diff options
Diffstat (limited to 'src/lib/cert')
-rw-r--r-- | src/lib/cert/x509/ocsp_types.cpp | 5 | ||||
-rw-r--r-- | src/lib/cert/x509/x509_ca.cpp | 7 | ||||
-rw-r--r-- | src/lib/cert/x509/x509cert.cpp | 3 |
3 files changed, 8 insertions, 7 deletions
diff --git a/src/lib/cert/x509/ocsp_types.cpp b/src/lib/cert/x509/ocsp_types.cpp index 0877f848d..04ab1ea03 100644 --- a/src/lib/cert/x509/ocsp_types.cpp +++ b/src/lib/cert/x509/ocsp_types.cpp @@ -9,7 +9,6 @@ #include <botan/der_enc.h> #include <botan/ber_dec.h> #include <botan/x509_ext.h> -#include <botan/lookup.h> #include <botan/hash.h> #include <botan/oids.h> @@ -24,7 +23,7 @@ CertID::CertID(const X509_Certificate& issuer, In practice it seems some responders, including, notably, ocsp.verisign.com, will reject anything but SHA-1 here */ - std::unique_ptr<HashFunction> hash(get_hash("SHA-160")); + std::unique_ptr<HashFunction> hash(HashFunction::create("SHA-160")); m_hash_id = AlgorithmIdentifier(hash->name(), AlgorithmIdentifier::USE_NULL_PARAM); m_issuer_key_hash = unlock(hash->process(extract_key_bitstr(issuer))); @@ -54,7 +53,7 @@ bool CertID::is_id_for(const X509_Certificate& issuer, if(BigInt::decode(subject.serial_number()) != m_subject_serial) return false; - std::unique_ptr<HashFunction> hash(get_hash(OIDS::lookup(m_hash_id.oid))); + std::unique_ptr<HashFunction> hash(HashFunction::create(OIDS::lookup(m_hash_id.oid))); if(m_issuer_dn_hash != unlock(hash->process(subject.raw_issuer_dn()))) return false; diff --git a/src/lib/cert/x509/x509_ca.cpp b/src/lib/cert/x509/x509_ca.cpp index e6f689016..b6bb5d8ce 100644 --- a/src/lib/cert/x509/x509_ca.cpp +++ b/src/lib/cert/x509/x509_ca.cpp @@ -11,7 +11,6 @@ #include <botan/ber_dec.h> #include <botan/bigint.h> #include <botan/parsing.h> -#include <botan/lookup.h> #include <botan/oids.h> #include <botan/hash.h> #include <botan/key_constraint.h> @@ -102,6 +101,7 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer, BigInt serial_no(rng, SERIAL_BITS); + // clang-format off return X509_Certificate(X509_Object::make_signed( signer, rng, sig_algo, DER_Encoder().start_cons(SEQUENCE) @@ -130,6 +130,7 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer, .end_cons() .get_contents() ));; + // clang-format on } /* @@ -179,6 +180,7 @@ X509_CRL X509_CA::make_crl(const std::vector<CRL_Entry>& revoked, new Cert_Extension::Authority_Key_ID(cert.subject_key_id())); extensions.add(new Cert_Extension::CRL_Number(crl_number)); + // clang-format off const std::vector<byte> crl = X509_Object::make_signed( signer, rng, ca_sig_algo, DER_Encoder().start_cons(SEQUENCE) @@ -200,6 +202,7 @@ X509_CRL X509_CA::make_crl(const std::vector<CRL_Entry>& revoked, .end_explicit() .end_cons() .get_contents()); + // clang-format on return X509_CRL(crl); } @@ -221,7 +224,7 @@ PK_Signer* choose_sig_format(const Private_Key& key, { const std::string algo_name = key.algo_name(); - std::unique_ptr<HashFunction> hash(get_hash(hash_fn)); + std::unique_ptr<HashFunction> hash(HashFunction::create(hash_fn)); if(!hash) throw Algorithm_Not_Found(hash_fn); diff --git a/src/lib/cert/x509/x509cert.cpp b/src/lib/cert/x509/x509cert.cpp index f6f87bbf4..48e437352 100644 --- a/src/lib/cert/x509/x509cert.cpp +++ b/src/lib/cert/x509/x509cert.cpp @@ -12,7 +12,6 @@ #include <botan/internal/stl_util.h> #include <botan/parsing.h> #include <botan/bigint.h> -#include <botan/lookup.h> #include <botan/oids.h> #include <botan/pem.h> #include <botan/hash.h> @@ -369,7 +368,7 @@ bool cert_subject_dns_match(const std::string& name, std::string X509_Certificate::fingerprint(const std::string& hash_name) const { - std::unique_ptr<HashFunction> hash(get_hash(hash_name)); + std::unique_ptr<HashFunction> hash(HashFunction::create(hash_name)); hash->update(this->BER_encode()); const auto hex_print = hex_encode(hash->final()); |