src/cert/x509/certstor.cpp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101

/*
* Certificate Store
* (C) 1999-2010 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/

#include <botan/certstor.h>

namespace Botan {

bool Certificate_Store::certificate_known(const X509_Certificate& cert) const
   {
   std::vector<X509_Certificate> found =
      find_cert_by_subject_and_key_id(cert.subject_dn(),
                                      cert.subject_key_id());

   return (found.size() > 0);
   }

void Certificate_Store_In_Memory::add_certificate(const X509_Certificate& cert)
   {
   for(size_t i = 0; i != certs.size(); ++i)
      {
      if(certs[i] == cert)
         return;
      }

   certs.push_back(cert);
   }

std::vector<X509_Certificate>
Certificate_Store_In_Memory::find_cert_by_subject_and_key_id(
   const X509_DN& subject_dn,
   const MemoryRegion<byte>& key_id) const
   {
   std::vector<X509_Certificate> result;

   for(size_t i = 0; i != certs.size(); ++i)
      {
      // Only compare key ids if set in both call and in the cert
      if(key_id.size())
         {
         MemoryVector<byte> skid = certs[i].subject_key_id();

         if(skid.size() && skid != key_id) // no match
            continue;
         }

      if(certs[i].subject_dn() == subject_dn)
         result.push_back(certs[i]);
      }

   return result;
   }

void Certificate_Store_In_Memory::add_crl(const X509_CRL& crl)
   {
   X509_DN crl_issuer = crl.issuer_dn();

   for(size_t i = 0; i != crls.size(); ++i)
      {
      // Found an update of a previously existing one; replace it
      if(crls[i].issuer_dn() == crl_issuer)
         {
         if(crls[i].this_update() <= crl.this_update())
            crls[i] = crl;
         return;
         }
      }

   // Totally new CRL, add to the list
   crls.push_back(crl);
   }

std::vector<X509_CRL>
Certificate_Store_In_Memory::find_crl_by_issuer_and_key_id(
   const X509_DN& issuer_dn,
   const MemoryRegion<byte>& key_id) const
   {
   std::vector<X509_CRL> result;

   for(size_t i = 0; i != crls.size(); ++i)
      {
      // Only compare key ids if set in both call and in the CRL
      if(key_id.size())
         {
         MemoryVector<byte> akid = crls[i].authority_key_id();

         if(akid.size() && akid != key_id) // no match
            continue;
         }

      if(crls[i].issuer_dn() == issuer_dn)
         result.push_back(crls[i]);
      }

   return result;
   }

}