_cons(SEQUENCE)
@@ -467,7 +467,7 @@ class Policy_Information : public ASN1_Object
/*
* Encode the extension
*/
-MemoryVector<byte> Certificate_Policies::encode_inner() const
+std::vector<byte> Certificate_Policies::encode_inner() const
{
std::vector<Policy_Information> policies;
@@ -478,13 +478,13 @@ MemoryVector<byte> Certificate_Policies::encode_inner() const
.start_cons(SEQUENCE)
.encode_list(policies)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Certificate_Policies::decode_inner(const MemoryRegion<byte>& in)
+void Certificate_Policies::decode_inner(const std::vector<byte>& in)
{
std::vector<Policy_Information> policies;
@@ -530,15 +530,15 @@ CRL_Number* CRL_Number::copy() const
/*
* Encode the extension
*/
-MemoryVector<byte> CRL_Number::encode_inner() const
+std::vector<byte> CRL_Number::encode_inner() const
{
- return DER_Encoder().encode(crl_number).get_contents();
+ return DER_Encoder().encode(crl_number).get_contents_unlocked();
}
/*
* Decode the extension
*/
-void CRL_Number::decode_inner(const MemoryRegion<byte>& in)
+void CRL_Number::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in).decode(crl_number);
}
@@ -554,17 +554,17 @@ void CRL_Number::contents_to(Data_Store& info, Data_Store&) const
/*
* Encode the extension
*/
-MemoryVector<byte> CRL_ReasonCode::encode_inner() const
+std::vector<byte> CRL_ReasonCode::encode_inner() const
{
return DER_Encoder()
.encode(static_cast<size_t>(reason), ENUMERATED, UNIVERSAL)
- .get_contents();
+ .get_contents_unlocked();
}
/*
* Decode the extension
*/
-void CRL_ReasonCode::decode_inner(const MemoryRegion<byte>& in)
+void CRL_ReasonCode::decode_inner(const std::vector<byte>& in)
{
size_t reason_code = 0;
BER_Decoder(in).decode(reason_code, ENUMERATED, UNIVERSAL);
diff --git a/src/cert/x509cert/x509_ext.h b/src/cert/x509cert/x509_ext.h
index 8799c5921..ee0e66959 100644
--- a/src/cert/x509cert/x509_ext.h
+++ b/src/cert/x509cert/x509_ext.h
@@ -56,8 +56,8 @@ class BOTAN_DLL Certificate_Extension
protected:
friend class Extensions;
virtual bool should_encode() const { return true; }
- virtual MemoryVector<byte> encode_inner() const = 0;
- virtual void decode_inner(const MemoryRegion<byte>&) = 0;
+ virtual std::vector<byte> encode_inner() const = 0;
+ virtual void decode_inner(const std::vector<byte>&) = 0;
};
/**
@@ -107,8 +107,8 @@ class BOTAN_DLL Basic_Constraints : public Certificate_Extension
std::string config_id() const { return "basic_constraints"; }
std::string oid_name() const { return "X509v3.BasicConstraints"; }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
bool is_ca;
@@ -131,8 +131,8 @@ class BOTAN_DLL Key_Usage : public Certificate_Extension
std::string oid_name() const { return "X509v3.KeyUsage"; }
bool should_encode() const { return (constraints != NO_CONSTRAINTS); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
Key_Constraints constraints;
@@ -147,19 +147,19 @@ class BOTAN_DLL Subject_Key_ID : public Certificate_Extension
Subject_Key_ID* copy() const { return new Subject_Key_ID(key_id); }
Subject_Key_ID() {}
- Subject_Key_ID(const MemoryRegion<byte>&);
+ Subject_Key_ID(const std::vector<byte>&);
- MemoryVector<byte> get_key_id() const { return key_id; }
+ std::vector<byte> get_key_id() const { return key_id; }
private:
std::string config_id() const { return "subject_key_id"; }
std::string oid_name() const { return "X509v3.SubjectKeyIdentifier"; }
bool should_encode() const { return (key_id.size() > 0); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
- MemoryVector<byte> key_id;
+ std::vector<byte> key_id;
};
/**
@@ -171,19 +171,19 @@ class BOTAN_DLL Authority_Key_ID : public Certificate_Extension
Authority_Key_ID* copy() const { return new Authority_Key_ID(key_id); }
Authority_Key_ID() {}
- Authority_Key_ID(const MemoryRegion<byte>& k) : key_id(k) {}
+ Authority_Key_ID(const std::vector<byte>& k) : key_id(k) {}
- MemoryVector<byte> get_key_id() const { return key_id; }
+ std::vector<byte> get_key_id() const { return key_id; }
private:
std::string config_id() const { return "authority_key_id"; }
std::string oid_name() const { return "X509v3.AuthorityKeyIdentifier"; }
bool should_encode() const { return (key_id.size() > 0); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
- MemoryVector<byte> key_id;
+ std::vector<byte> key_id;
};
/**
@@ -204,8 +204,8 @@ class BOTAN_DLL Alternative_Name : public Certificate_Extension
std::string oid_name() const { return oid_name_str; }
bool should_encode() const { return alt_name.has_items(); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
std::string config_name_str, oid_name_str;
@@ -253,8 +253,8 @@ class BOTAN_DLL Extended_Key_Usage : public Certificate_Extension
std::string oid_name() const { return "X509v3.ExtendedKeyUsage"; }
bool should_encode() const { return (oids.size() > 0); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
std::vector<OID> oids;
@@ -278,8 +278,8 @@ class BOTAN_DLL Certificate_Policies : public Certificate_Extension
std::string oid_name() const { return "X509v3.CertificatePolicies"; }
bool should_encode() const { return (oids.size() > 0); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
std::vector<OID> oids;
@@ -302,8 +302,8 @@ class BOTAN_DLL CRL_Number : public Certificate_Extension
std::string oid_name() const { return "X509v3.CRLNumber"; }
bool should_encode() const { return has_value; }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
bool has_value;
@@ -326,8 +326,8 @@ class BOTAN_DLL CRL_ReasonCode : public Certificate_Extension
std::string oid_name() const { return "X509v3.ReasonCode"; }
bool should_encode() const { return (reason != UNSPECIFIED); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
CRL_Code reason;
diff --git a/src/cert/x509cert/x509_obj.cpp b/src/cert/x509cert/x509_obj.cpp
index eff8e2543..5de4049ba 100644
--- a/src/cert/x509cert/x509_obj.cpp
+++ b/src/cert/x509cert/x509_obj.cpp
@@ -27,7 +27,7 @@ X509_Object::X509_Object(DataSource& stream, const std::string& labels)
}
/*
-* Createa a generic X.509 object
+* Create a generic X.509 object
*/
X509_Object::X509_Object(const std::string& file, const std::string& labels)
{
@@ -36,6 +36,15 @@ X509_Object::X509_Object(const std::string& file, const std::string& labels)
}
/*
+* Create a generic X.509 object
+*/
+X509_Object::X509_Object(const std::vector<byte>& vec, const std::string& labels)
+ {
+ DataSource_Memory stream(&vec[0], vec.size());
+ init(stream, labels);
+ }
+
+/*
* Read a PEM or BER X.509 object
*/
void X509_Object::init(DataSource& in, const std::string& labels)
@@ -97,7 +106,7 @@ void X509_Object::encode(Pipe& out, X509_Encoding encoding) const
/*
* Return a BER encoded X.509 object
*/
-MemoryVector<byte> X509_Object::BER_encode() const
+std::vector<byte> X509_Object::BER_encode() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -107,7 +116,7 @@ MemoryVector<byte> X509_Object::BER_encode() const
.encode(sig_algo)
.encode(sig, BIT_STRING)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
@@ -121,7 +130,7 @@ std::string X509_Object::PEM_encode() const
/*
* Return the TBS data
*/
-MemoryVector<byte> X509_Object::tbs_data() const
+std::vector<byte> X509_Object::tbs_data() const
{
return ASN1::put_in_sequence(tbs_bits);
}
@@ -129,7 +138,7 @@ MemoryVector<byte> X509_Object::tbs_data() const
/*
* Return the signature of this object
*/
-MemoryVector<byte> X509_Object::signature() const
+std::vector<byte> X509_Object::signature() const
{
return sig;
}
@@ -201,10 +210,10 @@ bool X509_Object::check_signature(Public_Key& pub_key) const
/*
* Apply the X.509 SIGNED macro
*/
-MemoryVector<byte> X509_Object::make_signed(PK_Signer* signer,
+std::vector<byte> X509_Object::make_signed(PK_Signer* signer,
RandomNumberGenerator& rng,
const AlgorithmIdentifier& algo,
- const MemoryRegion<byte>& tbs_bits)
+ const secure_vector<byte>& tbs_bits)
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -212,7 +221,7 @@ MemoryVector<byte> X509_Object::make_signed(PK_Signer* signer,
.encode(algo)
.encode(signer->sign_message(tbs_bits, rng), BIT_STRING)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
diff --git a/src/cert/x509cert/x509_obj.h b/src/cert/x509cert/x509_obj.h
index 570b00f51..26c9e22bf 100644
--- a/src/cert/x509cert/x509_obj.h
+++ b/src/cert/x509cert/x509_obj.h
@@ -27,12 +27,12 @@ class BOTAN_DLL X509_Object
* The underlying data that is to be or was signed
* @return data that is or was signed
*/
- MemoryVector<byte> tbs_data() const;
+ std::vector<byte> tbs_data() const;
/**
* @return signature on tbs_data()
*/
- MemoryVector<byte> signature() const;
+ std::vector<byte> signature() const;
/**
* @return signature algorithm that was used to generate signature
@@ -52,10 +52,10 @@ class BOTAN_DLL X509_Object
* @param tbs the tbs bits to be signed
* @return signed X509 object
*/
- static MemoryVector<byte> make_signed(class PK_Signer* signer,
- RandomNumberGenerator& rng,
- const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& tbs);
+ static std::vector<byte> make_signed(class PK_Signer* signer,
+ RandomNumberGenerator& rng,
+ const AlgorithmIdentifier& alg_id,
+ const secure_vector<byte>& tbs);
/**
* Check the signature on this data
@@ -75,7 +75,7 @@ class BOTAN_DLL X509_Object
/**
* @return BER encoding of this
*/
- MemoryVector<byte> BER_encode() const;
+ std::vector<byte> BER_encode() const;
/**
* @return PEM encoding of this
@@ -95,15 +95,17 @@ class BOTAN_DLL X509_Object
protected:
X509_Object(DataSource& src, const std::string& pem_labels);
X509_Object(const std::string& file, const std::string& pem_labels);
+ X509_Object(const std::vector<byte>& vec, const std::string& labels);
void do_decode();
X509_Object() {}
AlgorithmIdentifier sig_algo;
- MemoryVector<byte> tbs_bits, sig;
+ std::vector<byte> tbs_bits, sig;
private:
virtual void force_decode() = 0;
void init(DataSource&, const std::string&);
void decode_info(DataSource&);
+
std::vector<std::string> PEM_labels_allowed;
std::string PEM_label_pref;
};
diff --git a/src/cert/x509cert/x509cert.cpp b/src/cert/x509cert/x509cert.cpp
index 4cff28c39..8dc4b8b0c 100644
--- a/src/cert/x509cert/x509cert.cpp
+++ b/src/cert/x509cert/x509cert.cpp
@@ -58,6 +58,16 @@ X509_Certificate::X509_Certificate(const std::string& in) :
}
/*
+* X509_Certificate Constructor
+*/
+X509_Certificate::X509_Certificate(const std::vector<byte>& in) :
+ X509_Object(in, "CERTIFICATE/X509 CERTIFICATE")
+ {
+ self_signed = false;
+ do_decode();
+ }
+
+/*
* Decode the TBSCertificate data
*/
void X509_Certificate::force_decode()
@@ -97,7 +107,7 @@ void X509_Certificate::force_decode()
throw BER_Bad_Tag("X509_Certificate: Unexpected tag for public key",
public_key.type_tag, public_key.class_tag);
- MemoryVector<byte> v2_issuer_key_id, v2_subject_key_id;
+ std::vector<byte> v2_issuer_key_id, v2_subject_key_id;
tbs_cert.decode_optional_string(v2_issuer_key_id, BIT_STRING, 1);
tbs_cert.decode_optional_string(v2_subject_key_id, BIT_STRING, 2);
@@ -129,7 +139,7 @@ void X509_Certificate::force_decode()
subject.add("X509.Certificate.public_key",
PEM_Code::encode(
- ASN1::put_in_sequence(public_key.value),
+ ASN1::put_in_sequence(unlock(public_key.value)),
"PUBLIC KEY"
)
);
@@ -243,7 +253,7 @@ std::vector<std::string> X509_Certificate::policies() const
/*
* Return the authority key id
*/
-MemoryVector<byte> X509_Certificate::authority_key_id() const
+std::vector<byte> X509_Certificate::authority_key_id() const
{
return issuer.get1_memvec("X509v3.AuthorityKeyIdentifier");
}
@@ -251,7 +261,7 @@ MemoryVector<byte> X509_Certificate::authority_key_id() const
/*
* Return the subject key id
*/
-MemoryVector<byte> X509_Certificate::subject_key_id() const
+std::vector<byte> X509_Certificate::subject_key_id() const
{
return subject.get1_memvec("X509v3.SubjectKeyIdentifier");
}
@@ -259,7 +269,7 @@ MemoryVector<byte> X509_Certificate::subject_key_id() const
/*
* Return the certificate serial number
*/
-MemoryVector<byte> X509_Certificate::serial_number() const
+std::vector<byte> X509_Certificate::serial_number() const
{
return subject.get1_memvec("X509.Certificate.serial");
}
diff --git a/src/cert/x509cert/x509cert.h b/src/cert/x509cert/x509cert.h
index 26c57e524..87a8069d6 100644
--- a/src/cert/x509cert/x509cert.h
+++ b/src/cert/x509cert/x509cert.h
@@ -85,19 +85,19 @@ class BOTAN_DLL X509_Certificate : public X509_Object
* Get the serial number of this certificate.
* @return certificates serial number
*/
- MemoryVector<byte> serial_number() const;
+ std::vector<byte> serial_number() const;
/**
* Get the DER encoded AuthorityKeyIdentifier of this certificate.
* @return DER encoded AuthorityKeyIdentifier
*/
- MemoryVector<byte> authority_key_id() const;
+ std::vector<byte> authority_key_id() const;
/**
* Get the DER encoded SubjectKeyIdentifier of this certificate.
* @return DER encoded SubjectKeyIdentifier
*/
- MemoryVector<byte> subject_key_id() const;
+ std::vector<byte> subject_key_id() const;
/**
* Check whether this certificate is self signed.
@@ -176,6 +176,9 @@ class BOTAN_DLL X509_Certificate : public X509_Object
* @param filename the name of the certificate file
*/
X509_Certificate(const std::string& filename);
+
+ X509_Certificate(const std::vector<byte>& in);
+
private:
void force_decode();
friend class X509_CA;