aboutsummaryrefslogtreecommitdiffstats
path: root/src/cert
diff options
context:
space:
mode:
Diffstat (limited to 'src/cert')
-rw-r--r--src/cert/x509ca/x509_ca.cpp2
-rw-r--r--src/cert/x509cert/x509_ext.cpp20
-rw-r--r--src/cert/x509store/x509stor.cpp46
-rw-r--r--src/cert/x509store/x509stor.h9
4 files changed, 38 insertions, 39 deletions
diff --git a/src/cert/x509ca/x509_ca.cpp b/src/cert/x509ca/x509_ca.cpp
index be49ec46a..7c0e103d1 100644
--- a/src/cert/x509ca/x509_ca.cpp
+++ b/src/cert/x509ca/x509_ca.cpp
@@ -94,7 +94,7 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
const Extensions& extensions)
{
const u32bit X509_CERT_VERSION = 3;
- const u32bit SERIAL_BITS = 128;
+ const size_t SERIAL_BITS = 128;
BigInt serial_no(rng, SERIAL_BITS);
diff --git a/src/cert/x509cert/x509_ext.cpp b/src/cert/x509cert/x509_ext.cpp
index 616644e5c..88cab96c5 100644
--- a/src/cert/x509cert/x509_ext.cpp
+++ b/src/cert/x509cert/x509_ext.cpp
@@ -52,11 +52,11 @@ Extensions::Extensions(const Extensions& extensions) : ASN1_Object()
*/
Extensions& Extensions::operator=(const Extensions& other)
{
- for(u32bit i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != extensions.size(); ++i)
delete extensions[i].first;
extensions.clear();
- for(u32bit i = 0; i != other.extensions.size(); ++i)
+ for(size_t i = 0; i != other.extensions.size(); ++i)
extensions.push_back(
std::make_pair(other.extensions[i].first->copy(),
other.extensions[i].second));
@@ -82,7 +82,7 @@ void Extensions::add(Certificate_Extension* extn, bool critical)
*/
void Extensions::encode_into(DER_Encoder& to_object) const
{
- for(u32bit i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != extensions.size(); ++i)
{
const Certificate_Extension* ext = extensions[i].first;
const bool is_critical = extensions[i].second;
@@ -105,7 +105,7 @@ void Extensions::encode_into(DER_Encoder& to_object) const
*/
void Extensions::decode_from(BER_Decoder& from_source)
{
- for(u32bit i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != extensions.size(); ++i)
delete extensions[i].first;
extensions.clear();
@@ -148,7 +148,7 @@ void Extensions::decode_from(BER_Decoder& from_source)
void Extensions::contents_to(Data_Store& subject_info,
Data_Store& issuer_info) const
{
- for(u32bit i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != extensions.size(); ++i)
extensions[i].first->contents_to(subject_info, issuer_info);
}
@@ -157,7 +157,7 @@ void Extensions::contents_to(Data_Store& subject_info,
*/
Extensions::~Extensions()
{
- for(u32bit i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != extensions.size(); ++i)
delete extensions[i].first;
}
@@ -222,7 +222,7 @@ MemoryVector<byte> Key_Usage::encode_inner() const
if(constraints == NO_CONSTRAINTS)
throw Encoding_Error("Cannot encode zero usage constraints");
- const u32bit unused_bits = low_bit(constraints) - 1;
+ const size_t unused_bits = low_bit(constraints) - 1;
MemoryVector<byte> der;
der.push_back(BIT_STRING);
@@ -257,7 +257,7 @@ void Key_Usage::decode_inner(const MemoryRegion<byte>& in)
obj.value[obj.value.size()-1] &= (0xFF << obj.value[0]);
u16bit usage = 0;
- for(u32bit i = 1; i != obj.value.size(); ++i)
+ for(size_t i = 1; i != obj.value.size(); ++i)
usage = (obj.value[i] << 8) | usage;
constraints = Key_Constraints(usage);
@@ -429,7 +429,7 @@ void Extended_Key_Usage::decode_inner(const MemoryRegion<byte>& in)
*/
void Extended_Key_Usage::contents_to(Data_Store& subject, Data_Store&) const
{
- for(u32bit i = 0; i != oids.size(); ++i)
+ for(size_t i = 0; i != oids.size(); ++i)
subject.add("X509v3.ExtendedKeyUsage", oids[i].as_string());
}
@@ -498,7 +498,7 @@ void Certificate_Policies::decode_inner(const MemoryRegion<byte>& in)
*/
void Certificate_Policies::contents_to(Data_Store& info, Data_Store&) const
{
- for(u32bit i = 0; i != oids.size(); ++i)
+ for(size_t i = 0; i != oids.size(); ++i)
info.add("X509v3.ExtendedKeyUsage", oids[i].as_string());
}
diff --git a/src/cert/x509store/x509stor.cpp b/src/cert/x509store/x509stor.cpp
index a06cad0ba..a635b3930 100644
--- a/src/cert/x509store/x509stor.cpp
+++ b/src/cert/x509store/x509stor.cpp
@@ -186,7 +186,7 @@ X509_Store::X509_Store(const X509_Store& other)
certs = other.certs;
revoked = other.revoked;
revoked_info_valid = other.revoked_info_valid;
- for(u32bit j = 0; j != other.stores.size(); ++j)
+ for(size_t j = 0; j != other.stores.size(); ++j)
stores[j] = other.stores[j]->clone();
time_slack = other.time_slack;
}
@@ -196,7 +196,7 @@ X509_Store::X509_Store(const X509_Store& other)
*/
X509_Store::~X509_Store()
{
- for(u32bit j = 0; j != stores.size(); ++j)
+ for(size_t j = 0; j != stores.size(); ++j)
delete stores[j];
}
@@ -208,7 +208,7 @@ X509_Code X509_Store::validate_cert(const X509_Certificate& cert,
{
recompute_revoked_info();
- std::vector<u32bit> indexes;
+ std::vector<size_t> indexes;
X509_Code chaining_result = construct_cert_chain(cert, indexes);
if(chaining_result != VERIFIED)
return chaining_result;
@@ -228,7 +228,7 @@ X509_Code X509_Store::validate_cert(const X509_Certificate& cert,
if(is_revoked(cert))
return CERT_IS_REVOKED;
- for(u32bit j = 0; j != indexes.size() - 1; ++j)
+ for(size_t j = 0; j != indexes.size() - 1; ++j)
{
const X509_Certificate& current_cert = certs[indexes[j]].cert;
@@ -251,10 +251,10 @@ X509_Code X509_Store::validate_cert(const X509_Certificate& cert,
/*
* Find this certificate
*/
-u32bit X509_Store::find_cert(const X509_DN& subject_dn,
+size_t X509_Store::find_cert(const X509_DN& subject_dn,
const MemoryRegion<byte>& subject_key_id) const
{
- for(u32bit j = 0; j != certs.size(); ++j)
+ for(size_t j = 0; j != certs.size(); ++j)
{
const X509_Certificate& this_cert = certs[j].cert;
if(compare_ids(this_cert.subject_key_id(), subject_key_id) &&
@@ -267,22 +267,22 @@ u32bit X509_Store::find_cert(const X509_DN& subject_dn,
/*
* Find the parent of this certificate
*/
-u32bit X509_Store::find_parent_of(const X509_Certificate& cert)
+size_t X509_Store::find_parent_of(const X509_Certificate& cert)
{
const X509_DN issuer_dn = cert.issuer_dn();
const MemoryVector<byte> auth_key_id = cert.authority_key_id();
- u32bit index = find_cert(issuer_dn, auth_key_id);
+ size_t index = find_cert(issuer_dn, auth_key_id);
if(index != NO_CERT_FOUND)
return index;
- for(u32bit j = 0; j != stores.size(); ++j)
+ for(size_t j = 0; j != stores.size(); ++j)
{
std::vector<X509_Certificate> got =
stores[j]->find_cert_by_subject_and_key_id(issuer_dn, auth_key_id);
- for(u32bit k = 0; k != got.size(); ++k)
+ for(size_t k = 0; k != got.size(); ++k)
add_cert(got[k]);
}
@@ -293,10 +293,10 @@ u32bit X509_Store::find_parent_of(const X509_Certificate& cert)
* Construct a chain of certificate relationships
*/
X509_Code X509_Store::construct_cert_chain(const X509_Certificate& end_cert,
- std::vector<u32bit>& indexes,
+ std::vector<size_t>& indexes,
bool need_full_chain)
{
- u32bit parent = find_parent_of(end_cert);
+ size_t parent = find_parent_of(end_cert);
while(true)
{
@@ -331,7 +331,7 @@ X509_Code X509_Store::construct_cert_chain(const X509_Certificate& end_cert,
if(indexes.size() < 2)
break;
- const u32bit cert = indexes.back();
+ const size_t cert = indexes.back();
if(certs[cert].is_verified(validation_cache_timeout))
{
@@ -343,8 +343,8 @@ X509_Code X509_Store::construct_cert_chain(const X509_Certificate& end_cert,
break;
}
- const u32bit last_cert = indexes.back();
- const u32bit parent_of_last_cert = find_parent_of(certs[last_cert].cert);
+ const size_t last_cert = indexes.back();
+ const size_t parent_of_last_cert = find_parent_of(certs[last_cert].cert);
if(parent_of_last_cert == NO_CERT_FOUND)
return CERT_ISSUER_NOT_FOUND;
indexes.push_back(parent_of_last_cert);
@@ -415,7 +415,7 @@ void X509_Store::recompute_revoked_info() const
if(revoked_info_valid)
return;
- for(u32bit j = 0; j != certs.size(); ++j)
+ for(size_t j = 0; j != certs.size(); ++j)
{
if((certs[j].is_verified(validation_cache_timeout)) &&
(certs[j].verify_result() != VERIFIED))
@@ -450,13 +450,13 @@ std::vector<X509_Certificate>
X509_Store::get_cert_chain(const X509_Certificate& cert)
{
std::vector<X509_Certificate> result;
- std::vector<u32bit> indexes;
+ std::vector<size_t> indexes;
X509_Code chaining_result = construct_cert_chain(cert, indexes, true);
if(chaining_result != VERIFIED)
throw Invalid_State("X509_Store::get_cert_chain: Can't construct chain");
- for(u32bit j = 0; j != indexes.size(); ++j)
+ for(size_t j = 0; j != indexes.size(); ++j)
result.push_back(certs[indexes[j]].cert);
return result;
}
@@ -485,7 +485,7 @@ void X509_Store::add_cert(const X509_Certificate& cert, bool trusted)
}
else if(trusted)
{
- for(u32bit j = 0; j != certs.size(); ++j)
+ for(size_t j = 0; j != certs.size(); ++j)
{
const X509_Certificate& this_cert = certs[j].cert;
if(this_cert == cert)
@@ -539,9 +539,9 @@ X509_Code X509_Store::add_crl(const X509_CRL& crl)
if(time_check < 0) return CRL_NOT_YET_VALID;
else if(time_check > 0) return CRL_HAS_EXPIRED;
- u32bit cert_index = NO_CERT_FOUND;
+ size_t cert_index = NO_CERT_FOUND;
- for(u32bit j = 0; j != certs.size(); ++j)
+ for(size_t j = 0; j != certs.size(); ++j)
{
const X509_Certificate& this_cert = certs[j].cert;
if(compare_ids(this_cert.subject_key_id(), crl.authority_key_id()))
@@ -566,7 +566,7 @@ X509_Code X509_Store::add_crl(const X509_CRL& crl)
std::vector<CRL_Entry> revoked_certs = crl.get_revoked();
- for(u32bit j = 0; j != revoked_certs.size(); ++j)
+ for(size_t j = 0; j != revoked_certs.size(); ++j)
{
CRL_Data revoked_info;
revoked_info.issuer = crl.issuer_dn();
@@ -599,7 +599,7 @@ X509_Code X509_Store::add_crl(const X509_CRL& crl)
std::string X509_Store::PEM_encode() const
{
std::string cert_store;
- for(u32bit j = 0; j != certs.size(); ++j)
+ for(size_t j = 0; j != certs.size(); ++j)
cert_store += certs[j].cert.PEM_encode();
return cert_store;
}
diff --git a/src/cert/x509store/x509stor.h b/src/cert/x509store/x509stor.h
index 90e83988b..532db6190 100644
--- a/src/cert/x509store/x509stor.h
+++ b/src/cert/x509store/x509stor.h
@@ -112,19 +112,18 @@ class BOTAN_DLL X509_Store
static X509_Code check_sig(const X509_Object&, Public_Key*);
- u32bit find_cert(const X509_DN&, const MemoryRegion<byte>&) const;
+ size_t find_cert(const X509_DN&, const MemoryRegion<byte>&) const;
X509_Code check_sig(const Cert_Info&, const Cert_Info&) const;
void recompute_revoked_info() const;
void do_add_certs(DataSource&, bool);
X509_Code construct_cert_chain(const X509_Certificate&,
- std::vector<u32bit>&, bool = false);
+ std::vector<size_t>&, bool = false);
- u32bit find_parent_of(const X509_Certificate&);
+ size_t find_parent_of(const X509_Certificate&);
bool is_revoked(const X509_Certificate&) const;
- static const u32bit NO_CERT_FOUND = 0xFFFFFFFF;
-
+ static const size_t NO_CERT_FOUND = 0xFFFFFFFF;
std::vector<Cert_Info> certs;
std::vector<CRL_Data> revoked;
std::vector<Certificate_Store*> stores;