aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/cert
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/cert')
-rw-r--r--src/lib/cert/x509/ocsp_types.cpp5
-rw-r--r--src/lib/cert/x509/x509_ca.cpp7
-rw-r--r--src/lib/cert/x509/x509cert.cpp3
3 files changed, 8 insertions, 7 deletions
diff --git a/src/lib/cert/x509/ocsp_types.cpp b/src/lib/cert/x509/ocsp_types.cpp
index 0877f848d..04ab1ea03 100644
--- a/src/lib/cert/x509/ocsp_types.cpp
+++ b/src/lib/cert/x509/ocsp_types.cpp
@@ -9,7 +9,6 @@
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/x509_ext.h>
-#include <botan/lookup.h>
#include <botan/hash.h>
#include <botan/oids.h>
@@ -24,7 +23,7 @@ CertID::CertID(const X509_Certificate& issuer,
In practice it seems some responders, including, notably,
ocsp.verisign.com, will reject anything but SHA-1 here
*/
- std::unique_ptr<HashFunction> hash(get_hash("SHA-160"));
+ std::unique_ptr<HashFunction> hash(HashFunction::create("SHA-160"));
m_hash_id = AlgorithmIdentifier(hash->name(), AlgorithmIdentifier::USE_NULL_PARAM);
m_issuer_key_hash = unlock(hash->process(extract_key_bitstr(issuer)));
@@ -54,7 +53,7 @@ bool CertID::is_id_for(const X509_Certificate& issuer,
if(BigInt::decode(subject.serial_number()) != m_subject_serial)
return false;
- std::unique_ptr<HashFunction> hash(get_hash(OIDS::lookup(m_hash_id.oid)));
+ std::unique_ptr<HashFunction> hash(HashFunction::create(OIDS::lookup(m_hash_id.oid)));
if(m_issuer_dn_hash != unlock(hash->process(subject.raw_issuer_dn())))
return false;
diff --git a/src/lib/cert/x509/x509_ca.cpp b/src/lib/cert/x509/x509_ca.cpp
index e6f689016..b6bb5d8ce 100644
--- a/src/lib/cert/x509/x509_ca.cpp
+++ b/src/lib/cert/x509/x509_ca.cpp
@@ -11,7 +11,6 @@
#include <botan/ber_dec.h>
#include <botan/bigint.h>
#include <botan/parsing.h>
-#include <botan/lookup.h>
#include <botan/oids.h>
#include <botan/hash.h>
#include <botan/key_constraint.h>
@@ -102,6 +101,7 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
BigInt serial_no(rng, SERIAL_BITS);
+ // clang-format off
return X509_Certificate(X509_Object::make_signed(
signer, rng, sig_algo,
DER_Encoder().start_cons(SEQUENCE)
@@ -130,6 +130,7 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
.end_cons()
.get_contents()
));;
+ // clang-format on
}
/*
@@ -179,6 +180,7 @@ X509_CRL X509_CA::make_crl(const std::vector<CRL_Entry>& revoked,
new Cert_Extension::Authority_Key_ID(cert.subject_key_id()));
extensions.add(new Cert_Extension::CRL_Number(crl_number));
+ // clang-format off
const std::vector<byte> crl = X509_Object::make_signed(
signer, rng, ca_sig_algo,
DER_Encoder().start_cons(SEQUENCE)
@@ -200,6 +202,7 @@ X509_CRL X509_CA::make_crl(const std::vector<CRL_Entry>& revoked,
.end_explicit()
.end_cons()
.get_contents());
+ // clang-format on
return X509_CRL(crl);
}
@@ -221,7 +224,7 @@ PK_Signer* choose_sig_format(const Private_Key& key,
{
const std::string algo_name = key.algo_name();
- std::unique_ptr<HashFunction> hash(get_hash(hash_fn));
+ std::unique_ptr<HashFunction> hash(HashFunction::create(hash_fn));
if(!hash)
throw Algorithm_Not_Found(hash_fn);
diff --git a/src/lib/cert/x509/x509cert.cpp b/src/lib/cert/x509/x509cert.cpp
index f6f87bbf4..48e437352 100644
--- a/src/lib/cert/x509/x509cert.cpp
+++ b/src/lib/cert/x509/x509cert.cpp
@@ -12,7 +12,6 @@
#include <botan/internal/stl_util.h>
#include <botan/parsing.h>
#include <botan/bigint.h>
-#include <botan/lookup.h>
#include <botan/oids.h>
#include <botan/pem.h>
#include <botan/hash.h>
@@ -369,7 +368,7 @@ bool cert_subject_dns_match(const std::string& name,
std::string X509_Certificate::fingerprint(const std::string& hash_name) const
{
- std::unique_ptr<HashFunction> hash(get_hash(hash_name));
+ std::unique_ptr<HashFunction> hash(HashFunction::create(hash_name));
hash->update(this->BER_encode());
const auto hex_print = hex_encode(hash->final());