Botan  1.11.15
Public Member Functions
Botan::OCSP::CertID Class Reference

#include <ocsp_types.h>

Inheritance diagram for Botan::OCSP::CertID:
Botan::ASN1_Object

List of all members.

Public Member Functions

 CertID ()
 CertID (const X509_Certificate &issuer, const X509_Certificate &subject)
void decode_from (class BER_Decoder &from) override
void encode_into (class DER_Encoder &to) const override
bool is_id_for (const X509_Certificate &issuer, const X509_Certificate &subject) const

Detailed Description

Definition at line 19 of file ocsp_types.h.


Constructor & Destructor Documentation

Definition at line 22 of file ocsp_types.h.

{}
Botan::OCSP::CertID::CertID ( const X509_Certificate issuer,
const X509_Certificate subject 
)

Definition at line 20 of file ocsp_types.cpp.

References Botan::BER::decode(), Botan::get_hash(), Botan::X509_Certificate::raw_issuer_dn(), Botan::X509_Certificate::serial_number(), Botan::unlock(), and Botan::AlgorithmIdentifier::USE_NULL_PARAM.

   {
   /*
   In practice it seems some responders, including, notably,
   ocsp.verisign.com, will reject anything but SHA-1 here
   */
   std::unique_ptr<HashFunction> hash(get_hash("SHA-160"));

   m_hash_id = AlgorithmIdentifier(hash->name(), AlgorithmIdentifier::USE_NULL_PARAM);
   m_issuer_key_hash = unlock(hash->process(extract_key_bitstr(issuer)));
   m_issuer_dn_hash = unlock(hash->process(subject.raw_issuer_dn()));
   m_subject_serial = BigInt::decode(subject.serial_number());
   }

Member Function Documentation

void Botan::OCSP::CertID::decode_from ( class BER_Decoder from) [override, virtual]

Decode whatever this object is from from

Parameters:
fromthe BER_Decoder that will be read from

Implements Botan::ASN1_Object.

Definition at line 83 of file ocsp_types.cpp.

References Botan::BER_Decoder::decode(), Botan::BER_Decoder::end_cons(), Botan::OCTET_STRING, Botan::SEQUENCE, and Botan::BER_Decoder::start_cons().

   {
   from.start_cons(SEQUENCE)
      .decode(m_hash_id)
      .decode(m_issuer_dn_hash, OCTET_STRING)
      .decode(m_issuer_key_hash, OCTET_STRING)
      .decode(m_subject_serial)
      .end_cons();

   }
void Botan::OCSP::CertID::encode_into ( class DER_Encoder to) const [override, virtual]

Encode whatever this object is into to

Parameters:
tothe DER_Encoder that will be written to

Implements Botan::ASN1_Object.

Definition at line 73 of file ocsp_types.cpp.

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::OCTET_STRING, Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

   {
   to.start_cons(SEQUENCE)
      .encode(m_hash_id)
      .encode(m_issuer_dn_hash, OCTET_STRING)
      .encode(m_issuer_key_hash, OCTET_STRING)
      .encode(m_subject_serial)
      .end_cons();
   }
bool Botan::OCSP::CertID::is_id_for ( const X509_Certificate issuer,
const X509_Certificate subject 
) const

Definition at line 49 of file ocsp_types.cpp.

References Botan::BigInt::decode(), Botan::get_hash(), Botan::OIDS::lookup(), Botan::AlgorithmIdentifier::oid, Botan::X509_Certificate::raw_issuer_dn(), Botan::X509_Certificate::serial_number(), and Botan::unlock().

   {
   try
      {
      if(BigInt::decode(subject.serial_number()) != m_subject_serial)
         return false;

      std::unique_ptr<HashFunction> hash(get_hash(OIDS::lookup(m_hash_id.oid)));

      if(m_issuer_dn_hash != unlock(hash->process(subject.raw_issuer_dn())))
         return false;

      if(m_issuer_key_hash != unlock(hash->process(extract_key_bitstr(issuer))))
         return false;
      }
   catch(...)
      {
      return false;
      }

   return true;
   }

The documentation for this class was generated from the following files: