From f090e030be53e574fecbe7cf50edfb5fdacb53e1 Mon Sep 17 00:00:00 2001 From: lloyd Date: Fri, 19 May 2006 00:07:25 +0000 Subject: Syntax changes to the BER and DER APIs to improve readability of code that uses them. These changes are not backwards compatible, this commit updates all uses of the APIs within the library. --- include/asn1_int.h | 17 ++++++++- include/asn1_obj.h | 66 +++++++++++++------------------- include/asn1_oid.h | 1 + include/ber_dec.h | 108 +++++++++++++++++++++++++++++------------------------ include/crl_ent.h | 23 ++---------- include/datastor.h | 6 ++- include/der_enc.h | 49 +++++++++++++----------- include/x509_ext.h | 84 ++++++++++++++++++++++++++++++++++------- include/x509_obj.h | 2 + include/x509cert.h | 24 ++++++------ 10 files changed, 221 insertions(+), 159 deletions(-) (limited to 'include') diff --git a/include/asn1_int.h b/include/asn1_int.h index 40ddbb444..85f763f26 100644 --- a/include/asn1_int.h +++ b/include/asn1_int.h @@ -6,8 +6,9 @@ #ifndef BOTAN_ASN1_H__ #define BOTAN_ASN1_H__ -#include +#include #include +#include namespace Botan { @@ -18,9 +19,22 @@ class ASN1_Object { public: virtual void encode_into(class DER_Encoder&) const = 0; + virtual void decode_from(class BER_Decoder&) = 0; virtual ~ASN1_Object() {} }; +/************************************************* +* BER Encoded Object * +*************************************************/ +class BER_Object + { + public: + void assert_is_a(ASN1_Tag, ASN1_Tag); + + ASN1_Tag type_tag, class_tag; + SecureVector value; + }; + /************************************************* * ASN.1 Utility Functions * *************************************************/ @@ -29,6 +43,7 @@ class DataSource; namespace ASN1 { SecureVector put_in_sequence(const MemoryRegion&); +std::string to_string(const BER_Object&); bool maybe_BER(DataSource&); } diff --git a/include/asn1_obj.h b/include/asn1_obj.h index c36c2ac14..2ead6b54c 100644 --- a/include/asn1_obj.h +++ b/include/asn1_obj.h @@ -7,10 +7,9 @@ #define BOTAN_ASN1_OBJ_H__ #include -#include -#include -#include +#include #include +#include namespace Botan { @@ -20,12 +19,13 @@ namespace Botan { class AlgorithmIdentifier : public ASN1_Object { public: - void encode_into(DER_Encoder&) const; + void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); AlgorithmIdentifier() {} AlgorithmIdentifier(const OID&, const MemoryRegion&); AlgorithmIdentifier(const std::string&, const MemoryRegion&); - public: + OID oid; SecureVector parameters; }; @@ -36,12 +36,13 @@ class AlgorithmIdentifier : public ASN1_Object class Extension : public ASN1_Object { public: + void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); + bool critical; OID oid; SecureVector value; - void encode_into(DER_Encoder&) const; - Extension() { critical = false; } Extension(const OID&, const MemoryRegion&); Extension(const std::string&, const MemoryRegion&); @@ -53,7 +54,8 @@ class Extension : public ASN1_Object class Attribute : public ASN1_Object { public: - void encode_into(DER_Encoder&) const; + void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); OID oid; SecureVector parameters; @@ -69,7 +71,8 @@ class Attribute : public ASN1_Object class X509_Time : public ASN1_Object { public: - void encode_into(DER_Encoder&) const; + void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); std::string as_string() const; std::string readable_string() const; @@ -92,7 +95,8 @@ class X509_Time : public ASN1_Object class ASN1_String : public ASN1_Object { public: - void encode_into(DER_Encoder&) const; + void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); std::string value() const; std::string iso_8859() const; @@ -112,11 +116,14 @@ class ASN1_String : public ASN1_Object class X509_DN : public ASN1_Object { public: - void encode_into(DER_Encoder&) const; + void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); std::multimap get_attributes() const; std::vector get_attribute(const std::string&) const; + std::multimap contents() const; + void add_attribute(const std::string&, const std::string&); void add_attribute(const OID&, const std::string&); @@ -139,7 +146,10 @@ class X509_DN : public ASN1_Object class AlternativeName : public ASN1_Object { public: - void encode_into(DER_Encoder&) const; + void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); + + std::multimap contents() const; void add_attribute(const std::string&, const std::string&); std::multimap get_attributes() const; @@ -171,38 +181,12 @@ bool operator==(const X509_DN&, const X509_DN&); bool operator!=(const X509_DN&, const X509_DN&); bool operator<(const X509_DN&, const X509_DN&); -s32bit validity_check(const X509_Time&, const X509_Time&, u64bit); - -bool is_string_type(ASN1_Tag); - -/************************************************* -* DER Encoding Functions * -*************************************************/ -namespace DER { - -//void encode(DER_Encoder&, const Attribute&); -//void encode(DER_Encoder&, const ASN1_String&); -void encode(DER_Encoder&, const ASN1_String&, - ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC); - -} - /************************************************* -* BER Decoding Functions * +* Helper Functions * *************************************************/ -namespace BER { - -void decode(BER_Decoder&, AlgorithmIdentifier&); -void decode(BER_Decoder&, Extension&); -void decode(BER_Decoder&, Attribute&); -void decode(BER_Decoder&, X509_Time&); -void decode(BER_Decoder&, ASN1_String&); -void decode(BER_Decoder&, ASN1_String&, ASN1_Tag, ASN1_Tag); -void decode(BER_Decoder&, X509_DN&); -void decode(BER_Decoder&, AlternativeName&); -void decode(BER_Decoder&, Key_Constraints&); +s32bit validity_check(const X509_Time&, const X509_Time&, u64bit); -} +bool is_string_type(ASN1_Tag); } diff --git a/include/asn1_oid.h b/include/asn1_oid.h index b2bdd4867..94794607a 100644 --- a/include/asn1_oid.h +++ b/include/asn1_oid.h @@ -19,6 +19,7 @@ class OID : public ASN1_Object { public: void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); bool is_empty() const { return id.size() == 0; } std::vector get_id() const { return id; } diff --git a/include/ber_dec.h b/include/ber_dec.h index 32feb43e1..f1147e052 100644 --- a/include/ber_dec.h +++ b/include/ber_dec.h @@ -7,33 +7,28 @@ #define BOTAN_BER_DECODER_H__ #include -#include #include namespace Botan { -/************************************************* -* BER Encoded Object * -*************************************************/ -struct BER_Object - { - ASN1_Tag type_tag, class_tag; - SecureVector value; - }; - /************************************************* * BER Decoding Object * *************************************************/ class BER_Decoder { public: - bool more_items() const; - void verify_end() const; - SecureVector get_remaining(); - void discard_remaining(); BER_Object get_next_object(); void push_back(const BER_Object&); + bool more_items() const; + BER_Decoder& verify_end(); + BER_Decoder& discard_remaining(); + + BER_Decoder start_cons(ASN1_Tag); + BER_Decoder& end_cons(); + + BER_Decoder& raw_bytes(MemoryRegion&); + BER_Decoder& decode_null(); BER_Decoder& decode(bool&); BER_Decoder& decode(u32bit&); @@ -47,6 +42,17 @@ class BER_Decoder BER_Decoder& decode(MemoryRegion&, ASN1_Tag, ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC); + BER_Decoder& decode(class ASN1_Object&); + + template + BER_Decoder& decode_optional(T&, ASN1_Tag, ASN1_Tag, const T& = T()); + + template + BER_Decoder& decode_list(std::vector&, bool = true); + + BER_Decoder& decode_optional_string(MemoryRegion&, + ASN1_Tag, u16bit); + BER_Decoder(DataSource&); BER_Decoder(const byte[], u32bit); BER_Decoder(const MemoryRegion&); @@ -54,64 +60,68 @@ class BER_Decoder ~BER_Decoder(); private: BER_Decoder& operator=(const BER_Decoder&) { return (*this); } + + BER_Decoder* parent; DataSource* source; BER_Object pushed; mutable bool owns; }; -/************************************************* -* BER Decoding Functions * -*************************************************/ -namespace BER { - -void decode(BER_Decoder&, OID&); - -BER_Decoder get_subsequence(BER_Decoder&); -BER_Decoder get_subset(BER_Decoder&); - -BER_Decoder get_subsequence(BER_Decoder&, ASN1_Tag, - ASN1_Tag = CONTEXT_SPECIFIC); -BER_Decoder get_subset(BER_Decoder&, ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC); - -std::string to_string(const BER_Object&); -bool decode_optional_string(BER_Decoder&, MemoryRegion&, - ASN1_Tag, ASN1_Tag, ASN1_Tag); - /************************************************* * Decode an OPTIONAL or DEFAULT element * *************************************************/ -template -bool decode_optional(BER_Decoder& in, T& out, - ASN1_Tag type_tag, ASN1_Tag class_tag, - const T& default_value = T()) +template +BER_Decoder& BER_Decoder::decode_optional(T& out, + ASN1_Tag type_tag, + ASN1_Tag class_tag, + const T& default_value) { - BER_Object obj = in.get_next_object(); + BER_Object obj = get_next_object(); if(obj.type_tag == type_tag && obj.class_tag == class_tag) { if(class_tag & CONSTRUCTED) - { - BER_Decoder stored_value(obj.value); - //BER::decode(stored_value, out); - stored_value.decode(out); - stored_value.verify_end(); - } + BER_Decoder(obj.value).decode(out).verify_end(); else { - in.push_back(obj); - //BER::decode(in, out, type_tag, class_tag); - in.decode(out, type_tag, class_tag); + push_back(obj); + decode(out, type_tag, class_tag); } - return true; } else { out = default_value; - in.push_back(obj); - return false; + push_back(obj); + } + + return (*this); + } + +/************************************************* +* Decode a list of homogenously typed values * +*************************************************/ +template +BER_Decoder& BER_Decoder::decode_list(std::vector& vec, bool clear_it) + { + if(clear_it) + vec.clear(); + + while(more_items()) + { + T value; + decode(value); + vec.push_back(value); } + return (*this); } +/************************************************* +* BER Decoding Functions * +*************************************************/ +namespace BER { + +void decode(BER_Decoder&, Key_Constraints&); + } } diff --git a/include/crl_ent.h b/include/crl_ent.h index 660148211..510c4f5a8 100644 --- a/include/crl_ent.h +++ b/include/crl_ent.h @@ -13,9 +13,12 @@ namespace Botan { /************************************************* * CRL Entry * *************************************************/ -class CRL_Entry +class CRL_Entry : public ASN1_Object { public: + void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); + MemoryVector serial; X509_Time time; CRL_Code reason; @@ -30,24 +33,6 @@ bool operator==(const CRL_Entry&, const CRL_Entry&); bool operator!=(const CRL_Entry&, const CRL_Entry&); bool operator<(const CRL_Entry&, const CRL_Entry&); -/************************************************* -* DER Encoding Functions * -*************************************************/ -namespace DER { - -void encode(DER_Encoder&, const CRL_Entry&); - -} - -/************************************************* -* BER Decoding Functions * -*************************************************/ -namespace BER { - -void decode(BER_Decoder&, CRL_Entry&); - -} - } #endif diff --git a/include/datastor.h b/include/datastor.h index 86a607feb..365c0d32b 100644 --- a/include/datastor.h +++ b/include/datastor.h @@ -34,7 +34,9 @@ class Data_Store bool operator==(const Data_Store&) const; - std::multimap get(const Matcher&) const; + std::multimap + search_with(const Matcher&) const; + std::vector get(const std::string&) const; std::string get1(const std::string&) const; @@ -42,6 +44,8 @@ class Data_Store MemoryVector get1_memvec(const std::string&) const; u32bit get1_u32bit(const std::string&, u32bit = 0) const; + bool has_value(const std::string&) const; + void add(const std::multimap&); void add(const std::string&, const std::string&); void add(const std::string&, u32bit); diff --git a/include/der_enc.h b/include/der_enc.h index b07c76172..d0e655ad7 100644 --- a/include/der_enc.h +++ b/include/der_enc.h @@ -6,7 +6,8 @@ #ifndef BOTAN_DER_ENCODER_H__ #define BOTAN_DER_ENCODER_H__ -#include +#include +#include #include namespace Botan { @@ -19,21 +20,14 @@ class DER_Encoder public: SecureVector get_contents(); - DER_Encoder& start_sequence(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC); - DER_Encoder& end_sequence(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC); - DER_Encoder& start_set(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC); - DER_Encoder& end_set(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC); + DER_Encoder& start_cons(ASN1_Tag, ASN1_Tag = UNIVERSAL); + DER_Encoder& end_cons(); - DER_Encoder& start_sequence(); - DER_Encoder& end_sequence(); - DER_Encoder& start_set(); - DER_Encoder& end_set(); + DER_Encoder& start_explicit(u16bit); + DER_Encoder& end_explicit(); - DER_Encoder& start_explicit(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC); - DER_Encoder& end_explicit(ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC); - - DER_Encoder& add_raw_octets(const byte[], u32bit); - DER_Encoder& add_raw_octets(const MemoryRegion&); + DER_Encoder& raw_bytes(const byte[], u32bit); + DER_Encoder& raw_bytes(const MemoryRegion&); DER_Encoder& encode_null(); DER_Encoder& encode(bool); @@ -51,33 +45,44 @@ class DER_Encoder DER_Encoder& encode(const byte[], u32bit, ASN1_Tag, ASN1_Tag, ASN1_Tag = CONTEXT_SPECIFIC); + template + DER_Encoder& encode_optional(const T& value, const T& default_value) + { + if(value != default_value) + encode(value); + return (*this); + } + + template + DER_Encoder& encode_list(const std::vector& values) + { + for(u32bit j = 0; j != values.size(); ++j) + encode(values[j]); + return (*this); + } + DER_Encoder& encode(const class ASN1_Object&); + DER_Encoder& encode_if(bool, DER_Encoder&); + DER_Encoder& add_object(ASN1_Tag, ASN1_Tag, const byte[], u32bit); DER_Encoder& add_object(ASN1_Tag, ASN1_Tag, const MemoryRegion&); DER_Encoder& add_object(ASN1_Tag, ASN1_Tag, const std::string&); DER_Encoder& add_object(ASN1_Tag, ASN1_Tag, byte); - - DER_Encoder(); private: - DER_Encoder& start_cons(ASN1_Tag, ASN1_Tag, bool); - DER_Encoder& end_cons(ASN1_Tag, ASN1_Tag); - class DER_Sequence { public: ASN1_Tag tag_of() const; SecureVector get_contents(); void add_bytes(const byte[], u32bit); - DER_Sequence(ASN1_Tag, ASN1_Tag, bool = false); + DER_Sequence(ASN1_Tag, ASN1_Tag); private: ASN1_Tag type_tag, class_tag; - bool is_a_set; SecureVector contents; std::vector< SecureVector > set_contents; }; SecureVector contents; std::vector subsequences; - u32bit sequence_level; }; } diff --git a/include/x509_ext.h b/include/x509_ext.h index 7e3b68288..138a334c6 100644 --- a/include/x509_ext.h +++ b/include/x509_ext.h @@ -9,54 +9,58 @@ #include #include #include +#include +#include namespace Botan { /************************************************* * X.509 Certificate Extension * *************************************************/ -class Certificate_Extension : public ASN1_Object +class Certificate_Extension { public: - void encode_into(class DER_Encoder&) const; - void decode_from(class BER_Decoder&); void maybe_add(class DER_Encoder&) const; OID oid_of() const; void make_critical() { critical = true; } bool is_critical() const { return critical; } - //virtual std::multimap contents() const = 0; + virtual void contents_to(Data_Store&, Data_Store&) const = 0; virtual std::string config_id() const = 0; virtual std::string oid_name() const = 0; Certificate_Extension() { critical = false; } virtual ~Certificate_Extension() {} protected: + friend class Extensions; virtual bool should_encode() const { return true; } virtual MemoryVector encode_inner() const = 0; virtual void decode_inner(const MemoryRegion&) = 0; private: - void encode_into(class DER_Encoder&, bool) const; bool critical; }; /************************************************* -* X.509 Certificate Extensions * +* X.509 Certificate Extension List * *************************************************/ class Extensions : public ASN1_Object { public: void encode_into(class DER_Encoder&) const; + void decode_from(class BER_Decoder&); + std::vector get() const + { return extensions; } void add(Certificate_Extension* extn) { extensions.push_back(extn); } - + ~Extensions(); private: std::vector extensions; }; + namespace Cert_Extension { /************************************************* @@ -65,13 +69,15 @@ namespace Cert_Extension { class Basic_Constraints : public Certificate_Extension { public: - Basic_Constraints(bool = false, u32bit = 0); + Basic_Constraints(bool ca = false, u32bit limit = 0) : + is_ca(ca), path_limit(limit) {} private: std::string config_id() const { return "basic_constraints"; } std::string oid_name() const { return "X509v3.BasicConstraints"; } MemoryVector encode_inner() const; void decode_inner(const MemoryRegion&); + void contents_to(Data_Store&, Data_Store&) const; bool is_ca; u32bit path_limit; @@ -83,7 +89,7 @@ class Basic_Constraints : public Certificate_Extension class Key_Usage : public Certificate_Extension { public: - Key_Usage(Key_Constraints); + Key_Usage(Key_Constraints c = NO_CONSTRAINTS) : constraints(c) {} private: std::string config_id() const { return "key_usage"; } std::string oid_name() const { return "X509v3.KeyUsage"; } @@ -91,6 +97,7 @@ class Key_Usage : public Certificate_Extension bool should_encode() const { return (constraints != NO_CONSTRAINTS); } MemoryVector encode_inner() const; void decode_inner(const MemoryRegion&); + void contents_to(Data_Store&, Data_Store&) const; Key_Constraints constraints; }; @@ -101,13 +108,16 @@ class Key_Usage : public Certificate_Extension class Subject_Key_ID : public Certificate_Extension { public: + Subject_Key_ID() {} Subject_Key_ID(const MemoryRegion&); private: std::string config_id() const { return "subject_key_id"; } std::string oid_name() const { return "X509v3.SubjectKeyIdentifier"; } + bool should_encode() const { return (key_id.size() > 0); } MemoryVector encode_inner() const; void decode_inner(const MemoryRegion&); + void contents_to(Data_Store&, Data_Store&) const; MemoryVector key_id; }; @@ -118,7 +128,8 @@ class Subject_Key_ID : public Certificate_Extension class Authority_Key_ID : public Certificate_Extension { public: - Authority_Key_ID(const MemoryRegion&); + Authority_Key_ID() {} + Authority_Key_ID(const MemoryRegion& k) : key_id(k) {} private: std::string config_id() const { return "authority_key_id"; } std::string oid_name() const { return "X509v3.AuthorityKeyIdentifier"; } @@ -126,6 +137,7 @@ class Authority_Key_ID : public Certificate_Extension bool should_encode() const { return (key_id.size() > 0); } MemoryVector encode_inner() const; void decode_inner(const MemoryRegion&); + void contents_to(Data_Store&, Data_Store&) const; MemoryVector key_id; }; @@ -145,6 +157,7 @@ class Alternative_Name : public Certificate_Extension bool should_encode() const { return alt_name.has_items(); } MemoryVector encode_inner() const; void decode_inner(const MemoryRegion&); + void contents_to(Data_Store&, Data_Store&) const; std::string config_name_str, oid_name_str; AlternativeName alt_name; @@ -156,7 +169,8 @@ class Alternative_Name : public Certificate_Extension class Extended_Key_Usage : public Certificate_Extension { public: - Extended_Key_Usage(const std::vector&); + Extended_Key_Usage() {} + Extended_Key_Usage(const std::vector& o) : oids(o) {} private: std::string config_id() const { return "extended_key_usage"; } std::string oid_name() const { return "X509v3.ExtendedKeyUsage"; } @@ -164,6 +178,27 @@ class Extended_Key_Usage : public Certificate_Extension bool should_encode() const { return (oids.size() > 0); } MemoryVector encode_inner() const; void decode_inner(const MemoryRegion&); + void contents_to(Data_Store&, Data_Store&) const; + + std::vector oids; + }; + +/************************************************* +* Certificate Policies Extension * +*************************************************/ +class Certificate_Policies : public Certificate_Extension + { + public: + Certificate_Policies() {} + Certificate_Policies(const std::vector& o) : oids(o) {} + private: + std::string config_id() const { return "policy_info"; } + std::string oid_name() const { return "X509v3.CertificatePolicies"; } + + bool should_encode() const { return (oids.size() > 0); } + MemoryVector encode_inner() const; + void decode_inner(const MemoryRegion&); + void contents_to(Data_Store&, Data_Store&) const; std::vector oids; }; @@ -174,19 +209,40 @@ class Extended_Key_Usage : public Certificate_Extension class CRL_Number : public Certificate_Extension { public: - CRL_Number(u32bit = 0); + CRL_Number() : has_value(false) {} + CRL_Number(u32bit n) : has_value(true), crl_number(n) {} private: std::string config_id() const { return "crl_number"; } std::string oid_name() const { return "X509v3.CRLNumber"; } - bool should_encode() const { return (crl_number != 0); } - + bool should_encode() const { return has_value; } MemoryVector encode_inner() const; void decode_inner(const MemoryRegion&); + void contents_to(Data_Store&, Data_Store&) const; + bool has_value; u32bit crl_number; }; +/************************************************* +* CRL Entry Reason Code Extension * +*************************************************/ +class CRL_ReasonCode : public Certificate_Extension + { + public: + CRL_ReasonCode(CRL_Code r = UNSPECIFIED) : reason(r) {} + private: + std::string config_id() const { return "crl_reason"; } + std::string oid_name() const { return "X509v3.ReasonCode"; } + + bool should_encode() const { return (reason != UNSPECIFIED); } + MemoryVector encode_inner() const; + void decode_inner(const MemoryRegion&); + void contents_to(Data_Store&, Data_Store&) const; + + CRL_Code reason; + }; + } } diff --git a/include/x509_obj.h b/include/x509_obj.h index 18c1e574b..f7f110a42 100644 --- a/include/x509_obj.h +++ b/include/x509_obj.h @@ -22,6 +22,8 @@ class X509_Object SecureVector signature() const; AlgorithmIdentifier signature_algorithm() const; + bool check_signature(class X509_PublicKey&) const; + void encode(Pipe&, X509_Encoding = PEM) const; SecureVector BER_encode() const; std::string PEM_encode() const; diff --git a/include/x509cert.h b/include/x509cert.h index 60534c769..0a6d0ec83 100644 --- a/include/x509cert.h +++ b/include/x509cert.h @@ -13,7 +13,7 @@ namespace Botan { -static const u32bit NO_CERT_PATH_LIMIT = 0xFFFFFFFF; +static const u32bit NO_CERT_PATH_LIMIT = 0xFFFFFFF0; /************************************************* * X.509 Certificate * @@ -23,36 +23,36 @@ class X509_Certificate : public X509_Object public: X509_PublicKey* subject_public_key() const; - u32bit x509_version() const; - MemoryVector serial_number() const; - MemoryVector authority_key_id() const; - MemoryVector subject_key_id() const; - Key_Constraints constraints() const; + X509_DN issuer_dn() const; + X509_DN subject_dn() const; + std::string subject_info(const std::string&) const; + std::string issuer_info(const std::string&) const; std::string start_time() const; std::string end_time() const; - std::string subject_info(const std::string&) const; - std::string issuer_info(const std::string&) const; - X509_DN issuer_dn() const; - X509_DN subject_dn() const; + u32bit x509_version() const; + MemoryVector serial_number() const; + MemoryVector authority_key_id() const; + MemoryVector subject_key_id() const; bool self_signed() const; bool is_CA_cert() const; u32bit path_limit() const; + Key_Constraints constraints() const; std::vector ex_constraints() const; std::vector policies() const; bool operator==(const X509_Certificate&) const; - void force_decode(); - X509_Certificate(DataSource&); X509_Certificate(const std::string&); private: friend class X509_CA; X509_Certificate() {} + void force_decode(); + void handle_v3_extension(const Extension&); Data_Store info; -- cgit v1.2.3