aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/cert/x509
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/cert/x509')
-rw-r--r--src/lib/cert/x509/crl_ent.cpp28
-rw-r--r--src/lib/cert/x509/crl_ent.h14
-rw-r--r--src/lib/cert/x509/pkcs10.cpp30
-rw-r--r--src/lib/cert/x509/pkcs10.h2
-rw-r--r--src/lib/cert/x509/x509_ca.cpp24
-rw-r--r--src/lib/cert/x509/x509_ca.h6
-rw-r--r--src/lib/cert/x509/x509_crl.cpp42
-rw-r--r--src/lib/cert/x509/x509_crl.h6
-rw-r--r--src/lib/cert/x509/x509_ext.cpp53
-rw-r--r--src/lib/cert/x509/x509_ext.h12
-rw-r--r--src/lib/cert/x509/x509_obj.cpp48
-rw-r--r--src/lib/cert/x509/x509_obj.h8
-rw-r--r--src/lib/cert/x509/x509cert.cpp102
-rw-r--r--src/lib/cert/x509/x509cert.h6
14 files changed, 191 insertions, 190 deletions
diff --git a/src/lib/cert/x509/crl_ent.cpp b/src/lib/cert/x509/crl_ent.cpp
index 1f2069baa..d6923f714 100644
--- a/src/lib/cert/x509/crl_ent.cpp
+++ b/src/lib/cert/x509/crl_ent.cpp
@@ -18,20 +18,20 @@ namespace Botan {
* Create a CRL_Entry
*/
CRL_Entry::CRL_Entry(bool t_on_unknown_crit) :
- throw_on_unknown_critical(t_on_unknown_crit)
+ m_throw_on_unknown_critical(t_on_unknown_crit)
{
- reason = UNSPECIFIED;
+ m_reason = UNSPECIFIED;
}
/*
* Create a CRL_Entry
*/
CRL_Entry::CRL_Entry(const X509_Certificate& cert, CRL_Code why) :
- throw_on_unknown_critical(false)
+ m_throw_on_unknown_critical(false)
{
- serial = cert.serial_number();
- time = X509_Time(std::chrono::system_clock::now());
- reason = why;
+ m_serial = cert.serial_number();
+ m_time = X509_Time(std::chrono::system_clock::now());
+ m_reason = why;
}
/*
@@ -63,11 +63,11 @@ void CRL_Entry::encode_into(DER_Encoder& der) const
{
Extensions extensions;
- extensions.add(new Cert_Extension::CRL_ReasonCode(reason));
+ extensions.add(new Cert_Extension::CRL_ReasonCode(m_reason));
der.start_cons(SEQUENCE)
- .encode(BigInt::decode(serial))
- .encode(time)
+ .encode(BigInt::decode(m_serial))
+ .encode(m_time)
.start_cons(SEQUENCE)
.encode(extensions)
.end_cons()
@@ -80,24 +80,24 @@ void CRL_Entry::encode_into(DER_Encoder& der) const
void CRL_Entry::decode_from(BER_Decoder& source)
{
BigInt serial_number_bn;
- reason = UNSPECIFIED;
+ m_reason = UNSPECIFIED;
BER_Decoder entry = source.start_cons(SEQUENCE);
- entry.decode(serial_number_bn).decode(time);
+ entry.decode(serial_number_bn).decode(m_time);
if(entry.more_items())
{
- Extensions extensions(throw_on_unknown_critical);
+ Extensions extensions(m_throw_on_unknown_critical);
entry.decode(extensions);
Data_Store info;
extensions.contents_to(info, info);
- reason = CRL_Code(info.get1_u32bit("X509v3.CRLReasonCode"));
+ m_reason = CRL_Code(info.get1_u32bit("X509v3.CRLReasonCode"));
}
entry.end_cons();
- serial = BigInt::encode(serial_number_bn);
+ m_serial = BigInt::encode(serial_number_bn);
}
}
diff --git a/src/lib/cert/x509/crl_ent.h b/src/lib/cert/x509/crl_ent.h
index 42cb25fe3..1b8f4b7cd 100644
--- a/src/lib/cert/x509/crl_ent.h
+++ b/src/lib/cert/x509/crl_ent.h
@@ -46,19 +46,19 @@ class BOTAN_DLL CRL_Entry : public ASN1_Object
* Get the serial number of the certificate associated with this entry.
* @return certificate's serial number
*/
- std::vector<byte> serial_number() const { return serial; }
+ std::vector<byte> serial_number() const { return m_serial; }
/**
* Get the revocation date of the certificate associated with this entry
* @return certificate's revocation date
*/
- X509_Time expire_time() const { return time; }
+ X509_Time expire_time() const { return m_time; }
/**
* Get the entries reason code
* @return reason code
*/
- CRL_Code reason_code() const { return reason; }
+ CRL_Code reason_code() const { return m_reason; }
/**
* Construct an empty CRL entry.
@@ -74,10 +74,10 @@ class BOTAN_DLL CRL_Entry : public ASN1_Object
CRL_Code reason = UNSPECIFIED);
private:
- bool throw_on_unknown_critical;
- std::vector<byte> serial;
- X509_Time time;
- CRL_Code reason;
+ bool m_throw_on_unknown_critical;
+ std::vector<byte> m_serial;
+ X509_Time m_time;
+ CRL_Code m_reason;
};
/**
diff --git a/src/lib/cert/x509/pkcs10.cpp b/src/lib/cert/x509/pkcs10.cpp
index cb4be6d5f..40a9894cc 100644
--- a/src/lib/cert/x509/pkcs10.cpp
+++ b/src/lib/cert/x509/pkcs10.cpp
@@ -48,7 +48,7 @@ PKCS10_Request::PKCS10_Request(const std::vector<byte>& in) :
*/
void PKCS10_Request::force_decode()
{
- BER_Decoder cert_req_info(tbs_bits);
+ BER_Decoder cert_req_info(m_tbs_bits);
size_t version;
cert_req_info.decode(version);
@@ -59,14 +59,14 @@ void PKCS10_Request::force_decode()
X509_DN dn_subject;
cert_req_info.decode(dn_subject);
- info.add(dn_subject.contents());
+ m_info.add(dn_subject.contents());
BER_Object public_key = cert_req_info.get_next_object();
if(public_key.type_tag != SEQUENCE || public_key.class_tag != CONSTRUCTED)
throw BER_Bad_Tag("PKCS10_Request: Unexpected tag for public key",
public_key.type_tag, public_key.class_tag);
- info.add("X509.Certificate.public_key",
+ m_info.add("X509.Certificate.public_key",
PEM_Code::encode(
ASN1::put_in_sequence(unlock(public_key.value)),
"PUBLIC KEY"
@@ -108,13 +108,13 @@ void PKCS10_Request::handle_attribute(const Attribute& attr)
{
ASN1_String email;
value.decode(email);
- info.add("RFC822", email.value());
+ m_info.add("RFC822", email.value());
}
else if(attr.oid == OIDS::lookup("PKCS9.ChallengePassword"))
{
ASN1_String challenge_password;
value.decode(challenge_password);
- info.add("PKCS9.ChallengePassword", challenge_password.value());
+ m_info.add("PKCS9.ChallengePassword", challenge_password.value());
}
else if(attr.oid == OIDS::lookup("PKCS9.ExtensionRequest"))
{
@@ -122,7 +122,7 @@ void PKCS10_Request::handle_attribute(const Attribute& attr)
value.decode(extensions).verify_end();
Data_Store issuer_info;
- extensions.contents_to(info, issuer_info);
+ extensions.contents_to(m_info, issuer_info);
}
}
@@ -131,7 +131,7 @@ void PKCS10_Request::handle_attribute(const Attribute& attr)
*/
std::string PKCS10_Request::challenge_password() const
{
- return info.get1("PKCS9.ChallengePassword");
+ return m_info.get1("PKCS9.ChallengePassword");
}
/*
@@ -139,7 +139,7 @@ std::string PKCS10_Request::challenge_password() const
*/
X509_DN PKCS10_Request::subject_dn() const
{
- return create_dn(info);
+ return create_dn(m_info);
}
/*
@@ -147,7 +147,7 @@ X509_DN PKCS10_Request::subject_dn() const
*/
std::vector<byte> PKCS10_Request::raw_public_key() const
{
- DataSource_Memory source(info.get1("X509.Certificate.public_key"));
+ DataSource_Memory source(m_info.get1("X509.Certificate.public_key"));
return unlock(PEM_Code::decode_check_label(source, "PUBLIC KEY"));
}
@@ -156,7 +156,7 @@ std::vector<byte> PKCS10_Request::raw_public_key() const
*/
Public_Key* PKCS10_Request::subject_public_key() const
{
- DataSource_Memory source(info.get1("X509.Certificate.public_key"));
+ DataSource_Memory source(m_info.get1("X509.Certificate.public_key"));
return X509::load_key(source);
}
@@ -165,7 +165,7 @@ Public_Key* PKCS10_Request::subject_public_key() const
*/
AlternativeName PKCS10_Request::subject_alt_name() const
{
- return create_alt_name(info);
+ return create_alt_name(m_info);
}
/*
@@ -173,7 +173,7 @@ AlternativeName PKCS10_Request::subject_alt_name() const
*/
Key_Constraints PKCS10_Request::constraints() const
{
- return Key_Constraints(info.get1_u32bit("X509v3.KeyUsage", NO_CONSTRAINTS));
+ return Key_Constraints(m_info.get1_u32bit("X509v3.KeyUsage", NO_CONSTRAINTS));
}
/*
@@ -181,7 +181,7 @@ Key_Constraints PKCS10_Request::constraints() const
*/
std::vector<OID> PKCS10_Request::ex_constraints() const
{
- std::vector<std::string> oids = info.get("X509v3.ExtendedKeyUsage");
+ std::vector<std::string> oids = m_info.get("X509v3.ExtendedKeyUsage");
std::vector<OID> result;
for(size_t i = 0; i != oids.size(); ++i)
@@ -194,7 +194,7 @@ std::vector<OID> PKCS10_Request::ex_constraints() const
*/
bool PKCS10_Request::is_CA() const
{
- return (info.get1_u32bit("X509v3.BasicConstraints.is_ca") > 0);
+ return (m_info.get1_u32bit("X509v3.BasicConstraints.is_ca") > 0);
}
/*
@@ -202,7 +202,7 @@ bool PKCS10_Request::is_CA() const
*/
u32bit PKCS10_Request::path_limit() const
{
- return info.get1_u32bit("X509v3.BasicConstraints.path_constraint", 0);
+ return m_info.get1_u32bit("X509v3.BasicConstraints.path_constraint", 0);
}
}
diff --git a/src/lib/cert/x509/pkcs10.h b/src/lib/cert/x509/pkcs10.h
index 6aa66fbfd..999395f93 100644
--- a/src/lib/cert/x509/pkcs10.h
+++ b/src/lib/cert/x509/pkcs10.h
@@ -102,7 +102,7 @@ class BOTAN_DLL PKCS10_Request : public X509_Object
void force_decode() override;
void handle_attribute(const Attribute&);
- Data_Store info;
+ Data_Store m_info;
};
}
diff --git a/src/lib/cert/x509/x509_ca.cpp b/src/lib/cert/x509/x509_ca.cpp
index d329bfdd8..46c8c65f2 100644
--- a/src/lib/cert/x509/x509_ca.cpp
+++ b/src/lib/cert/x509/x509_ca.cpp
@@ -26,12 +26,12 @@ namespace Botan {
*/
X509_CA::X509_CA(const X509_Certificate& c,
const Private_Key& key,
- const std::string& hash_fn) : cert(c)
+ const std::string& hash_fn) : m_cert(c)
{
- if(!cert.is_CA_cert())
+ if(!m_cert.is_CA_cert())
throw Invalid_Argument("X509_CA: This certificate is not for a CA");
- signer = choose_sig_format(key, hash_fn, ca_sig_algo);
+ m_signer = choose_sig_format(key, hash_fn, m_ca_sig_algo);
}
/*
@@ -39,7 +39,7 @@ X509_CA::X509_CA(const X509_Certificate& c,
*/
X509_CA::~X509_CA()
{
- delete signer;
+ delete m_signer;
}
/*
@@ -67,7 +67,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
extensions.add(new Cert_Extension::Key_Usage(constraints), true);
- extensions.add(new Cert_Extension::Authority_Key_ID(cert.subject_key_id()));
+ extensions.add(new Cert_Extension::Authority_Key_ID(m_cert.subject_key_id()));
extensions.add(new Cert_Extension::Subject_Key_ID(req.raw_public_key()));
extensions.add(
@@ -76,10 +76,10 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
extensions.add(
new Cert_Extension::Extended_Key_Usage(req.ex_constraints()));
- return make_cert(signer, rng, ca_sig_algo,
+ return make_cert(m_signer, rng, m_ca_sig_algo,
req.raw_public_key(),
not_before, not_after,
- cert.subject_dn(), req.subject_dn(),
+ m_cert.subject_dn(), req.subject_dn(),
extensions);
}
@@ -177,16 +177,16 @@ X509_CRL X509_CA::make_crl(const std::vector<CRL_Entry>& revoked,
Extensions extensions;
extensions.add(
- new Cert_Extension::Authority_Key_ID(cert.subject_key_id()));
+ new Cert_Extension::Authority_Key_ID(m_cert.subject_key_id()));
extensions.add(new Cert_Extension::CRL_Number(crl_number));
// clang-format off
const std::vector<byte> crl = X509_Object::make_signed(
- signer, rng, ca_sig_algo,
+ m_signer, rng, m_ca_sig_algo,
DER_Encoder().start_cons(SEQUENCE)
.encode(X509_CRL_VERSION-1)
- .encode(ca_sig_algo)
- .encode(cert.issuer_dn())
+ .encode(m_ca_sig_algo)
+ .encode(m_cert.issuer_dn())
.encode(X509_Time(current_time))
.encode(X509_Time(expire_time))
.encode_if(revoked.size() > 0,
@@ -212,7 +212,7 @@ X509_CRL X509_CA::make_crl(const std::vector<CRL_Entry>& revoked,
*/
X509_Certificate X509_CA::ca_certificate() const
{
- return cert;
+ return m_cert;
}
/*
diff --git a/src/lib/cert/x509/x509_ca.h b/src/lib/cert/x509/x509_ca.h
index 2e05258e3..6ea51cd06 100644
--- a/src/lib/cert/x509/x509_ca.h
+++ b/src/lib/cert/x509/x509_ca.h
@@ -107,9 +107,9 @@ class BOTAN_DLL X509_CA
u32bit crl_number, u32bit next_update,
RandomNumberGenerator& rng) const;
- AlgorithmIdentifier ca_sig_algo;
- X509_Certificate cert;
- PK_Signer* signer;
+ AlgorithmIdentifier m_ca_sig_algo;
+ X509_Certificate m_cert;
+ PK_Signer* m_signer;
};
/**
diff --git a/src/lib/cert/x509/x509_crl.cpp b/src/lib/cert/x509/x509_crl.cpp
index 8b6d1522b..64cb1b308 100644
--- a/src/lib/cert/x509/x509_crl.cpp
+++ b/src/lib/cert/x509/x509_crl.cpp
@@ -19,7 +19,7 @@ namespace Botan {
* Load a X.509 CRL
*/
X509_CRL::X509_CRL(DataSource& in, bool touc) :
- X509_Object(in, "X509 CRL/CRL"), throw_on_unknown_critical(touc)
+ X509_Object(in, "X509 CRL/CRL"), m_throw_on_unknown_critical(touc)
{
do_decode();
}
@@ -28,13 +28,13 @@ X509_CRL::X509_CRL(DataSource& in, bool touc) :
* Load a X.509 CRL
*/
X509_CRL::X509_CRL(const std::string& in, bool touc) :
- X509_Object(in, "CRL/X509 CRL"), throw_on_unknown_critical(touc)
+ X509_Object(in, "CRL/X509 CRL"), m_throw_on_unknown_critical(touc)
{
do_decode();
}
X509_CRL::X509_CRL(const std::vector<byte>& in, bool touc) :
- X509_Object(in, "CRL/X509 CRL"), throw_on_unknown_critical(touc)
+ X509_Object(in, "CRL/X509 CRL"), m_throw_on_unknown_critical(touc)
{
do_decode();
}
@@ -62,11 +62,11 @@ bool X509_CRL::is_revoked(const X509_Certificate& cert) const
bool is_revoked = false;
- for(size_t i = 0; i != revoked.size(); ++i)
+ for(size_t i = 0; i != m_revoked.size(); ++i)
{
- if(cert_serial == revoked[i].serial_number())
+ if(cert_serial == m_revoked[i].serial_number())
{
- if(revoked[i].reason_code() == REMOVE_FROM_CRL)
+ if(m_revoked[i].reason_code() == REMOVE_FROM_CRL)
is_revoked = false;
else
is_revoked = true;
@@ -81,7 +81,7 @@ bool X509_CRL::is_revoked(const X509_Certificate& cert) const
*/
void X509_CRL::force_decode()
{
- BER_Decoder tbs_crl(tbs_bits);
+ BER_Decoder tbs_crl(m_tbs_bits);
size_t version;
tbs_crl.decode_optional(version, INTEGER, UNIVERSAL);
@@ -93,17 +93,17 @@ void X509_CRL::force_decode()
AlgorithmIdentifier sig_algo_inner;
tbs_crl.decode(sig_algo_inner);
- if(sig_algo != sig_algo_inner)
+ if(m_sig_algo != sig_algo_inner)
throw X509_CRL_Error("Algorithm identifier mismatch");
X509_DN dn_issuer;
tbs_crl.decode(dn_issuer);
- info.add(dn_issuer.contents());
+ m_info.add(dn_issuer.contents());
X509_Time start, end;
tbs_crl.decode(start).decode(end);
- info.add("X509.CRL.start", start.to_string());
- info.add("X509.CRL.end", end.to_string());
+ m_info.add("X509.CRL.start", start.to_string());
+ m_info.add("X509.CRL.end", end.to_string());
BER_Object next = tbs_crl.get_next_object();
@@ -113,9 +113,9 @@ void X509_CRL::force_decode()
while(cert_list.more_items())
{
- CRL_Entry entry(throw_on_unknown_critical);
+ CRL_Entry entry(m_throw_on_unknown_critical);
cert_list.decode(entry);
- revoked.push_back(entry);
+ m_revoked.push_back(entry);
}
next = tbs_crl.get_next_object();
}
@@ -125,11 +125,11 @@ void X509_CRL::force_decode()
{
BER_Decoder crl_options(next.value);
- Extensions extensions(throw_on_unknown_critical);
+ Extensions extensions(m_throw_on_unknown_critical);
crl_options.decode(extensions).verify_end();
- extensions.contents_to(info, info);
+ extensions.contents_to(m_info, m_info);
next = tbs_crl.get_next_object();
}
@@ -145,7 +145,7 @@ void X509_CRL::force_decode()
*/
std::vector<CRL_Entry> X509_CRL::get_revoked() const
{
- return revoked;
+ return m_revoked;
}
/*
@@ -153,7 +153,7 @@ std::vector<CRL_Entry> X509_CRL::get_revoked() const
*/
X509_DN X509_CRL::issuer_dn() const
{
- return create_dn(info);
+ return create_dn(m_info);
}
/*
@@ -161,7 +161,7 @@ X509_DN X509_CRL::issuer_dn() const
*/
std::vector<byte> X509_CRL::authority_key_id() const
{
- return info.get1_memvec("X509v3.AuthorityKeyIdentifier");
+ return m_info.get1_memvec("X509v3.AuthorityKeyIdentifier");
}
/*
@@ -169,7 +169,7 @@ std::vector<byte> X509_CRL::authority_key_id() const
*/
u32bit X509_CRL::crl_number() const
{
- return info.get1_u32bit("X509v3.CRLNumber");
+ return m_info.get1_u32bit("X509v3.CRLNumber");
}
/*
@@ -177,7 +177,7 @@ u32bit X509_CRL::crl_number() const
*/
X509_Time X509_CRL::this_update() const
{
- return X509_Time(info.get1("X509.CRL.start"), ASN1_Tag::UTC_OR_GENERALIZED_TIME);
+ return X509_Time(m_info.get1("X509.CRL.start"), ASN1_Tag::UTC_OR_GENERALIZED_TIME);
}
/*
@@ -185,7 +185,7 @@ X509_Time X509_CRL::this_update() const
*/
X509_Time X509_CRL::next_update() const
{
- return X509_Time(info.get1("X509.CRL.end"), ASN1_Tag::UTC_OR_GENERALIZED_TIME);
+ return X509_Time(m_info.get1("X509.CRL.end"), ASN1_Tag::UTC_OR_GENERALIZED_TIME);
}
}
diff --git a/src/lib/cert/x509/x509_crl.h b/src/lib/cert/x509/x509_crl.h
index a9a8e80cf..b3c0c1349 100644
--- a/src/lib/cert/x509/x509_crl.h
+++ b/src/lib/cert/x509/x509_crl.h
@@ -101,9 +101,9 @@ class BOTAN_DLL X509_CRL : public X509_Object
private:
void force_decode() override;
- bool throw_on_unknown_critical;
- std::vector<CRL_Entry> revoked;
- Data_Store info;
+ bool m_throw_on_unknown_critical;
+ std::vector<CRL_Entry> m_revoked;
+ Data_Store m_info;
};
}
diff --git a/src/lib/cert/x509/x509_ext.cpp b/src/lib/cert/x509/x509_ext.cpp
index a05d27d3e..78c75f271 100644
--- a/src/lib/cert/x509/x509_ext.cpp
+++ b/src/lib/cert/x509/x509_ext.cpp
@@ -54,14 +54,14 @@ Extensions::Extensions(const Extensions& extensions) : ASN1_Object()
*/
Extensions& Extensions::operator=(const Extensions& other)
{
- for(size_t i = 0; i != extensions.size(); ++i)
- delete extensions[i].first;
- extensions.clear();
+ for(size_t i = 0; i != m_extensions.size(); ++i)
+ delete m_extensions[i].first;
+ m_extensions.clear();
- for(size_t i = 0; i != other.extensions.size(); ++i)
- extensions.push_back(
- std::make_pair(other.extensions[i].first->copy(),
- other.extensions[i].second));
+ for(size_t i = 0; i != other.m_extensions.size(); ++i)
+ m_extensions.push_back(
+ std::make_pair(other.m_extensions[i].first->copy(),
+ other.m_extensions[i].second));
m_throw_on_unknown_critical = other.m_throw_on_unknown_critical;
@@ -78,7 +78,7 @@ OID Certificate_Extension::oid_of() const
void Extensions::add(Certificate_Extension* extn, bool critical)
{
- extensions.push_back(std::make_pair(extn, critical));
+ m_extensions.push_back(std::make_pair(extn, critical));
}
/*
@@ -86,10 +86,10 @@ void Extensions::add(Certificate_Extension* extn, bool critical)
*/
void Extensions::encode_into(DER_Encoder& to_object) const
{
- for(size_t i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != m_extensions.size(); ++i)
{
- const Certificate_Extension* ext = extensions[i].first;
- const bool is_critical = extensions[i].second;
+ const Certificate_Extension* ext = m_extensions[i].first;
+ const bool is_critical = m_extensions[i].second;
const bool should_encode = ext->should_encode();
@@ -109,9 +109,9 @@ void Extensions::encode_into(DER_Encoder& to_object) const
*/
void Extensions::decode_from(BER_Decoder& from_source)
{
- for(size_t i = 0; i != extensions.size(); ++i)
- delete extensions[i].first;
- extensions.clear();
+ for(size_t i = 0; i != m_extensions.size(); ++i)
+ delete m_extensions[i].first;
+ m_extensions.clear();
BER_Decoder sequence = from_source.start_cons(SEQUENCE);
@@ -146,7 +146,7 @@ void Extensions::decode_from(BER_Decoder& from_source)
oid.as_string() + ": " + e.what());
}
- extensions.push_back(std::make_pair(ext, critical));
+ m_extensions.push_back(std::make_pair(ext, critical));
}
}
@@ -159,8 +159,8 @@ void Extensions::decode_from(BER_Decoder& from_source)
void Extensions::contents_to(Data_Store& subject_info,
Data_Store& issuer_info) const
{
- for(size_t i = 0; i != extensions.size(); ++i)
- extensions[i].first->contents_to(subject_info, issuer_info);
+ for(size_t i = 0; i != m_extensions.size(); ++i)
+ m_extensions[i].first->contents_to(subject_info, issuer_info);
}
/*
@@ -168,8 +168,8 @@ void Extensions::contents_to(Data_Store& subject_info,
*/
Extensions::~Extensions()
{
- for(size_t i = 0; i != extensions.size(); ++i)
- delete extensions[i].first;
+ for(size_t i = 0; i != m_extensions.size(); ++i)
+ delete m_extensions[i].first;
}
namespace Cert_Extension {
@@ -351,7 +351,7 @@ void Authority_Key_ID::contents_to(Data_Store&, Data_Store& issuer) const
*/
std::vector<byte> Alternative_Name::encode_inner() const
{
- return DER_Encoder().encode(alt_name).get_contents_unlocked();
+ return DER_Encoder().encode(m_alt_name).get_contents_unlocked();
}
/*
@@ -359,7 +359,7 @@ std::vector<byte> Alternative_Name::encode_inner() const
*/
void Alternative_Name::decode_inner(const std::vector<byte>& in)
{
- BER_Decoder(in).decode(alt_name);
+ BER_Decoder(in).decode(m_alt_name);
}
/*
@@ -371,13 +371,13 @@ void Alternative_Name::contents_to(Data_Store& subject_info,
std::multimap<std::string, std::string> contents =
get_alt_name().contents();
- if(oid_name_str == "X509v3.SubjectAlternativeName")
+ if(m_oid_name_str == "X509v3.SubjectAlternativeName")
subject_info.add(contents);
- else if(oid_name_str == "X509v3.IssuerAlternativeName")
+ else if(m_oid_name_str == "X509v3.IssuerAlternativeName")
issuer_info.add(contents);
else
throw Internal_Error("In Alternative_Name, unknown type " +
- oid_name_str);
+ m_oid_name_str);
}
/*
@@ -386,8 +386,8 @@ void Alternative_Name::contents_to(Data_Store& subject_info,
Alternative_Name::Alternative_Name(const AlternativeName& alt_name,
const std::string& oid_name_str)
{
- this->alt_name = alt_name;
- this->oid_name_str = oid_name_str;
+ this->m_alt_name = alt_name;
+ this->m_oid_name_str = oid_name_str;
}
/*
@@ -444,6 +444,7 @@ namespace {
class Policy_Information : public ASN1_Object
{
public:
+ // public member variable:
OID oid;
Policy_Information() {}
diff --git a/src/lib/cert/x509/x509_ext.h b/src/lib/cert/x509/x509_ext.h
index 0ce49231a..5816dc699 100644
--- a/src/lib/cert/x509/x509_ext.h
+++ b/src/lib/cert/x509/x509_ext.h
@@ -75,7 +75,7 @@ class BOTAN_DLL Extensions : public ASN1_Object
private:
static Certificate_Extension* get_extension(const OID&);
- std::vector<std::pair<Certificate_Extension*, bool> > extensions;
+ std::vector<std::pair<Certificate_Extension*, bool> > m_extensions;
bool m_throw_on_unknown_critical;
};
@@ -188,22 +188,22 @@ class BOTAN_DLL Authority_Key_ID : public Certificate_Extension
class BOTAN_DLL Alternative_Name : public Certificate_Extension
{
public:
- AlternativeName get_alt_name() const { return alt_name; }
+ AlternativeName get_alt_name() const { return m_alt_name; }
protected:
Alternative_Name(const AlternativeName&, const std::string& oid_name);
Alternative_Name(const std::string&, const std::string&);
private:
- std::string oid_name() const override { return oid_name_str; }
+ std::string oid_name() const override { return m_oid_name_str; }
- bool should_encode() const override { return alt_name.has_items(); }
+ bool should_encode() const override { return m_alt_name.has_items(); }
std::vector<byte> encode_inner() const override;
void decode_inner(const std::vector<byte>&) override;
void contents_to(Data_Store&, Data_Store&) const override;
- std::string oid_name_str;
- AlternativeName alt_name;
+ std::string m_oid_name_str;
+ AlternativeName m_alt_name;
};
/**
diff --git a/src/lib/cert/x509/x509_obj.cpp b/src/lib/cert/x509/x509_obj.cpp
index e908e8cab..983be40b2 100644
--- a/src/lib/cert/x509/x509_obj.cpp
+++ b/src/lib/cert/x509/x509_obj.cpp
@@ -48,12 +48,12 @@ X509_Object::X509_Object(const std::vector<byte>& vec, const std::string& labels
*/
void X509_Object::init(DataSource& in, const std::string& labels)
{
- PEM_labels_allowed = split_on(labels, '/');
- if(PEM_labels_allowed.size() < 1)
+ m_PEM_labels_allowed = split_on(labels, '/');
+ if(m_PEM_labels_allowed.size() < 1)
throw Invalid_Argument("Bad labels argument to X509_Object");
- PEM_label_pref = PEM_labels_allowed[0];
- std::sort(PEM_labels_allowed.begin(), PEM_labels_allowed.end());
+ m_PEM_label_pref = m_PEM_labels_allowed[0];
+ std::sort(m_PEM_labels_allowed.begin(), m_PEM_labels_allowed.end());
try {
if(ASN1::maybe_BER(in) && !PEM_Code::matches(in))
@@ -66,8 +66,8 @@ void X509_Object::init(DataSource& in, const std::string& labels)
std::string got_label;
DataSource_Memory ber(PEM_Code::decode(in, got_label));
- if(!std::binary_search(PEM_labels_allowed.begin(),
- PEM_labels_allowed.end(), got_label))
+ if(!std::binary_search(m_PEM_labels_allowed.begin(),
+ m_PEM_labels_allowed.end(), got_label))
throw Decoding_Error("Invalid PEM label: " + got_label);
BER_Decoder dec(ber);
@@ -76,7 +76,7 @@ void X509_Object::init(DataSource& in, const std::string& labels)
}
catch(Decoding_Error& e)
{
- throw Decoding_Error(PEM_label_pref + " decoding failed: " + e.what());
+ throw Decoding_Error(m_PEM_label_pref + " decoding failed: " + e.what());
}
}
@@ -85,10 +85,10 @@ void X509_Object::encode_into(DER_Encoder& to) const
{
to.start_cons(SEQUENCE)
.start_cons(SEQUENCE)
- .raw_bytes(tbs_bits)
+ .raw_bytes(m_tbs_bits)
.end_cons()
- .encode(sig_algo)
- .encode(sig, BIT_STRING)
+ .encode(m_sig_algo)
+ .encode(m_sig, BIT_STRING)
.end_cons();
}
@@ -99,10 +99,10 @@ void X509_Object::decode_from(BER_Decoder& from)
{
from.start_cons(SEQUENCE)
.start_cons(SEQUENCE)
- .raw_bytes(tbs_bits)
+ .raw_bytes(m_tbs_bits)
.end_cons()
- .decode(sig_algo)
- .decode(sig, BIT_STRING)
+ .decode(m_sig_algo)
+ .decode(m_sig, BIT_STRING)
.verify_end()
.end_cons();
}
@@ -122,7 +122,7 @@ std::vector<byte> X509_Object::BER_encode() const
*/
std::string X509_Object::PEM_encode() const
{
- return PEM_Code::encode(BER_encode(), PEM_label_pref);
+ return PEM_Code::encode(BER_encode(), m_PEM_label_pref);
}
/*
@@ -130,7 +130,7 @@ std::string X509_Object::PEM_encode() const
*/
std::vector<byte> X509_Object::tbs_data() const
{
- return ASN1::put_in_sequence(tbs_bits);
+ return ASN1::put_in_sequence(m_tbs_bits);
}
/*
@@ -138,7 +138,7 @@ std::vector<byte> X509_Object::tbs_data() const
*/
std::vector<byte> X509_Object::signature() const
{
- return sig;
+ return m_sig;
}
/*
@@ -146,7 +146,7 @@ std::vector<byte> X509_Object::signature() const
*/
AlgorithmIdentifier X509_Object::signature_algorithm() const
{
- return sig_algo;
+ return m_sig_algo;
}
/*
@@ -155,11 +155,11 @@ AlgorithmIdentifier X509_Object::signature_algorithm() const
std::string X509_Object::hash_used_for_signature() const
{
std::vector<std::string> sig_info =
- split_on(OIDS::lookup(sig_algo.oid), '/');
+ split_on(OIDS::lookup(m_sig_algo.oid), '/');
if(sig_info.size() != 2)
throw Internal_Error("Invalid name format found for " +
- sig_algo.oid.as_string());
+ m_sig_algo.oid.as_string());
std::vector<std::string> pad_and_hash =
parse_algorithm_name(sig_info[1]);
@@ -176,10 +176,10 @@ std::string X509_Object::hash_used_for_signature() const
bool X509_Object::check_signature(const Public_Key* pub_key) const
{
if(!pub_key)
- throw Exception("No key provided for " + PEM_label_pref + " signature check");
+ throw Exception("No key provided for " + m_PEM_label_pref + " signature check");
std::unique_ptr<const Public_Key> key(pub_key);
return check_signature(*key);
- }
+}
/*
* Check the signature on an object
@@ -188,7 +188,7 @@ bool X509_Object::check_signature(const Public_Key& pub_key) const
{
try {
std::vector<std::string> sig_info =
- split_on(OIDS::lookup(sig_algo.oid), '/');
+ split_on(OIDS::lookup(m_sig_algo.oid), '/');
if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name())
return false;
@@ -234,12 +234,12 @@ void X509_Object::do_decode()
}
catch(Decoding_Error& e)
{
- throw Decoding_Error(PEM_label_pref + " decoding failed (" +
+ throw Decoding_Error(m_PEM_label_pref + " decoding failed (" +
e.what() + ")");
}
catch(Invalid_Argument& e)
{
- throw Decoding_Error(PEM_label_pref + " decoding failed (" +
+ throw Decoding_Error(m_PEM_label_pref + " decoding failed (" +
e.what() + ")");
}
}
diff --git a/src/lib/cert/x509/x509_obj.h b/src/lib/cert/x509/x509_obj.h
index ec6bd530c..eb929451c 100644
--- a/src/lib/cert/x509/x509_obj.h
+++ b/src/lib/cert/x509/x509_obj.h
@@ -93,14 +93,14 @@ class BOTAN_DLL X509_Object : public ASN1_Object
void do_decode();
X509_Object() {}
- AlgorithmIdentifier sig_algo;
- std::vector<byte> tbs_bits, sig;
+ AlgorithmIdentifier m_sig_algo;
+ std::vector<byte> m_tbs_bits, m_sig;
private:
virtual void force_decode() = 0;
void init(DataSource&, const std::string&);
- std::vector<std::string> PEM_labels_allowed;
- std::string PEM_label_pref;
+ std::vector<std::string> m_PEM_labels_allowed;
+ std::string m_PEM_label_pref;
};
}
diff --git a/src/lib/cert/x509/x509cert.cpp b/src/lib/cert/x509/x509cert.cpp
index 7e5199c00..cb24a7a03 100644
--- a/src/lib/cert/x509/x509cert.cpp
+++ b/src/lib/cert/x509/x509cert.cpp
@@ -44,7 +44,7 @@ std::vector<std::string> lookup_oids(const std::vector<std::string>& in)
X509_Certificate::X509_Certificate(DataSource& in) :
X509_Object(in, "CERTIFICATE/X509 CERTIFICATE")
{
- self_signed = false;
+ m_self_signed = false;
do_decode();
}
@@ -54,7 +54,7 @@ X509_Certificate::X509_Certificate(DataSource& in) :
X509_Certificate::X509_Certificate(const std::string& in) :
X509_Object(in, "CERTIFICATE/X509 CERTIFICATE")
{
- self_signed = false;
+ m_self_signed = false;
do_decode();
}
@@ -64,7 +64,7 @@ X509_Certificate::X509_Certificate(const std::string& in) :
X509_Certificate::X509_Certificate(const std::vector<byte>& in) :
X509_Object(in, "CERTIFICATE/X509 CERTIFICATE")
{
- self_signed = false;
+ m_self_signed = false;
do_decode();
}
@@ -79,7 +79,7 @@ void X509_Certificate::force_decode()
X509_DN dn_issuer, dn_subject;
X509_Time start, end;
- BER_Decoder tbs_cert(tbs_bits);
+ BER_Decoder tbs_cert(m_tbs_bits);
tbs_cert.decode_optional(version, ASN1_Tag(0),
ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC))
@@ -95,16 +95,16 @@ void X509_Certificate::force_decode()
if(version > 2)
throw Decoding_Error("Unknown X.509 cert version " + std::to_string(version));
- if(sig_algo != sig_algo_inner)
+ if(m_sig_algo != sig_algo_inner)
throw Decoding_Error("Algorithm identifier mismatch");
- self_signed = (dn_subject == dn_issuer);
+ m_self_signed = (dn_subject == dn_issuer);
- subject.add(dn_subject.contents());
- issuer.add(dn_issuer.contents());
+ m_subject.add(dn_subject.contents());
+ m_issuer.add(dn_issuer.contents());
- subject.add("X509.Certificate.dn_bits", ASN1::put_in_sequence(dn_subject.get_bits()));
- issuer.add("X509.Certificate.dn_bits", ASN1::put_in_sequence(dn_issuer.get_bits()));
+ m_subject.add("X509.Certificate.dn_bits", ASN1::put_in_sequence(dn_subject.get_bits()));
+ m_issuer.add("X509.Certificate.dn_bits", ASN1::put_in_sequence(dn_issuer.get_bits()));
BER_Object public_key = tbs_cert.get_next_object();
if(public_key.type_tag != SEQUENCE || public_key.class_tag != CONSTRUCTED)
@@ -124,7 +124,7 @@ void X509_Certificate::force_decode()
BER_Decoder(v3_exts_data.value).decode(extensions).verify_end();
- extensions.contents_to(subject, issuer);
+ extensions.contents_to(m_subject, m_issuer);
}
else if(v3_exts_data.type_tag != NO_OBJECT)
throw BER_Bad_Tag("Unknown tag in X.509 cert",
@@ -133,30 +133,30 @@ void X509_Certificate::force_decode()
if(tbs_cert.more_items())
throw Decoding_Error("TBSCertificate has more items that expected");
- subject.add("X509.Certificate.version", version);
- subject.add("X509.Certificate.serial", BigInt::encode(serial_bn));
- subject.add("X509.Certificate.start", start.to_string());
- subject.add("X509.Certificate.end", end.to_string());
+ m_subject.add("X509.Certificate.version", version);
+ m_subject.add("X509.Certificate.serial", BigInt::encode(serial_bn));
+ m_subject.add("X509.Certificate.start", start.to_string());
+ m_subject.add("X509.Certificate.end", end.to_string());
- issuer.add("X509.Certificate.v2.key_id", v2_issuer_key_id);
- subject.add("X509.Certificate.v2.key_id", v2_subject_key_id);
+ m_issuer.add("X509.Certificate.v2.key_id", v2_issuer_key_id);
+ m_subject.add("X509.Certificate.v2.key_id", v2_subject_key_id);
- subject.add("X509.Certificate.public_key",
+ m_subject.add("X509.Certificate.public_key",
hex_encode(public_key.value));
- if(self_signed && version == 0)
+ if(m_self_signed && version == 0)
{
- subject.add("X509v3.BasicConstraints.is_ca", 1);
- subject.add("X509v3.BasicConstraints.path_constraint", Cert_Extension::NO_CERT_PATH_LIMIT);
+ m_subject.add("X509v3.BasicConstraints.is_ca", 1);
+ m_subject.add("X509v3.BasicConstraints.path_constraint", Cert_Extension::NO_CERT_PATH_LIMIT);
}
if(is_CA_cert() &&
- !subject.has_value("X509v3.BasicConstraints.path_constraint"))
+ !m_subject.has_value("X509v3.BasicConstraints.path_constraint"))
{
const size_t limit = (x509_version() < 3) ?
Cert_Extension::NO_CERT_PATH_LIMIT : 0;
- subject.add("X509v3.BasicConstraints.path_constraint", limit);
+ m_subject.add("X509v3.BasicConstraints.path_constraint", limit);
}
}
@@ -165,7 +165,7 @@ void X509_Certificate::force_decode()
*/
u32bit X509_Certificate::x509_version() const
{
- return (subject.get1_u32bit("X509.Certificate.version") + 1);
+ return (m_subject.get1_u32bit("X509.Certificate.version") + 1);
}
/*
@@ -173,7 +173,7 @@ u32bit X509_Certificate::x509_version() const
*/
std::string X509_Certificate::start_time() const
{
- return subject.get1("X509.Certificate.start");
+ return m_subject.get1("X509.Certificate.start");
}
/*
@@ -181,7 +181,7 @@ std::string X509_Certificate::start_time() const
*/
std::string X509_Certificate::end_time() const
{
- return subject.get1("X509.Certificate.end");
+ return m_subject.get1("X509.Certificate.end");
}
/*
@@ -190,7 +190,7 @@ std::string X509_Certificate::end_time() const
std::vector<std::string>
X509_Certificate::subject_info(const std::string& what) const
{
- return subject.get(X509_DN::deref_info_field(what));
+ return m_subject.get(X509_DN::deref_info_field(what));
}
/*
@@ -199,7 +199,7 @@ X509_Certificate::subject_info(const std::string& what) const
std::vector<std::string>
X509_Certificate::issuer_info(const std::string& what) const
{
- return issuer.get(X509_DN::deref_info_field(what));
+ return m_issuer.get(X509_DN::deref_info_field(what));
}
/*
@@ -213,7 +213,7 @@ Public_Key* X509_Certificate::subject_public_key() const
std::vector<byte> X509_Certificate::subject_public_key_bits() const
{
- return hex_decode(subject.get1("X509.Certificate.public_key"));
+ return hex_decode(m_subject.get1("X509.Certificate.public_key"));
}
/*
@@ -221,7 +221,7 @@ std::vector<byte> X509_Certificate::subject_public_key_bits() const
*/
bool X509_Certificate::is_CA_cert() const
{
- if(!subject.get1_u32bit("X509v3.BasicConstraints.is_ca"))
+ if(!m_subject.get1_u32bit("X509v3.BasicConstraints.is_ca"))
return false;
return allowed_usage(Key_Constraints(KEY_CERT_SIGN));
@@ -275,7 +275,7 @@ bool X509_Certificate::allowed_usage(Usage_Type usage) const
*/
u32bit X509_Certificate::path_limit() const
{
- return subject.get1_u32bit("X509v3.BasicConstraints.path_constraint", 0);
+ return m_subject.get1_u32bit("X509v3.BasicConstraints.path_constraint", 0);
}
/*
@@ -283,7 +283,7 @@ u32bit X509_Certificate::path_limit() const
*/
Key_Constraints X509_Certificate::constraints() const
{
- return Key_Constraints(subject.get1_u32bit("X509v3.KeyUsage",
+ return Key_Constraints(m_subject.get1_u32bit("X509v3.KeyUsage",
NO_CONSTRAINTS));
}
@@ -292,7 +292,7 @@ Key_Constraints X509_Certificate::constraints() const
*/
std::vector<std::string> X509_Certificate::ex_constraints() const
{
- return lookup_oids(subject.get("X509v3.ExtendedKeyUsage"));
+ return lookup_oids(m_subject.get("X509v3.ExtendedKeyUsage"));
}
/*
@@ -300,17 +300,17 @@ std::vector<std::string> X509_Certificate::ex_constraints() const
*/
std::vector<std::string> X509_Certificate::policies() const
{
- return lookup_oids(subject.get("X509v3.CertificatePolicies"));
+ return lookup_oids(m_subject.get("X509v3.CertificatePolicies"));
}
std::string X509_Certificate::ocsp_responder() const
{
- return subject.get1("OCSP.responder", "");
+ return m_subject.get1("OCSP.responder", "");
}
std::string X509_Certificate::crl_distribution_point() const
{
- return subject.get1("CRL.DistributionPoint", "");
+ return m_subject.get1("CRL.DistributionPoint", "");
}
/*
@@ -318,7 +318,7 @@ std::string X509_Certificate::crl_distribution_point() const
*/
std::vector<byte> X509_Certificate::authority_key_id() const
{
- return issuer.get1_memvec("X509v3.AuthorityKeyIdentifier");
+ return m_issuer.get1_memvec("X509v3.AuthorityKeyIdentifier");
}
/*
@@ -326,7 +326,7 @@ std::vector<byte> X509_Certificate::authority_key_id() const
*/
std::vector<byte> X509_Certificate::subject_key_id() const
{
- return subject.get1_memvec("X509v3.SubjectKeyIdentifier");
+ return m_subject.get1_memvec("X509v3.SubjectKeyIdentifier");
}
/*
@@ -334,27 +334,27 @@ std::vector<byte> X509_Certificate::subject_key_id() const
*/
std::vector<byte> X509_Certificate::serial_number() const
{
- return subject.get1_memvec("X509.Certificate.serial");
+ return m_subject.get1_memvec("X509.Certificate.serial");
}
X509_DN X509_Certificate::issuer_dn() const
{
- return create_dn(issuer);
+ return create_dn(m_issuer);
}
std::vector<byte> X509_Certificate::raw_issuer_dn() const
{
- return issuer.get1_memvec("X509.Certificate.dn_bits");
+ return m_issuer.get1_memvec("X509.Certificate.dn_bits");
}
X509_DN X509_Certificate::subject_dn() const
{
- return create_dn(subject);
+ return create_dn(m_subject);
}
std::vector<byte> X509_Certificate::raw_subject_dn() const
{
- return subject.get1_memvec("X509.Certificate.dn_bits");
+ return m_subject.get1_memvec("X509.Certificate.dn_bits");
}
std::string X509_Certificate::fingerprint(const std::string& hash_name) const
@@ -402,25 +402,25 @@ bool X509_Certificate::matches_dns_name(const std::string& name) const
*/
bool X509_Certificate::operator==(const X509_Certificate& other) const
{
- return (sig == other.sig &&
- sig_algo == other.sig_algo &&
- self_signed == other.self_signed &&
- issuer == other.issuer &&
- subject == other.subject);
+ return (m_sig == other.m_sig &&
+ m_sig_algo == other.m_sig_algo &&
+ m_self_signed == other.m_self_signed &&
+ m_issuer == other.m_issuer &&
+ m_subject == other.m_subject);
}
bool X509_Certificate::operator<(const X509_Certificate& other) const
{
/* If signature values are not equal, sort by lexicographic ordering of that */
- if(sig != other.sig)
+ if(m_sig != other.m_sig)
{
- if(sig < other.sig)
+ if(m_sig < other.m_sig)
return true;
return false;
}
// Then compare the signed contents
- return tbs_bits < other.tbs_bits;
+ return m_tbs_bits < other.m_tbs_bits;
}
/*
diff --git a/src/lib/cert/x509/x509cert.h b/src/lib/cert/x509/x509cert.h
index 578360a80..144ceb909 100644
--- a/src/lib/cert/x509/x509cert.h
+++ b/src/lib/cert/x509/x509cert.h
@@ -129,7 +129,7 @@ class BOTAN_DLL X509_Certificate : public X509_Object
* Check whether this certificate is self signed.
* @return true if this certificate is self signed
*/
- bool is_self_signed() const { return self_signed; }
+ bool is_self_signed() const { return m_self_signed; }
/**
* Check whether this certificate is a CA certificate.
@@ -238,8 +238,8 @@ class BOTAN_DLL X509_Certificate : public X509_Object
X509_Certificate() {}
- Data_Store subject, issuer;
- bool self_signed;
+ Data_Store m_subject, m_issuer;
+ bool m_self_signed;
};
/**
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 08:23:41 +0000