diff options
Diffstat (limited to 'src/cert')
-rw-r--r-- | src/cert/x509ca/x509_ca.cpp | 2 | ||||
-rw-r--r-- | src/cert/x509cert/x509_ext.cpp | 20 | ||||
-rw-r--r-- | src/cert/x509store/x509stor.cpp | 46 | ||||
-rw-r--r-- | src/cert/x509store/x509stor.h | 9 |
4 files changed, 38 insertions, 39 deletions
diff --git a/src/cert/x509ca/x509_ca.cpp b/src/cert/x509ca/x509_ca.cpp index be49ec46a..7c0e103d1 100644 --- a/src/cert/x509ca/x509_ca.cpp +++ b/src/cert/x509ca/x509_ca.cpp @@ -94,7 +94,7 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer, const Extensions& extensions) { const u32bit X509_CERT_VERSION = 3; - const u32bit SERIAL_BITS = 128; + const size_t SERIAL_BITS = 128; BigInt serial_no(rng, SERIAL_BITS); diff --git a/src/cert/x509cert/x509_ext.cpp b/src/cert/x509cert/x509_ext.cpp index 616644e5c..88cab96c5 100644 --- a/src/cert/x509cert/x509_ext.cpp +++ b/src/cert/x509cert/x509_ext.cpp @@ -52,11 +52,11 @@ Extensions::Extensions(const Extensions& extensions) : ASN1_Object() */ Extensions& Extensions::operator=(const Extensions& other) { - for(u32bit i = 0; i != extensions.size(); ++i) + for(size_t i = 0; i != extensions.size(); ++i) delete extensions[i].first; extensions.clear(); - for(u32bit i = 0; i != other.extensions.size(); ++i) + for(size_t i = 0; i != other.extensions.size(); ++i) extensions.push_back( std::make_pair(other.extensions[i].first->copy(), other.extensions[i].second)); @@ -82,7 +82,7 @@ void Extensions::add(Certificate_Extension* extn, bool critical) */ void Extensions::encode_into(DER_Encoder& to_object) const { - for(u32bit i = 0; i != extensions.size(); ++i) + for(size_t i = 0; i != extensions.size(); ++i) { const Certificate_Extension* ext = extensions[i].first; const bool is_critical = extensions[i].second; @@ -105,7 +105,7 @@ void Extensions::encode_into(DER_Encoder& to_object) const */ void Extensions::decode_from(BER_Decoder& from_source) { - for(u32bit i = 0; i != extensions.size(); ++i) + for(size_t i = 0; i != extensions.size(); ++i) delete extensions[i].first; extensions.clear(); @@ -148,7 +148,7 @@ void Extensions::decode_from(BER_Decoder& from_source) void Extensions::contents_to(Data_Store& subject_info, Data_Store& issuer_info) const { - for(u32bit i = 0; i != extensions.size(); ++i) + for(size_t i = 0; i != extensions.size(); ++i) extensions[i].first->contents_to(subject_info, issuer_info); } @@ -157,7 +157,7 @@ void Extensions::contents_to(Data_Store& subject_info, */ Extensions::~Extensions() { - for(u32bit i = 0; i != extensions.size(); ++i) + for(size_t i = 0; i != extensions.size(); ++i) delete extensions[i].first; } @@ -222,7 +222,7 @@ MemoryVector<byte> Key_Usage::encode_inner() const if(constraints == NO_CONSTRAINTS) throw Encoding_Error("Cannot encode zero usage constraints"); - const u32bit unused_bits = low_bit(constraints) - 1; + const size_t unused_bits = low_bit(constraints) - 1; MemoryVector<byte> der; der.push_back(BIT_STRING); @@ -257,7 +257,7 @@ void Key_Usage::decode_inner(const MemoryRegion<byte>& in) obj.value[obj.value.size()-1] &= (0xFF << obj.value[0]); u16bit usage = 0; - for(u32bit i = 1; i != obj.value.size(); ++i) + for(size_t i = 1; i != obj.value.size(); ++i) usage = (obj.value[i] << 8) | usage; constraints = Key_Constraints(usage); @@ -429,7 +429,7 @@ void Extended_Key_Usage::decode_inner(const MemoryRegion<byte>& in) */ void Extended_Key_Usage::contents_to(Data_Store& subject, Data_Store&) const { - for(u32bit i = 0; i != oids.size(); ++i) + for(size_t i = 0; i != oids.size(); ++i) subject.add("X509v3.ExtendedKeyUsage", oids[i].as_string()); } @@ -498,7 +498,7 @@ void Certificate_Policies::decode_inner(const MemoryRegion<byte>& in) */ void Certificate_Policies::contents_to(Data_Store& info, Data_Store&) const { - for(u32bit i = 0; i != oids.size(); ++i) + for(size_t i = 0; i != oids.size(); ++i) info.add("X509v3.ExtendedKeyUsage", oids[i].as_string()); } diff --git a/src/cert/x509store/x509stor.cpp b/src/cert/x509store/x509stor.cpp index a06cad0ba..a635b3930 100644 --- a/src/cert/x509store/x509stor.cpp +++ b/src/cert/x509store/x509stor.cpp @@ -186,7 +186,7 @@ X509_Store::X509_Store(const X509_Store& other) certs = other.certs; revoked = other.revoked; revoked_info_valid = other.revoked_info_valid; - for(u32bit j = 0; j != other.stores.size(); ++j) + for(size_t j = 0; j != other.stores.size(); ++j) stores[j] = other.stores[j]->clone(); time_slack = other.time_slack; } @@ -196,7 +196,7 @@ X509_Store::X509_Store(const X509_Store& other) */ X509_Store::~X509_Store() { - for(u32bit j = 0; j != stores.size(); ++j) + for(size_t j = 0; j != stores.size(); ++j) delete stores[j]; } @@ -208,7 +208,7 @@ X509_Code X509_Store::validate_cert(const X509_Certificate& cert, { recompute_revoked_info(); - std::vector<u32bit> indexes; + std::vector<size_t> indexes; X509_Code chaining_result = construct_cert_chain(cert, indexes); if(chaining_result != VERIFIED) return chaining_result; @@ -228,7 +228,7 @@ X509_Code X509_Store::validate_cert(const X509_Certificate& cert, if(is_revoked(cert)) return CERT_IS_REVOKED; - for(u32bit j = 0; j != indexes.size() - 1; ++j) + for(size_t j = 0; j != indexes.size() - 1; ++j) { const X509_Certificate& current_cert = certs[indexes[j]].cert; @@ -251,10 +251,10 @@ X509_Code X509_Store::validate_cert(const X509_Certificate& cert, /* * Find this certificate */ -u32bit X509_Store::find_cert(const X509_DN& subject_dn, +size_t X509_Store::find_cert(const X509_DN& subject_dn, const MemoryRegion<byte>& subject_key_id) const { - for(u32bit j = 0; j != certs.size(); ++j) + for(size_t j = 0; j != certs.size(); ++j) { const X509_Certificate& this_cert = certs[j].cert; if(compare_ids(this_cert.subject_key_id(), subject_key_id) && @@ -267,22 +267,22 @@ u32bit X509_Store::find_cert(const X509_DN& subject_dn, /* * Find the parent of this certificate */ -u32bit X509_Store::find_parent_of(const X509_Certificate& cert) +size_t X509_Store::find_parent_of(const X509_Certificate& cert) { const X509_DN issuer_dn = cert.issuer_dn(); const MemoryVector<byte> auth_key_id = cert.authority_key_id(); - u32bit index = find_cert(issuer_dn, auth_key_id); + size_t index = find_cert(issuer_dn, auth_key_id); if(index != NO_CERT_FOUND) return index; - for(u32bit j = 0; j != stores.size(); ++j) + for(size_t j = 0; j != stores.size(); ++j) { std::vector<X509_Certificate> got = stores[j]->find_cert_by_subject_and_key_id(issuer_dn, auth_key_id); - for(u32bit k = 0; k != got.size(); ++k) + for(size_t k = 0; k != got.size(); ++k) add_cert(got[k]); } @@ -293,10 +293,10 @@ u32bit X509_Store::find_parent_of(const X509_Certificate& cert) * Construct a chain of certificate relationships */ X509_Code X509_Store::construct_cert_chain(const X509_Certificate& end_cert, - std::vector<u32bit>& indexes, + std::vector<size_t>& indexes, bool need_full_chain) { - u32bit parent = find_parent_of(end_cert); + size_t parent = find_parent_of(end_cert); while(true) { @@ -331,7 +331,7 @@ X509_Code X509_Store::construct_cert_chain(const X509_Certificate& end_cert, if(indexes.size() < 2) break; - const u32bit cert = indexes.back(); + const size_t cert = indexes.back(); if(certs[cert].is_verified(validation_cache_timeout)) { @@ -343,8 +343,8 @@ X509_Code X509_Store::construct_cert_chain(const X509_Certificate& end_cert, break; } - const u32bit last_cert = indexes.back(); - const u32bit parent_of_last_cert = find_parent_of(certs[last_cert].cert); + const size_t last_cert = indexes.back(); + const size_t parent_of_last_cert = find_parent_of(certs[last_cert].cert); if(parent_of_last_cert == NO_CERT_FOUND) return CERT_ISSUER_NOT_FOUND; indexes.push_back(parent_of_last_cert); @@ -415,7 +415,7 @@ void X509_Store::recompute_revoked_info() const if(revoked_info_valid) return; - for(u32bit j = 0; j != certs.size(); ++j) + for(size_t j = 0; j != certs.size(); ++j) { if((certs[j].is_verified(validation_cache_timeout)) && (certs[j].verify_result() != VERIFIED)) @@ -450,13 +450,13 @@ std::vector<X509_Certificate> X509_Store::get_cert_chain(const X509_Certificate& cert) { std::vector<X509_Certificate> result; - std::vector<u32bit> indexes; + std::vector<size_t> indexes; X509_Code chaining_result = construct_cert_chain(cert, indexes, true); if(chaining_result != VERIFIED) throw Invalid_State("X509_Store::get_cert_chain: Can't construct chain"); - for(u32bit j = 0; j != indexes.size(); ++j) + for(size_t j = 0; j != indexes.size(); ++j) result.push_back(certs[indexes[j]].cert); return result; } @@ -485,7 +485,7 @@ void X509_Store::add_cert(const X509_Certificate& cert, bool trusted) } else if(trusted) { - for(u32bit j = 0; j != certs.size(); ++j) + for(size_t j = 0; j != certs.size(); ++j) { const X509_Certificate& this_cert = certs[j].cert; if(this_cert == cert) @@ -539,9 +539,9 @@ X509_Code X509_Store::add_crl(const X509_CRL& crl) if(time_check < 0) return CRL_NOT_YET_VALID; else if(time_check > 0) return CRL_HAS_EXPIRED; - u32bit cert_index = NO_CERT_FOUND; + size_t cert_index = NO_CERT_FOUND; - for(u32bit j = 0; j != certs.size(); ++j) + for(size_t j = 0; j != certs.size(); ++j) { const X509_Certificate& this_cert = certs[j].cert; if(compare_ids(this_cert.subject_key_id(), crl.authority_key_id())) @@ -566,7 +566,7 @@ X509_Code X509_Store::add_crl(const X509_CRL& crl) std::vector<CRL_Entry> revoked_certs = crl.get_revoked(); - for(u32bit j = 0; j != revoked_certs.size(); ++j) + for(size_t j = 0; j != revoked_certs.size(); ++j) { CRL_Data revoked_info; revoked_info.issuer = crl.issuer_dn(); @@ -599,7 +599,7 @@ X509_Code X509_Store::add_crl(const X509_CRL& crl) std::string X509_Store::PEM_encode() const { std::string cert_store; - for(u32bit j = 0; j != certs.size(); ++j) + for(size_t j = 0; j != certs.size(); ++j) cert_store += certs[j].cert.PEM_encode(); return cert_store; } diff --git a/src/cert/x509store/x509stor.h b/src/cert/x509store/x509stor.h index 90e83988b..532db6190 100644 --- a/src/cert/x509store/x509stor.h +++ b/src/cert/x509store/x509stor.h @@ -112,19 +112,18 @@ class BOTAN_DLL X509_Store static X509_Code check_sig(const X509_Object&, Public_Key*); - u32bit find_cert(const X509_DN&, const MemoryRegion<byte>&) const; + size_t find_cert(const X509_DN&, const MemoryRegion<byte>&) const; X509_Code check_sig(const Cert_Info&, const Cert_Info&) const; void recompute_revoked_info() const; void do_add_certs(DataSource&, bool); X509_Code construct_cert_chain(const X509_Certificate&, - std::vector<u32bit>&, bool = false); + std::vector<size_t>&, bool = false); - u32bit find_parent_of(const X509_Certificate&); + size_t find_parent_of(const X509_Certificate&); bool is_revoked(const X509_Certificate&) const; - static const u32bit NO_CERT_FOUND = 0xFFFFFFFF; - + static const size_t NO_CERT_FOUND = 0xFFFFFFFF; std::vector<Cert_Info> certs; std::vector<CRL_Data> revoked; std::vector<Certificate_Store*> stores; |