Botan
1.11.15
|
#include <x509_obj.h>
Public Member Functions | |
std::vector< byte > | BER_encode () const |
bool | check_signature (const Public_Key &key) const |
bool | check_signature (const Public_Key *key) const |
void | decode_from (class BER_Decoder &from) override |
void | encode_into (class DER_Encoder &to) const override |
std::string | hash_used_for_signature () const |
std::string | PEM_encode () const |
std::vector< byte > | signature () const |
AlgorithmIdentifier | signature_algorithm () const |
std::vector< byte > | tbs_data () const |
virtual | ~X509_Object () |
Static Public Member Functions | |
static std::vector< byte > | make_signed (class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const secure_vector< byte > &tbs) |
Protected Member Functions | |
void | do_decode () |
X509_Object (DataSource &src, const std::string &pem_labels) | |
X509_Object (const std::string &file, const std::string &pem_labels) | |
X509_Object (const std::vector< byte > &vec, const std::string &labels) | |
X509_Object () | |
Protected Attributes | |
std::vector< byte > | sig |
AlgorithmIdentifier | sig_algo |
std::vector< byte > | tbs_bits |
This class represents abstract X.509 signed objects as in the X.500 SIGNED macro
Definition at line 22 of file x509_obj.h.
virtual Botan::X509_Object::~X509_Object | ( | ) | [inline, virtual] |
Definition at line 88 of file x509_obj.h.
{}
Botan::X509_Object::X509_Object | ( | DataSource & | src, |
const std::string & | pem_labels | ||
) | [protected] |
Definition at line 23 of file x509_obj.cpp.
{ init(stream, labels); }
Botan::X509_Object::X509_Object | ( | const std::string & | file, |
const std::string & | pem_labels | ||
) | [protected] |
Definition at line 31 of file x509_obj.cpp.
{
DataSource_Stream stream(file, true);
init(stream, labels);
}
Botan::X509_Object::X509_Object | ( | const std::vector< byte > & | vec, |
const std::string & | labels | ||
) | [protected] |
Definition at line 40 of file x509_obj.cpp.
{ DataSource_Memory stream(&vec[0], vec.size()); init(stream, labels); }
Botan::X509_Object::X509_Object | ( | ) | [inline, protected] |
Definition at line 95 of file x509_obj.h.
{}
std::vector< byte > Botan::X509_Object::BER_encode | ( | ) | const |
Definition at line 113 of file x509_obj.cpp.
References encode_into(), and Botan::DER_Encoder::get_contents_unlocked().
Referenced by Botan::X509_Certificate::fingerprint(), and PEM_encode().
{ DER_Encoder der; encode_into(der); return der.get_contents_unlocked(); }
bool Botan::X509_Object::check_signature | ( | const Public_Key & | key | ) | const |
Check the signature on this data
key | the public key purportedly used to sign this data |
Definition at line 187 of file x509_obj.cpp.
References Botan::Public_Key::algo_name(), Botan::DER_SEQUENCE, Botan::IEEE_1363, Botan::OIDS::lookup(), Botan::Public_Key::message_parts(), Botan::AlgorithmIdentifier::oid, sig_algo, signature(), Botan::split_on(), tbs_data(), and Botan::PK_Verifier::verify_message().
Referenced by check_signature().
{ try { std::vector<std::string> sig_info = split_on(OIDS::lookup(sig_algo.oid), '/'); if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name()) return false; std::string padding = sig_info[1]; Signature_Format format = (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363; PK_Verifier verifier(pub_key, padding, format); return verifier.verify_message(tbs_data(), signature()); } catch(std::exception& e) { return false; } }
bool Botan::X509_Object::check_signature | ( | const Public_Key * | key | ) | const |
Check the signature on this data
key | the public key purportedly used to sign this data the pointer will be deleted after use |
Definition at line 176 of file x509_obj.cpp.
References check_signature().
{ if(!pub_key) throw std::runtime_error("No key provided for " + PEM_label_pref + " signature check"); std::unique_ptr<const Public_Key> key(pub_key); return check_signature(*key); }
void Botan::X509_Object::decode_from | ( | class BER_Decoder & | from | ) | [override, virtual] |
Decode whatever this object is from from
from | the BER_Decoder that will be read from |
Implements Botan::ASN1_Object.
Definition at line 98 of file x509_obj.cpp.
References Botan::BIT_STRING, Botan::BER_Decoder::decode(), Botan::BER_Decoder::end_cons(), Botan::BER_Decoder::raw_bytes(), Botan::SEQUENCE, sig, sig_algo, Botan::BER_Decoder::start_cons(), tbs_bits, and Botan::BER_Decoder::verify_end().
void Botan::X509_Object::do_decode | ( | ) | [protected] |
Definition at line 230 of file x509_obj.cpp.
Referenced by Botan::PKCS10_Request::PKCS10_Request(), Botan::X509_Certificate::X509_Certificate(), and Botan::X509_CRL::X509_CRL().
{ try { force_decode(); } catch(Decoding_Error& e) { throw Decoding_Error(PEM_label_pref + " decoding failed (" + e.what() + ")"); } catch(Invalid_Argument& e) { throw Decoding_Error(PEM_label_pref + " decoding failed (" + e.what() + ")"); } }
void Botan::X509_Object::encode_into | ( | class DER_Encoder & | to | ) | const [override, virtual] |
Encode whatever this object is into to
to | the DER_Encoder that will be written to |
Implements Botan::ASN1_Object.
Definition at line 84 of file x509_obj.cpp.
References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, sig, sig_algo, Botan::DER_Encoder::start_cons(), and tbs_bits.
Referenced by BER_encode().
std::string Botan::X509_Object::hash_used_for_signature | ( | ) | const |
Definition at line 155 of file x509_obj.cpp.
References Botan::OID::as_string(), Botan::OIDS::lookup(), Botan::AlgorithmIdentifier::oid, Botan::parse_algorithm_name(), sig_algo, and Botan::split_on().
{ std::vector<std::string> sig_info = split_on(OIDS::lookup(sig_algo.oid), '/'); if(sig_info.size() != 2) throw Internal_Error("Invalid name format found for " + sig_algo.oid.as_string()); std::vector<std::string> pad_and_hash = parse_algorithm_name(sig_info[1]); if(pad_and_hash.size() != 2) throw Internal_Error("Invalid name format " + sig_info[1]); return pad_and_hash[1]; }
std::vector< byte > Botan::X509_Object::make_signed | ( | class PK_Signer * | signer, |
RandomNumberGenerator & | rng, | ||
const AlgorithmIdentifier & | alg_id, | ||
const secure_vector< byte > & | tbs | ||
) | [static] |
Create a signed X509 object.
signer | the signer used to sign the object |
rng | the random number generator to use |
alg_id | the algorithm identifier of the signature scheme |
tbs | the tbs bits to be signed |
Definition at line 213 of file x509_obj.cpp.
References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::get_contents_unlocked(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::PK_Signer::sign_message(), and Botan::DER_Encoder::start_cons().
Referenced by Botan::X509::create_cert_req(), and Botan::X509_CA::make_cert().
{ return DER_Encoder() .start_cons(SEQUENCE) .raw_bytes(tbs_bits) .encode(algo) .encode(signer->sign_message(tbs_bits, rng), BIT_STRING) .end_cons() .get_contents_unlocked(); }
std::string Botan::X509_Object::PEM_encode | ( | ) | const |
Definition at line 123 of file x509_obj.cpp.
References BER_encode(), and Botan::PEM_Code::encode().
Referenced by Botan::X509_Certificate::to_string().
{ return PEM_Code::encode(BER_encode(), PEM_label_pref); }
std::vector< byte > Botan::X509_Object::signature | ( | ) | const |
Definition at line 139 of file x509_obj.cpp.
References sig.
Referenced by check_signature().
{ return sig; }
Definition at line 147 of file x509_obj.cpp.
References sig_algo.
Referenced by Botan::X509_Certificate::to_string().
{ return sig_algo; }
std::vector< byte > Botan::X509_Object::tbs_data | ( | ) | const |
The underlying data that is to be or was signed
Definition at line 131 of file x509_obj.cpp.
References Botan::ASN1::put_in_sequence(), and tbs_bits.
Referenced by check_signature().
{ return ASN1::put_in_sequence(tbs_bits); }
std::vector<byte> Botan::X509_Object::sig [protected] |
Definition at line 97 of file x509_obj.h.
Referenced by decode_from(), encode_into(), Botan::X509_Certificate::operator<(), Botan::X509_Certificate::operator==(), and signature().
AlgorithmIdentifier Botan::X509_Object::sig_algo [protected] |
Definition at line 96 of file x509_obj.h.
Referenced by check_signature(), decode_from(), encode_into(), hash_used_for_signature(), Botan::X509_Certificate::operator==(), and signature_algorithm().
std::vector<byte> Botan::X509_Object::tbs_bits [protected] |
Definition at line 97 of file x509_obj.h.
Referenced by decode_from(), encode_into(), Botan::X509_Certificate::operator<(), and tbs_data().