aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/asn1/alg_id.cpp32
-rw-r--r--src/lib/asn1/alg_id.h23
-rw-r--r--src/lib/asn1/asn1_attribute.cpp8
-rw-r--r--src/lib/asn1/asn1_attribute.h17
-rw-r--r--src/lib/asn1/asn1_obj.h2
-rw-r--r--src/lib/asn1/ber_dec.cpp104
-rw-r--r--src/lib/asn1/ber_dec.h25
-rw-r--r--src/lib/asn1/der_enc.cpp33
-rw-r--r--src/lib/asn1/der_enc.h19
-rw-r--r--src/lib/pubkey/dl_algo/dl_algo.cpp4
-rw-r--r--src/lib/pubkey/ecc_key/ecc_key.cpp4
-rw-r--r--src/lib/pubkey/gost_3410/gost_3410.cpp2
-rw-r--r--src/lib/pubkey/pbes2/pbes2.cpp12
-rw-r--r--src/lib/pubkey/pk_algs.cpp8
-rw-r--r--src/lib/pubkey/pkcs8.cpp12
-rw-r--r--src/lib/x509/ocsp.cpp2
-rw-r--r--src/lib/x509/ocsp_types.cpp2
-rw-r--r--src/lib/x509/pkcs10.cpp10
-rw-r--r--src/lib/x509/x509_ca.cpp4
-rw-r--r--src/lib/x509/x509_obj.cpp18
-rw-r--r--src/lib/x509/x509cert.cpp8
-rw-r--r--src/tests/unit_ecdsa.cpp2
22 files changed, 167 insertions, 184 deletions
diff --git a/src/lib/asn1/alg_id.cpp b/src/lib/asn1/alg_id.cpp
index 0b84d2137..0637a8f8d 100644
--- a/src/lib/asn1/alg_id.cpp
+++ b/src/lib/asn1/alg_id.cpp
@@ -16,38 +16,46 @@ namespace Botan {
* Create an AlgorithmIdentifier
*/
AlgorithmIdentifier::AlgorithmIdentifier(const OID& alg_id,
- const std::vector<uint8_t>& param) : oid(alg_id), parameters(param)
+ const std::vector<uint8_t>& param) :
+ oid(alg_id),
+ parameters(param)
{}
/*
* Create an AlgorithmIdentifier
*/
AlgorithmIdentifier::AlgorithmIdentifier(const std::string& alg_id,
- const std::vector<uint8_t>& param) : oid(OIDS::lookup(alg_id)), parameters(param)
+ const std::vector<uint8_t>& param) :
+ oid(OIDS::lookup(alg_id)),
+ parameters(param)
{}
/*
* Create an AlgorithmIdentifier
*/
AlgorithmIdentifier::AlgorithmIdentifier(const OID& alg_id,
- Encoding_Option option) : oid(alg_id), parameters()
+ Encoding_Option option) :
+ oid(alg_id),
+ parameters()
{
const uint8_t DER_NULL[] = { 0x05, 0x00 };
if(option == USE_NULL_PARAM)
- parameters += std::pair<const uint8_t*, size_t>(DER_NULL, sizeof(DER_NULL));
+ parameters.assign(DER_NULL, DER_NULL + 2);
}
/*
* Create an AlgorithmIdentifier
*/
AlgorithmIdentifier::AlgorithmIdentifier(const std::string& alg_id,
- Encoding_Option option) : oid(OIDS::lookup(alg_id)), parameters()
+ Encoding_Option option) :
+ oid(OIDS::lookup(alg_id)),
+ parameters()
{
const uint8_t DER_NULL[] = { 0x05, 0x00 };
if(option == USE_NULL_PARAM)
- parameters += std::pair<const uint8_t*, size_t>(DER_NULL, sizeof(DER_NULL));
+ parameters.assign(DER_NULL, DER_NULL + 2);
}
/*
@@ -66,14 +74,14 @@ bool param_null_or_empty(const std::vector<uint8_t>& p)
bool operator==(const AlgorithmIdentifier& a1, const AlgorithmIdentifier& a2)
{
- if(a1.oid != a2.oid)
+ if(a1.get_oid() != a2.get_oid())
return false;
- if(param_null_or_empty(a1.parameters) &&
- param_null_or_empty(a2.parameters))
+ if(param_null_or_empty(a1.get_parameters()) &&
+ param_null_or_empty(a2.get_parameters()))
return true;
- return (a1.parameters == a2.parameters);
+ return (a1.get_parameters() == a2.get_parameters());
}
/*
@@ -90,8 +98,8 @@ bool operator!=(const AlgorithmIdentifier& a1, const AlgorithmIdentifier& a2)
void AlgorithmIdentifier::encode_into(DER_Encoder& codec) const
{
codec.start_cons(SEQUENCE)
- .encode(oid)
- .raw_bytes(parameters)
+ .encode(get_oid())
+ .raw_bytes(get_parameters())
.end_cons();
}
diff --git a/src/lib/asn1/alg_id.h b/src/lib/asn1/alg_id.h
index be862c5dd..b9af37c8a 100644
--- a/src/lib/asn1/alg_id.h
+++ b/src/lib/asn1/alg_id.h
@@ -27,16 +27,21 @@ class BOTAN_PUBLIC_API(2,0) AlgorithmIdentifier final : public ASN1_Object
void decode_from(class BER_Decoder&) override;
AlgorithmIdentifier() = default;
- AlgorithmIdentifier(const OID&, Encoding_Option);
- AlgorithmIdentifier(const std::string&, Encoding_Option);
- AlgorithmIdentifier(const OID&, const std::vector<uint8_t>&);
- AlgorithmIdentifier(const std::string&, const std::vector<uint8_t>&);
+ AlgorithmIdentifier(const OID& oid, Encoding_Option enc);
+ AlgorithmIdentifier(const std::string& oid_name, Encoding_Option enc);
- // public member variable:
- OID oid;
+ AlgorithmIdentifier(const OID& oid, const std::vector<uint8_t>& params);
+ AlgorithmIdentifier(const std::string& oid_name, const std::vector<uint8_t>& params);
+
+ const OID& get_oid() const { return oid; }
+ const std::vector<uint8_t>& get_parameters() const { return parameters; }
- // public member variable:
+ /*
+ * These values are public for historical reasons, but in a future release
+ * they will be made private. Do not access them.
+ */
+ OID oid;
std::vector<uint8_t> parameters;
};
@@ -44,9 +49,9 @@ class BOTAN_PUBLIC_API(2,0) AlgorithmIdentifier final : public ASN1_Object
* Comparison Operations
*/
bool BOTAN_PUBLIC_API(2,0) operator==(const AlgorithmIdentifier&,
- const AlgorithmIdentifier&);
+ const AlgorithmIdentifier&);
bool BOTAN_PUBLIC_API(2,0) operator!=(const AlgorithmIdentifier&,
- const AlgorithmIdentifier&);
+ const AlgorithmIdentifier&);
}
diff --git a/src/lib/asn1/asn1_attribute.cpp b/src/lib/asn1/asn1_attribute.cpp
index 3093f5025..8ecd8fd5f 100644
--- a/src/lib/asn1/asn1_attribute.cpp
+++ b/src/lib/asn1/asn1_attribute.cpp
@@ -15,14 +15,18 @@ namespace Botan {
/*
* Create an Attribute
*/
-Attribute::Attribute(const OID& attr_oid, const std::vector<uint8_t>& attr_value) : oid(attr_oid), parameters(attr_value)
+Attribute::Attribute(const OID& attr_oid, const std::vector<uint8_t>& attr_value) :
+ oid(attr_oid),
+ parameters(attr_value)
{}
/*
* Create an Attribute
*/
Attribute::Attribute(const std::string& attr_oid,
- const std::vector<uint8_t>& attr_value) : oid(OIDS::lookup(attr_oid)), parameters(attr_value)
+ const std::vector<uint8_t>& attr_value) :
+ oid(OIDS::lookup(attr_oid)),
+ parameters(attr_value)
{}
/*
diff --git a/src/lib/asn1/asn1_attribute.h b/src/lib/asn1/asn1_attribute.h
index da0ee48d1..077850a65 100644
--- a/src/lib/asn1/asn1_attribute.h
+++ b/src/lib/asn1/asn1_attribute.h
@@ -23,15 +23,20 @@ class BOTAN_PUBLIC_API(2,0) Attribute final : public ASN1_Object
void encode_into(class DER_Encoder& to) const override;
void decode_from(class BER_Decoder& from) override;
- // public member variable:
- OID oid;
-
- // public member variable:
- std::vector<uint8_t> parameters;
-
Attribute() = default;
Attribute(const OID&, const std::vector<uint8_t>&);
Attribute(const std::string&, const std::vector<uint8_t>&);
+
+ const OID& get_oid() const { return oid; }
+
+ const std::vector<uint8_t>& get_parameters() const { return parameters; }
+
+ /*
+ * These values are public for historical reasons, but in a future release
+ * they will be made private. Do not access them.
+ */
+ OID oid;
+ std::vector<uint8_t> parameters;
};
}
diff --git a/src/lib/asn1/asn1_obj.h b/src/lib/asn1/asn1_obj.h
index a785a5807..0b9a1493e 100644
--- a/src/lib/asn1/asn1_obj.h
+++ b/src/lib/asn1/asn1_obj.h
@@ -88,7 +88,7 @@ class BOTAN_PUBLIC_API(2,0) ASN1_Object
class BOTAN_PUBLIC_API(2,0) BER_Object final
{
public:
- void assert_is_a(ASN1_Tag, ASN1_Tag);
+ void assert_is_a(ASN1_Tag type_tag, ASN1_Tag class_tag) const;
// public member variable:
ASN1_Tag type_tag, class_tag;
diff --git a/src/lib/asn1/ber_dec.cpp b/src/lib/asn1/ber_dec.cpp
index 515f7352f..225197224 100644
--- a/src/lib/asn1/ber_dec.cpp
+++ b/src/lib/asn1/ber_dec.cpp
@@ -150,7 +150,7 @@ size_t find_eoc(DataSource* ber, size_t allow_indef)
/*
* Check a type invariant on BER data
*/
-void BER_Object::assert_is_a(ASN1_Tag type_tag_, ASN1_Tag class_tag_)
+void BER_Object::assert_is_a(ASN1_Tag type_tag_, ASN1_Tag class_tag_) const
{
if(type_tag != type_tag_ || class_tag != class_tag_)
throw BER_Decoding_Error("Tag mismatch when decoding got " +
@@ -181,34 +181,13 @@ BER_Decoder& BER_Decoder::verify_end()
}
/*
-* Save all the bytes remaining in the source
-*/
-BER_Decoder& BER_Decoder::raw_bytes(secure_vector<uint8_t>& out)
- {
- out.clear();
- uint8_t buf;
- while(m_source->read_byte(buf))
- out.push_back(buf);
- return (*this);
- }
-
-BER_Decoder& BER_Decoder::raw_bytes(std::vector<uint8_t>& out)
- {
- out.clear();
- uint8_t buf;
- while(m_source->read_byte(buf))
- out.push_back(buf);
- return (*this);
- }
-
-/*
* Discard all the bytes remaining in the source
*/
BER_Decoder& BER_Decoder::discard_remaining()
{
uint8_t buf;
while(m_source->read_byte(buf))
- ;
+ {}
return (*this);
}
@@ -429,7 +408,8 @@ BER_Decoder& BER_Decoder::decode(bool& out,
* Decode a small BER encoded INTEGER
*/
BER_Decoder& BER_Decoder::decode(size_t& out,
- ASN1_Tag type_tag, ASN1_Tag class_tag)
+ ASN1_Tag type_tag,
+ ASN1_Tag class_tag)
{
BigInt integer;
decode(integer, type_tag, class_tag);
@@ -448,8 +428,8 @@ BER_Decoder& BER_Decoder::decode(size_t& out,
* Decode a small BER encoded INTEGER
*/
uint64_t BER_Decoder::decode_constrained_integer(ASN1_Tag type_tag,
- ASN1_Tag class_tag,
- size_t T_bytes)
+ ASN1_Tag class_tag,
+ size_t T_bytes)
{
if(T_bytes > 8)
throw BER_Decoding_Error("Can't decode small integer over 8 bytes");
@@ -471,7 +451,8 @@ uint64_t BER_Decoder::decode_constrained_integer(ASN1_Tag type_tag,
* Decode a BER encoded INTEGER
*/
BER_Decoder& BER_Decoder::decode(BigInt& out,
- ASN1_Tag type_tag, ASN1_Tag class_tag)
+ ASN1_Tag type_tag,
+ ASN1_Tag class_tag)
{
BER_Object obj = get_next_object();
obj.assert_is_a(type_tag, class_tag);
@@ -500,37 +481,21 @@ BER_Decoder& BER_Decoder::decode(BigInt& out,
return (*this);
}
-/*
-* BER decode a BIT STRING or OCTET STRING
-*/
-BER_Decoder& BER_Decoder::decode(secure_vector<uint8_t>& out, ASN1_Tag real_type)
- {
- return decode(out, real_type, real_type, UNIVERSAL);
- }
-
-/*
-* BER decode a BIT STRING or OCTET STRING
-*/
-BER_Decoder& BER_Decoder::decode(std::vector<uint8_t>& out, ASN1_Tag real_type)
- {
- return decode(out, real_type, real_type, UNIVERSAL);
- }
+namespace {
-/*
-* BER decode a BIT STRING or OCTET STRING
-*/
-BER_Decoder& BER_Decoder::decode(secure_vector<uint8_t>& buffer,
- ASN1_Tag real_type,
- ASN1_Tag type_tag, ASN1_Tag class_tag)
+template<typename Alloc>
+void asn1_decode_binary_string(std::vector<uint8_t, Alloc>& buffer,
+ const BER_Object& obj,
+ ASN1_Tag real_type,
+ ASN1_Tag type_tag,
+ ASN1_Tag class_tag)
{
- if(real_type != OCTET_STRING && real_type != BIT_STRING)
- throw BER_Bad_Tag("Bad tag for {BIT,OCTET} STRING", real_type);
-
- BER_Object obj = get_next_object();
obj.assert_is_a(type_tag, class_tag);
if(real_type == OCTET_STRING)
- buffer = obj.value;
+ {
+ buffer.assign(obj.value.begin(), obj.value.end());
+ }
else
{
if(obj.value.empty())
@@ -543,33 +508,32 @@ BER_Decoder& BER_Decoder::decode(secure_vector<uint8_t>& buffer,
if(obj.value.size() > 1)
copy_mem(buffer.data(), &obj.value[1], obj.value.size() - 1);
}
- return (*this);
}
-BER_Decoder& BER_Decoder::decode(std::vector<uint8_t>& buffer,
+}
+
+/*
+* BER decode a BIT STRING or OCTET STRING
+*/
+BER_Decoder& BER_Decoder::decode(secure_vector<uint8_t>& buffer,
ASN1_Tag real_type,
ASN1_Tag type_tag, ASN1_Tag class_tag)
{
if(real_type != OCTET_STRING && real_type != BIT_STRING)
throw BER_Bad_Tag("Bad tag for {BIT,OCTET} STRING", real_type);
- BER_Object obj = get_next_object();
- obj.assert_is_a(type_tag, class_tag);
-
- if(real_type == OCTET_STRING)
- buffer = unlock(obj.value);
- else
- {
- if(obj.value.empty())
- throw BER_Decoding_Error("Invalid BIT STRING");
- if(obj.value[0] >= 8)
- throw BER_Decoding_Error("Bad number of unused bits in BIT STRING");
+ asn1_decode_binary_string(buffer, get_next_object(), real_type, type_tag, class_tag);
+ return (*this);
+ }
- buffer.resize(obj.value.size() - 1);
+BER_Decoder& BER_Decoder::decode(std::vector<uint8_t>& buffer,
+ ASN1_Tag real_type,
+ ASN1_Tag type_tag, ASN1_Tag class_tag)
+ {
+ if(real_type != OCTET_STRING && real_type != BIT_STRING)
+ throw BER_Bad_Tag("Bad tag for {BIT,OCTET} STRING", real_type);
- if(obj.value.size() > 1)
- copy_mem(buffer.data(), &obj.value[1], obj.value.size() - 1);
- }
+ asn1_decode_binary_string(buffer, get_next_object(), real_type, type_tag, class_tag);
return (*this);
}
diff --git a/src/lib/asn1/ber_dec.h b/src/lib/asn1/ber_dec.h
index fbe62e464..637cdc527 100644
--- a/src/lib/asn1/ber_dec.h
+++ b/src/lib/asn1/ber_dec.h
@@ -66,15 +66,32 @@ class BOTAN_PUBLIC_API(2,0) BER_Decoder final
return (*this);
}
- BER_Decoder& raw_bytes(secure_vector<uint8_t>& v);
- BER_Decoder& raw_bytes(std::vector<uint8_t>& v);
+ /*
+ * Save all the bytes remaining in the source
+ */
+ template<typename Alloc>
+ BER_Decoder& raw_bytes(std::vector<uint8_t, Alloc>& out)
+ {
+ out.clear();
+ uint8_t buf;
+ while(m_source->read_byte(buf))
+ out.push_back(buf);
+ return (*this);
+ }
BER_Decoder& decode_null();
BER_Decoder& decode(bool& v);
BER_Decoder& decode(size_t& v);
BER_Decoder& decode(class BigInt& v);
- BER_Decoder& decode(std::vector<uint8_t>& v, ASN1_Tag type_tag);
- BER_Decoder& decode(secure_vector<uint8_t>& v, ASN1_Tag type_tag);
+
+ /*
+ * BER decode a BIT STRING or OCTET STRING
+ */
+ template<typename Alloc>
+ BER_Decoder& decode(std::vector<uint8_t, Alloc>& out, ASN1_Tag real_type)
+ {
+ return decode(out, real_type, real_type, UNIVERSAL);
+ }
BER_Decoder& decode(bool& v,
ASN1_Tag type_tag,
diff --git a/src/lib/asn1/der_enc.cpp b/src/lib/asn1/der_enc.cpp
index 28a9bbc9a..1ed51d593 100644
--- a/src/lib/asn1/der_enc.cpp
+++ b/src/lib/asn1/der_enc.cpp
@@ -178,19 +178,6 @@ DER_Encoder& DER_Encoder::end_explicit()
/*
* Write raw bytes into the stream
*/
-DER_Encoder& DER_Encoder::raw_bytes(const secure_vector<uint8_t>& val)
- {
- return raw_bytes(val.data(), val.size());
- }
-
-DER_Encoder& DER_Encoder::raw_bytes(const std::vector<uint8_t>& val)
- {
- return raw_bytes(val.data(), val.size());
- }
-
-/*
-* Write raw bytes into the stream
-*/
DER_Encoder& DER_Encoder::raw_bytes(const uint8_t bytes[], size_t length)
{
if(m_subsequences.size())
@@ -234,26 +221,6 @@ DER_Encoder& DER_Encoder::encode(const BigInt& n)
}
/*
-* DER encode an OCTET STRING or BIT STRING
-*/
-DER_Encoder& DER_Encoder::encode(const secure_vector<uint8_t>& bytes,
- ASN1_Tag real_type)
- {
- return encode(bytes.data(), bytes.size(),
- real_type, real_type, UNIVERSAL);
- }
-
-/*
-* DER encode an OCTET STRING or BIT STRING
-*/
-DER_Encoder& DER_Encoder::encode(const std::vector<uint8_t>& bytes,
- ASN1_Tag real_type)
- {
- return encode(bytes.data(), bytes.size(),
- real_type, real_type, UNIVERSAL);
- }
-
-/*
* Encode this object
*/
DER_Encoder& DER_Encoder::encode(const uint8_t bytes[], size_t length,
diff --git a/src/lib/asn1/der_enc.h b/src/lib/asn1/der_enc.h
index f1e85101c..f76391ae5 100644
--- a/src/lib/asn1/der_enc.h
+++ b/src/lib/asn1/der_enc.h
@@ -34,18 +34,29 @@ class BOTAN_PUBLIC_API(2,0) DER_Encoder final
DER_Encoder& start_explicit(uint16_t type_tag);
DER_Encoder& end_explicit();
+ /**
+ * Insert raw bytes directly into the output stream
+ */
DER_Encoder& raw_bytes(const uint8_t val[], size_t len);
- DER_Encoder& raw_bytes(const secure_vector<uint8_t>& val);
- DER_Encoder& raw_bytes(const std::vector<uint8_t>& val);
+
+ template<typename Alloc>
+ DER_Encoder& raw_bytes(const std::vector<uint8_t, Alloc>& val)
+ {
+ return raw_bytes(val.data(), val.size());
+ }
DER_Encoder& encode_null();
DER_Encoder& encode(bool b);
DER_Encoder& encode(size_t s);
DER_Encoder& encode(const BigInt& n);
- DER_Encoder& encode(const secure_vector<uint8_t>& v, ASN1_Tag real_type);
- DER_Encoder& encode(const std::vector<uint8_t>& v, ASN1_Tag real_type);
DER_Encoder& encode(const uint8_t val[], size_t len, ASN1_Tag real_type);
+ template<typename Alloc>
+ DER_Encoder& encode(const std::vector<uint8_t, Alloc>& vec, ASN1_Tag real_type)
+ {
+ return encode(vec.data(), vec.size(), real_type);
+ }
+
DER_Encoder& encode(bool b,
ASN1_Tag type_tag,
ASN1_Tag class_tag = CONTEXT_SPECIFIC);
diff --git a/src/lib/pubkey/dl_algo/dl_algo.cpp b/src/lib/pubkey/dl_algo/dl_algo.cpp
index 4f0e38e9f..c28ccaee0 100644
--- a/src/lib/pubkey/dl_algo/dl_algo.cpp
+++ b/src/lib/pubkey/dl_algo/dl_algo.cpp
@@ -38,7 +38,7 @@ DL_Scheme_PublicKey::DL_Scheme_PublicKey(const AlgorithmIdentifier& alg_id,
const std::vector<uint8_t>& key_bits,
DL_Group::Format format)
{
- m_group.BER_decode(alg_id.parameters, format);
+ m_group.BER_decode(alg_id.get_parameters(), format);
BER_Decoder(key_bits).decode(m_y);
}
@@ -52,7 +52,7 @@ DL_Scheme_PrivateKey::DL_Scheme_PrivateKey(const AlgorithmIdentifier& alg_id,
const secure_vector<uint8_t>& key_bits,
DL_Group::Format format)
{
- m_group.BER_decode(alg_id.parameters, format);
+ m_group.BER_decode(alg_id.get_parameters(), format);
BER_Decoder(key_bits).decode(m_x);
}
diff --git a/src/lib/pubkey/ecc_key/ecc_key.cpp b/src/lib/pubkey/ecc_key/ecc_key.cpp
index 962cd3f45..442fb41d2 100644
--- a/src/lib/pubkey/ecc_key/ecc_key.cpp
+++ b/src/lib/pubkey/ecc_key/ecc_key.cpp
@@ -41,7 +41,7 @@ EC_PublicKey::EC_PublicKey(const EC_Group& dom_par,
EC_PublicKey::EC_PublicKey(const AlgorithmIdentifier& alg_id,
const std::vector<uint8_t>& key_bits) :
- m_domain_params{EC_Group(alg_id.parameters)},
+ m_domain_params{EC_Group(alg_id.get_parameters())},
m_public_key{OS2ECP(key_bits, domain().get_curve())}
{
if (!domain().get_oid().empty())
@@ -162,7 +162,7 @@ EC_PrivateKey::EC_PrivateKey(const AlgorithmIdentifier& alg_id,
const secure_vector<uint8_t>& key_bits,
bool with_modular_inverse)
{
- m_domain_params = EC_Group(alg_id.parameters);
+ m_domain_params = EC_Group(alg_id.get_parameters());
m_domain_encoding = EC_DOMPAR_ENC_EXPLICIT;
OID key_parameters;
diff --git a/src/lib/pubkey/gost_3410/gost_3410.cpp b/src/lib/pubkey/gost_3410/gost_3410.cpp
index 324b7e985..acd127a2d 100644
--- a/src/lib/pubkey/gost_3410/gost_3410.cpp
+++ b/src/lib/pubkey/gost_3410/gost_3410.cpp
@@ -54,7 +54,7 @@ GOST_3410_PublicKey::GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id,
OID ecc_param_id;
// The parameters also includes hash and cipher OIDs
- BER_Decoder(alg_id.parameters).start_cons(SEQUENCE).decode(ecc_param_id);
+ BER_Decoder(alg_id.get_parameters()).start_cons(SEQUENCE).decode(ecc_param_id);
m_domain_params = EC_Group(ecc_param_id);
diff --git a/src/lib/pubkey/pbes2/pbes2.cpp b/src/lib/pubkey/pbes2/pbes2.cpp
index 41d18a86d..65e2cb429 100644
--- a/src/lib/pubkey/pbes2/pbes2.cpp
+++ b/src/lib/pubkey/pbes2/pbes2.cpp
@@ -174,14 +174,14 @@ pbes2_decrypt(const secure_vector<uint8_t>& key_bits,
AlgorithmIdentifier prf_algo;
- if(kdf_algo.oid != OIDS::lookup("PKCS5.PBKDF2"))
+ if(kdf_algo.get_oid() != OIDS::lookup("PKCS5.PBKDF2"))
throw Decoding_Error("PBE-PKCS5 v2.0: Unknown KDF algorithm " +
- kdf_algo.oid.as_string());
+ kdf_algo.get_oid().as_string());
secure_vector<uint8_t> salt;
size_t iterations = 0, key_length = 0;
- BER_Decoder(kdf_algo.parameters)
+ BER_Decoder(kdf_algo.get_parameters())
.start_cons(SEQUENCE)
.decode(salt, OCTET_STRING)
.decode(iterations)
@@ -191,7 +191,7 @@ pbes2_decrypt(const secure_vector<uint8_t>& key_bits,
AlgorithmIdentifier::USE_NULL_PARAM))
.end_cons();
- const std::string cipher = OIDS::lookup(enc_algo.oid);
+ const std::string cipher = OIDS::lookup(enc_algo.get_oid());
const std::vector<std::string> cipher_spec = split_on(cipher, '/');
if(cipher_spec.size() != 2)
throw Decoding_Error("PBE-PKCS5 v2.0: Invalid cipher spec " + cipher);
@@ -202,9 +202,9 @@ pbes2_decrypt(const secure_vector<uint8_t>& key_bits,
throw Decoding_Error("PBE-PKCS5 v2.0: Encoded salt is too small");
secure_vector<uint8_t> iv;
- BER_Decoder(enc_algo.parameters).decode(iv, OCTET_STRING).verify_end();
+ BER_Decoder(enc_algo.get_parameters()).decode(iv, OCTET_STRING).verify_end();
- const std::string prf = OIDS::lookup(prf_algo.oid);
+ const std::string prf = OIDS::lookup(prf_algo.get_oid());
std::unique_ptr<PBKDF> pbkdf(get_pbkdf("PBKDF2(" + prf + ")"));
diff --git a/src/lib/pubkey/pk_algs.cpp b/src/lib/pubkey/pk_algs.cpp
index e2009ce0e..d34c59ccf 100644
--- a/src/lib/pubkey/pk_algs.cpp
+++ b/src/lib/pubkey/pk_algs.cpp
@@ -84,10 +84,10 @@ std::unique_ptr<Public_Key>
load_public_key(const AlgorithmIdentifier& alg_id,
const std::vector<uint8_t>& key_bits)
{
- const std::vector<std::string> alg_info = split_on(OIDS::lookup(alg_id.oid), '/');
+ const std::vector<std::string> alg_info = split_on(OIDS::lookup(alg_id.get_oid()), '/');
if(alg_info.empty())
- throw Decoding_Error("Unknown algorithm OID: " + alg_id.oid.as_string());
+ throw Decoding_Error("Unknown algorithm OID: " + alg_id.get_oid().as_string());
const std::string alg_name = alg_info[0];
@@ -170,9 +170,9 @@ std::unique_ptr<Private_Key>
load_private_key(const AlgorithmIdentifier& alg_id,
const secure_vector<uint8_t>& key_bits)
{
- const std::string alg_name = OIDS::lookup(alg_id.oid);
+ const std::string alg_name = OIDS::lookup(alg_id.get_oid());
if(alg_name == "")
- throw Decoding_Error("Unknown algorithm OID: " + alg_id.oid.as_string());
+ throw Decoding_Error("Unknown algorithm OID: " + alg_id.get_oid().as_string());
#if defined(BOTAN_HAS_RSA)
if(alg_name == "RSA")
diff --git a/src/lib/pubkey/pkcs8.cpp b/src/lib/pubkey/pkcs8.cpp
index fe2470275..0d13d8090 100644
--- a/src/lib/pubkey/pkcs8.cpp
+++ b/src/lib/pubkey/pkcs8.cpp
@@ -101,9 +101,9 @@ secure_vector<uint8_t> PKCS8_decode(
{
if(is_encrypted)
{
- if(OIDS::lookup(pbe_alg_id.oid) != "PBE-PKCS5v20")
- throw Exception("Unknown PBE type " + pbe_alg_id.oid.as_string());
- key = pbes2_decrypt(key_data, get_passphrase(), pbe_alg_id.parameters);
+ if(OIDS::lookup(pbe_alg_id.get_oid()) != "PBE-PKCS5v20")
+ throw Exception("Unknown PBE type " + pbe_alg_id.get_oid().as_string());
+ key = pbes2_decrypt(key_data, get_passphrase(), pbe_alg_id.get_parameters());
}
else
key = key_data;
@@ -298,10 +298,10 @@ load_key(DataSource& source,
AlgorithmIdentifier alg_id;
secure_vector<uint8_t> pkcs8_key = PKCS8_decode(source, get_pass, alg_id, is_encrypted);
- const std::string alg_name = OIDS::lookup(alg_id.oid);
- if(alg_name.empty() || alg_name == alg_id.oid.as_string())
+ const std::string alg_name = OIDS::lookup(alg_id.get_oid());
+ if(alg_name.empty() || alg_name == alg_id.get_oid().as_string())
throw PKCS8_Exception("Unknown algorithm OID: " +
- alg_id.oid.as_string());
+ alg_id.get_oid().as_string());
return load_private_key(alg_id, pkcs8_key);
}
diff --git a/src/lib/x509/ocsp.cpp b/src/lib/x509/ocsp.cpp
index 6d8d66687..5a98b7495 100644
--- a/src/lib/x509/ocsp.cpp
+++ b/src/lib/x509/ocsp.cpp
@@ -148,7 +148,7 @@ Certificate_Status_Code Response::verify_signature(const X509_Certificate& issue
std::unique_ptr<Public_Key> pub_key(issuer.subject_public_key());
const std::vector<std::string> sig_info =
- split_on(OIDS::lookup(m_sig_algo.oid), '/');
+ split_on(OIDS::lookup(m_sig_algo.get_oid()), '/');
if(sig_info.size() != 2 || sig_info[0] != pub_key->algo_name())
return Certificate_Status_Code::OCSP_RESPONSE_INVALID;
diff --git a/src/lib/x509/ocsp_types.cpp b/src/lib/x509/ocsp_types.cpp
index d09681fcd..353cb100a 100644
--- a/src/lib/x509/ocsp_types.cpp
+++ b/src/lib/x509/ocsp_types.cpp
@@ -39,7 +39,7 @@ bool CertID::is_id_for(const X509_Certificate& issuer,
if(BigInt::decode(subject.serial_number()) != m_subject_serial)
return false;
- std::unique_ptr<HashFunction> hash(HashFunction::create(OIDS::lookup(m_hash_id.oid)));
+ std::unique_ptr<HashFunction> hash(HashFunction::create(OIDS::lookup(m_hash_id.get_oid())));
if(m_issuer_dn_hash != unlock(hash->process(subject.raw_issuer_dn())))
return false;
diff --git a/src/lib/x509/pkcs10.cpp b/src/lib/x509/pkcs10.cpp
index 1f7e915ff..b1543e398 100644
--- a/src/lib/x509/pkcs10.cpp
+++ b/src/lib/x509/pkcs10.cpp
@@ -90,21 +90,23 @@ std::unique_ptr<PKCS10_Data> decode_pkcs10(const std::vector<uint8_t>& body)
{
Attribute attr;
attributes.decode(attr);
- BER_Decoder value(attr.parameters);
- if(attr.oid == OIDS::lookup("PKCS9.EmailAddress"))
+ const OID& oid = attr.get_oid();
+ BER_Decoder value(attr.get_parameters());
+
+ if(oid == OIDS::lookup("PKCS9.EmailAddress"))
{
ASN1_String email;
value.decode(email);
pkcs9_email.insert(email.value());
}
- else if(attr.oid == OIDS::lookup("PKCS9.ChallengePassword"))
+ else if(oid == OIDS::lookup("PKCS9.ChallengePassword"))
{
ASN1_String challenge_password;
value.decode(challenge_password);
data->m_challenge = challenge_password.value();
}
- else if(attr.oid == OIDS::lookup("PKCS9.ExtensionRequest"))
+ else if(oid == OIDS::lookup("PKCS9.ExtensionRequest"))
{
value.decode(data->m_extensions).verify_end();
}
diff --git a/src/lib/x509/x509_ca.cpp b/src/lib/x509/x509_ca.cpp
index 22fb8ce80..0a470762f 100644
--- a/src/lib/x509/x509_ca.cpp
+++ b/src/lib/x509/x509_ca.cpp
@@ -273,8 +273,8 @@ PK_Signer* choose_sig_format(const Private_Key& key,
padding = padding + "(" + hash->name() + ")";
- sig_algo.oid = OIDS::lookup(algo_name + "/" + padding);
- sig_algo.parameters = key.algorithm_identifier().parameters;
+ sig_algo = AlgorithmIdentifier(OIDS::lookup(algo_name + "/" + padding),
+ key.algorithm_identifier().get_parameters());
return new PK_Signer(key, rng, padding, format);
}
diff --git a/src/lib/x509/x509_obj.cpp b/src/lib/x509/x509_obj.cpp
index 4450df7bb..309bdb1f9 100644
--- a/src/lib/x509/x509_obj.cpp
+++ b/src/lib/x509/x509_obj.cpp
@@ -40,7 +40,7 @@ Pss_params decode_pss_params(const std::vector<uint8_t>& encoded_pss_params)
.decode_optional(pss_parameter.trailer_field, ASN1_Tag(3), PRIVATE, size_t(1))
.end_cons();
- BER_Decoder(pss_parameter.mask_gen_algo.parameters).decode(pss_parameter.mask_gen_hash);
+ BER_Decoder(pss_parameter.mask_gen_algo.get_parameters()).decode(pss_parameter.mask_gen_hash);
return pss_parameter;
}
@@ -147,7 +147,7 @@ std::vector<uint8_t> X509_Object::tbs_data() const
*/
std::string X509_Object::hash_used_for_signature() const
{
- const OID oid = m_sig_algo.oid;
+ const OID& oid = m_sig_algo.get_oid();
std::vector<std::string> sig_info = split_on(OIDS::lookup(oid), '/');
if(sig_info.size() != 2)
@@ -156,7 +156,7 @@ std::string X509_Object::hash_used_for_signature() const
if(sig_info[1] == "EMSA4")
{
- return OIDS::lookup(decode_pss_params(signature_algorithm().parameters).hash_algo.oid);
+ return OIDS::lookup(decode_pss_params(signature_algorithm().get_parameters()).hash_algo.get_oid());
}
else
{
@@ -190,7 +190,7 @@ bool X509_Object::check_signature(const Public_Key& pub_key) const
{
try {
std::vector<std::string> sig_info =
- split_on(OIDS::lookup(m_sig_algo.oid), '/');
+ split_on(OIDS::lookup(m_sig_algo.get_oid()), '/');
if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name())
return false;
@@ -202,22 +202,22 @@ bool X509_Object::check_signature(const Public_Key& pub_key) const
if(padding == "EMSA4")
{
// "MUST contain RSASSA-PSS-params"
- if(signature_algorithm().parameters.empty())
+ if(signature_algorithm().get_parameters().empty())
{
return false;
}
- Pss_params pss_parameter = decode_pss_params(signature_algorithm().parameters);
+ Pss_params pss_parameter = decode_pss_params(signature_algorithm().get_parameters());
// hash_algo must be SHA1, SHA2-224, SHA2-256, SHA2-384 or SHA2-512
- std::string hash_algo = OIDS::lookup(pss_parameter.hash_algo.oid);
+ std::string hash_algo = OIDS::lookup(pss_parameter.hash_algo.get_oid());
if(hash_algo != "SHA-160" && hash_algo != "SHA-224" && hash_algo != "SHA-256" && hash_algo != "SHA-384"
&& hash_algo != "SHA-512")
{
return false;
}
- std::string mgf_algo = OIDS::lookup(pss_parameter.mask_gen_algo.oid);
+ std::string mgf_algo = OIDS::lookup(pss_parameter.mask_gen_algo.get_oid());
if(mgf_algo != "MGF1")
{
return false;
@@ -225,7 +225,7 @@ bool X509_Object::check_signature(const Public_Key& pub_key) const
// For MGF1, it is strongly RECOMMENDED that the underlying hash function be the same as the one identified by hashAlgorithm
// Must be SHA1, SHA2-224, SHA2-256, SHA2-384 or SHA2-512
- if(pss_parameter.mask_gen_hash.oid != pss_parameter.hash_algo.oid)
+ if(pss_parameter.mask_gen_hash.get_oid() != pss_parameter.hash_algo.get_oid())
{
return false;
}
diff --git a/src/lib/x509/x509cert.cpp b/src/lib/x509/x509cert.cpp
index 1370d52b0..da691452b 100644
--- a/src/lib/x509/x509cert.cpp
+++ b/src/lib/x509/x509cert.cpp
@@ -131,7 +131,7 @@ std::unique_ptr<X509_Certificate_Data> parse_x509_cert_body(const X509_Object& o
BER_Decoder(public_key.value).decode(public_key_alg_id).discard_remaining();
std::vector<std::string> public_key_info =
- split_on(OIDS::oid2str(public_key_alg_id.oid), '/');
+ split_on(OIDS::oid2str(public_key_alg_id.get_oid()), '/');
if(!public_key_info.empty() && public_key_info[0] == "RSA")
{
@@ -167,7 +167,7 @@ std::unique_ptr<X509_Certificate_Data> parse_x509_cert_body(const X509_Object& o
else
{
// oid = rsaEncryption -> parameters field MUST contain NULL
- if(public_key_alg_id != AlgorithmIdentifier(public_key_alg_id.oid, AlgorithmIdentifier::USE_NULL_PARAM))
+ if(public_key_alg_id != AlgorithmIdentifier(public_key_alg_id.get_oid(), AlgorithmIdentifier::USE_NULL_PARAM))
{
throw Decoding_Error("Parameters field MUST contain NULL");
}
@@ -801,7 +801,7 @@ std::string X509_Certificate::to_string() const
out << "CRL " << crl_distribution_point() << "\n";
out << "Signature algorithm: " <<
- OIDS::oid2str(this->signature_algorithm().oid) << "\n";
+ OIDS::oid2str(this->signature_algorithm().get_oid()) << "\n";
out << "Serial number: " << hex_encode(this->serial_number()) << "\n";
@@ -820,7 +820,7 @@ std::string X509_Certificate::to_string() const
catch(Decoding_Error&)
{
const AlgorithmIdentifier& alg_id = this->subject_public_key_algo();
- out << "Failed to decode key with oid " << alg_id.oid.as_string() << "\n";
+ out << "Failed to decode key with oid " << alg_id.get_oid().as_string() << "\n";
}
return out.str();
diff --git a/src/tests/unit_ecdsa.cpp b/src/tests/unit_ecdsa.cpp
index a406878fb..7ca2ff042 100644
--- a/src/tests/unit_ecdsa.cpp
+++ b/src/tests/unit_ecdsa.cpp
@@ -82,7 +82,7 @@ Test::Result test_decode_ecdsa_X509()
Test::Result result("ECDSA Unit");
Botan::X509_Certificate cert(Test::data_file("x509/ecc/CSCA.CSCA.csca-germany.1.crt"));
- result.test_eq("correct signature oid", Botan::OIDS::lookup(cert.signature_algorithm().oid), "ECDSA/EMSA1(SHA-224)");
+ result.test_eq("correct signature oid", Botan::OIDS::lookup(cert.signature_algorithm().get_oid()), "ECDSA/EMSA1(SHA-224)");
result.test_eq("serial number", cert.serial_number(), Botan::hex_decode("01"));
result.test_eq("authority key id", cert.authority_key_id(), cert.subject_key_id());
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 01:36:32 +0000