Botan  1.11.15
Functions
Botan::X509 Namespace Reference

Functions

std::vector< byteBER_encode (const Public_Key &key)
Public_Keycopy_key (const Public_Key &key)
PKCS10_Request create_cert_req (const X509_Cert_Options &opts, const Private_Key &key, const std::string &hash_fn, RandomNumberGenerator &rng)
Public_Keyload_key (DataSource &source)
Public_Keyload_key (const std::string &fsname)
Public_Keyload_key (const std::vector< byte > &mem)
std::string PEM_encode (const Public_Key &key)

Detailed Description

This namespace contains functions for handling X.509 public keys


Function Documentation

BOTAN_DLL std::vector< byte > Botan::X509::BER_encode ( const Public_Key &  key)

BER encode a key

Parameters:
keythe public key to encode
Returns:
BER encoding of this key

Definition at line 19 of file x509_key.cpp.

References Botan::Public_Key::algorithm_identifier(), Botan::BIT_STRING, Botan::PEM_Code::encode(), Botan::DER_Encoder::encode(), Botan::SEQUENCE, Botan::DER_Encoder::start_cons(), and Botan::Public_Key::x509_subject_public_key().

Referenced by botan_privkey_export_pubkey(), botan_pubkey_export(), create_cert_req(), and PEM_encode().

   {
   return DER_Encoder()
         .start_cons(SEQUENCE)
            .encode(key.algorithm_identifier())
            .encode(key.x509_subject_public_key(), BIT_STRING)
         .end_cons()
      .get_contents_unlocked();
   }
BOTAN_DLL Public_Key * Botan::X509::copy_key ( const Public_Key &  key)

Copy a key.

Parameters:
keythe public key to copy
Returns:
new public key object

Definition at line 102 of file x509_key.cpp.

References load_key(), and PEM_encode().

   {
   DataSource_Memory source(PEM_encode(key));
   return X509::load_key(source);
   }
BOTAN_DLL PKCS10_Request Botan::X509::create_cert_req ( const X509_Cert_Options &  opts,
const Private_Key &  key,
const std::string &  hash_fn,
RandomNumberGenerator &  rng 
)

Create a PKCS#10 certificate request.

Parameters:
optsthe options defining the request to create
keythe key used to sign this request
rngthe rng to use
hash_fnthe hash function to use
Returns:
newly created PKCS#10 request

Definition at line 89 of file x509self.cpp.

References Botan::Extensions::add(), BER_encode(), Botan::X509_Cert_Options::challenge, Botan::choose_sig_format(), Botan::X509_Cert_Options::constraints, Botan::CRL_SIGN, Botan::DIRECTORY_STRING, Botan::PEM_Code::encode(), Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::end_explicit(), Botan::X509_Cert_Options::ex_constraints, Botan::find_constraints(), Botan::DER_Encoder::get_contents(), Botan::X509_Cert_Options::is_CA, Botan::KEY_CERT_SIGN, Botan::X509_Object::make_signed(), Botan::X509_Cert_Options::path_limit, Botan::DER_Encoder::raw_bytes(), Botan::X509_Cert_Options::sanity_check(), Botan::SEQUENCE, Botan::DER_Encoder::start_cons(), and Botan::DER_Encoder::start_explicit().

   {
   AlgorithmIdentifier sig_algo;
   X509_DN subject_dn;
   AlternativeName subject_alt;

   opts.sanity_check();

   std::vector<byte> pub_key = X509::BER_encode(key);
   std::unique_ptr<PK_Signer> signer(choose_sig_format(key, hash_fn, sig_algo));
   load_info(opts, subject_dn, subject_alt);

   const size_t PKCS10_VERSION = 0;

   Extensions extensions;

   extensions.add(
      new Cert_Extension::Basic_Constraints(opts.is_CA, opts.path_limit));
   extensions.add(
      new Cert_Extension::Key_Usage(
         opts.is_CA ? Key_Constraints(KEY_CERT_SIGN | CRL_SIGN) :
                      find_constraints(key, opts.constraints)
         )
      );
   extensions.add(
      new Cert_Extension::Extended_Key_Usage(opts.ex_constraints));
   extensions.add(
      new Cert_Extension::Subject_Alternative_Name(subject_alt));

   DER_Encoder tbs_req;

   tbs_req.start_cons(SEQUENCE)
      .encode(PKCS10_VERSION)
      .encode(subject_dn)
      .raw_bytes(pub_key)
      .start_explicit(0);

   if(opts.challenge != "")
      {
      ASN1_String challenge(opts.challenge, DIRECTORY_STRING);

      tbs_req.encode(
         Attribute("PKCS9.ChallengePassword",
                   DER_Encoder().encode(challenge).get_contents_unlocked()
            )
         );
      }

   tbs_req.encode(
      Attribute("PKCS9.ExtensionRequest",
                DER_Encoder()
                   .start_cons(SEQUENCE)
                      .encode(extensions)
                   .end_cons()
               .get_contents_unlocked()
         )
      )
      .end_explicit()
      .end_cons();

   const std::vector<byte> req =
      X509_Object::make_signed(signer.get(), rng, sig_algo,
                               tbs_req.get_contents());

   return PKCS10_Request(req);
   }
BOTAN_DLL Public_Key * Botan::X509::load_key ( DataSource &  source)

Create a public key from a data source.

Parameters:
sourcethe source providing the DER or PEM encoded key
Returns:
new public key object

Definition at line 41 of file x509_key.cpp.

References Botan::BIT_STRING, Botan::BER_Decoder::decode(), Botan::PEM_Code::decode_check_label(), e, Botan::BER_Decoder::end_cons(), Botan::make_public_key(), Botan::PEM_Code::matches(), Botan::ASN1::maybe_BER(), Botan::SEQUENCE, Botan::BER_Decoder::start_cons(), and Botan::BER_Decoder::verify_end().

Referenced by botan_privkey_export_pubkey(), copy_key(), and load_key().

   {
   try {
      AlgorithmIdentifier alg_id;
      secure_vector<byte> key_bits;

      if(ASN1::maybe_BER(source) && !PEM_Code::matches(source))
         {
         BER_Decoder(source)
            .start_cons(SEQUENCE)
            .decode(alg_id)
            .decode(key_bits, BIT_STRING)
            .verify_end()
         .end_cons();
         }
      else
         {
         DataSource_Memory ber(
            PEM_Code::decode_check_label(source, "PUBLIC KEY")
            );

         BER_Decoder(ber)
            .start_cons(SEQUENCE)
            .decode(alg_id)
            .decode(key_bits, BIT_STRING)
            .verify_end()
         .end_cons();
         }

      if(key_bits.empty())
         throw Decoding_Error("X.509 public key decoding failed");

      return make_public_key(alg_id, key_bits);
      }
   catch(Decoding_Error& e)
      {
      throw Decoding_Error("X.509 public key decoding failed: " + std::string(e.what()));
      }
   }
BOTAN_DLL Public_Key * Botan::X509::load_key ( const std::string &  filename)

Create a public key from a file

Parameters:
filenamepathname to the file to load
Returns:
new public key object

Definition at line 84 of file x509_key.cpp.

References load_key().

   {
   DataSource_Stream source(fsname, true);
   return X509::load_key(source);
   }
BOTAN_DLL Public_Key * Botan::X509::load_key ( const std::vector< byte > &  enc)

Create a public key from a memory region.

Parameters:
encthe memory region containing the DER or PEM encoded key
Returns:
new public key object

Definition at line 93 of file x509_key.cpp.

References load_key().

   {
   DataSource_Memory source(mem);
   return X509::load_key(source);
   }
BOTAN_DLL std::string Botan::X509::PEM_encode ( const Public_Key &  key)

PEM encode a public key into a string.

Parameters:
keythe key to encode
Returns:
PEM encoded key

Definition at line 32 of file x509_key.cpp.

References BER_encode(), and Botan::PEM_Code::encode().

Referenced by botan_pubkey_export(), and copy_key().

   {
   return PEM_Code::encode(X509::BER_encode(key),
                           "PUBLIC KEY");
   }