Botan  1.11.15
Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes
Botan::PKCS10_Request Class Reference

#include <pkcs10.h>

Inheritance diagram for Botan::PKCS10_Request:
Botan::X509_Object Botan::ASN1_Object

List of all members.

Public Member Functions

std::vector< byteBER_encode () const
std::string challenge_password () const
bool check_signature (const Public_Key &key) const
bool check_signature (const Public_Key *key) const
Key_Constraints constraints () const
void decode_from (class BER_Decoder &from) override
void encode_into (class DER_Encoder &to) const override
std::vector< OIDex_constraints () const
std::string hash_used_for_signature () const
bool is_CA () const
u32bit path_limit () const
std::string PEM_encode () const
 PKCS10_Request (DataSource &source)
 PKCS10_Request (const std::string &filename)
 PKCS10_Request (const std::vector< byte > &vec)
std::vector< byteraw_public_key () const
std::vector< bytesignature () const
AlgorithmIdentifier signature_algorithm () const
AlternativeName subject_alt_name () const
X509_DN subject_dn () const
Public_Keysubject_public_key () const
std::vector< bytetbs_data () const

Static Public Member Functions

static std::vector< bytemake_signed (class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const secure_vector< byte > &tbs)

Protected Member Functions

void do_decode ()

Protected Attributes

std::vector< bytesig
AlgorithmIdentifier sig_algo
std::vector< bytetbs_bits

Detailed Description

PKCS #10 Certificate Request.

Definition at line 25 of file pkcs10.h.


Constructor & Destructor Documentation

Create a PKCS#10 Request from a data source.

Parameters:
sourcethe data source providing the DER encoded request

Definition at line 22 of file pkcs10.cpp.

References Botan::X509_Object::do_decode().

                                             :
   X509_Object(in, "CERTIFICATE REQUEST/NEW CERTIFICATE REQUEST")
   {
   do_decode();
   }
Botan::PKCS10_Request::PKCS10_Request ( const std::string &  filename)

Create a PKCS#10 Request from a file.

Parameters:
filenamethe name of the file containing the DER or PEM encoded request file

Definition at line 31 of file pkcs10.cpp.

References Botan::X509_Object::do_decode().

                                                  :
   X509_Object(in, "CERTIFICATE REQUEST/NEW CERTIFICATE REQUEST")
   {
   do_decode();
   }
Botan::PKCS10_Request::PKCS10_Request ( const std::vector< byte > &  vec)

Create a PKCS#10 Request from binary data.

Parameters:
veca std::vector containing the DER value

Definition at line 40 of file pkcs10.cpp.

References Botan::X509_Object::do_decode().

                                                        :
   X509_Object(in, "CERTIFICATE REQUEST/NEW CERTIFICATE REQUEST")
   {
   do_decode();
   }

Member Function Documentation

std::vector< byte > Botan::X509_Object::BER_encode ( ) const [inherited]
Returns:
BER encoding of this

Definition at line 113 of file x509_obj.cpp.

References Botan::X509_Object::encode_into(), and Botan::DER_Encoder::get_contents_unlocked().

Referenced by Botan::X509_Certificate::fingerprint(), and Botan::X509_Object::PEM_encode().

   {
   DER_Encoder der;
   encode_into(der);
   return der.get_contents_unlocked();
   }

Get the challenge password for this request

Returns:
challenge password for this request

Definition at line 132 of file pkcs10.cpp.

References Botan::Data_Store::get1().

   {
   return info.get1("PKCS9.ChallengePassword");
   }
bool Botan::X509_Object::check_signature ( const Public_Key key) const [inherited]

Check the signature on this data

Parameters:
keythe public key purportedly used to sign this data
Returns:
true if the signature is valid, otherwise false

Definition at line 187 of file x509_obj.cpp.

References Botan::Public_Key::algo_name(), Botan::DER_SEQUENCE, Botan::IEEE_1363, Botan::OIDS::lookup(), Botan::Public_Key::message_parts(), Botan::AlgorithmIdentifier::oid, Botan::X509_Object::sig_algo, Botan::X509_Object::signature(), Botan::split_on(), Botan::X509_Object::tbs_data(), and Botan::PK_Verifier::verify_message().

Referenced by Botan::X509_Object::check_signature().

   {
   try {
      std::vector<std::string> sig_info =
         split_on(OIDS::lookup(sig_algo.oid), '/');

      if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name())
         return false;

      std::string padding = sig_info[1];
      Signature_Format format =
         (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;

      PK_Verifier verifier(pub_key, padding, format);

      return verifier.verify_message(tbs_data(), signature());
      }
   catch(std::exception& e)
      {
      return false;
      }
   }
bool Botan::X509_Object::check_signature ( const Public_Key key) const [inherited]

Check the signature on this data

Parameters:
keythe public key purportedly used to sign this data the pointer will be deleted after use
Returns:
true if the signature is valid, otherwise false

Definition at line 176 of file x509_obj.cpp.

References Botan::X509_Object::check_signature().

   {
   if(!pub_key)
      throw std::runtime_error("No key provided for " + PEM_label_pref + " signature check");
   std::unique_ptr<const Public_Key> key(pub_key);
   return check_signature(*key);
   }

Get the key constraints for the key associated with this PKCS#10 object.

Returns:
key constraints

Definition at line 174 of file pkcs10.cpp.

References Botan::Data_Store::get1_u32bit(), and Botan::NO_CONSTRAINTS.

Referenced by Botan::X509_CA::sign_request().

   {
   return Key_Constraints(info.get1_u32bit("X509v3.KeyUsage", NO_CONSTRAINTS));
   }
void Botan::X509_Object::decode_from ( class BER_Decoder from) [override, virtual, inherited]

Decode whatever this object is from from

Parameters:
fromthe BER_Decoder that will be read from

Implements Botan::ASN1_Object.

Definition at line 98 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::BER_Decoder::decode(), Botan::BER_Decoder::end_cons(), Botan::BER_Decoder::raw_bytes(), Botan::SEQUENCE, Botan::X509_Object::sig, Botan::X509_Object::sig_algo, Botan::BER_Decoder::start_cons(), Botan::X509_Object::tbs_bits, and Botan::BER_Decoder::verify_end().

   {
   from.start_cons(SEQUENCE)
         .start_cons(SEQUENCE)
            .raw_bytes(tbs_bits)
         .end_cons()
         .decode(sig_algo)
         .decode(sig, BIT_STRING)
         .verify_end()
      .end_cons();
   }
void Botan::X509_Object::do_decode ( ) [protected, inherited]

Definition at line 230 of file x509_obj.cpp.

Referenced by PKCS10_Request(), Botan::X509_Certificate::X509_Certificate(), and Botan::X509_CRL::X509_CRL().

   {
   try {
      force_decode();
      }
   catch(Decoding_Error& e)
      {
      throw Decoding_Error(PEM_label_pref + " decoding failed (" +
                           e.what() + ")");
      }
   catch(Invalid_Argument& e)
      {
      throw Decoding_Error(PEM_label_pref + " decoding failed (" +
                           e.what() + ")");
      }
   }
void Botan::X509_Object::encode_into ( class DER_Encoder to) const [override, virtual, inherited]

Encode whatever this object is into to

Parameters:
tothe DER_Encoder that will be written to

Implements Botan::ASN1_Object.

Definition at line 84 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::X509_Object::sig, Botan::X509_Object::sig_algo, Botan::DER_Encoder::start_cons(), and Botan::X509_Object::tbs_bits.

Referenced by Botan::X509_Object::BER_encode().

   {
   to.start_cons(SEQUENCE)
         .start_cons(SEQUENCE)
            .raw_bytes(tbs_bits)
         .end_cons()
         .encode(sig_algo)
         .encode(sig, BIT_STRING)
      .end_cons();
   }
std::vector< OID > Botan::PKCS10_Request::ex_constraints ( ) const

Get the extendend key constraints (if any).

Returns:
extended key constraints

Definition at line 182 of file pkcs10.cpp.

References Botan::Data_Store::get().

Referenced by Botan::X509_CA::sign_request().

   {
   std::vector<std::string> oids = info.get("X509v3.ExtendedKeyUsage");

   std::vector<OID> result;
   for(size_t i = 0; i != oids.size(); ++i)
      result.push_back(OID(oids[i]));
   return result;
   }
std::string Botan::X509_Object::hash_used_for_signature ( ) const [inherited]
Returns:
hash algorithm that was used to generate signature

Definition at line 155 of file x509_obj.cpp.

References Botan::OID::as_string(), Botan::OIDS::lookup(), Botan::AlgorithmIdentifier::oid, Botan::parse_algorithm_name(), Botan::X509_Object::sig_algo, and Botan::split_on().

   {
   std::vector<std::string> sig_info =
      split_on(OIDS::lookup(sig_algo.oid), '/');

   if(sig_info.size() != 2)
      throw Internal_Error("Invalid name format found for " +
                           sig_algo.oid.as_string());

   std::vector<std::string> pad_and_hash =
      parse_algorithm_name(sig_info[1]);

   if(pad_and_hash.size() != 2)
      throw Internal_Error("Invalid name format " + sig_info[1]);

   return pad_and_hash[1];
   }

Find out whether this is a CA request.

Returns:
true if it is a CA request, false otherwise.

Definition at line 195 of file pkcs10.cpp.

References Botan::Data_Store::get1_u32bit().

Referenced by Botan::X509_CA::sign_request().

   {
   return (info.get1_u32bit("X509v3.BasicConstraints.is_ca") > 0);
   }
std::vector< byte > Botan::X509_Object::make_signed ( class PK_Signer signer,
RandomNumberGenerator rng,
const AlgorithmIdentifier alg_id,
const secure_vector< byte > &  tbs 
) [static, inherited]

Create a signed X509 object.

Parameters:
signerthe signer used to sign the object
rngthe random number generator to use
alg_idthe algorithm identifier of the signature scheme
tbsthe tbs bits to be signed
Returns:
signed X509 object

Definition at line 213 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::get_contents_unlocked(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::PK_Signer::sign_message(), and Botan::DER_Encoder::start_cons().

Referenced by Botan::X509::create_cert_req(), and Botan::X509_CA::make_cert().

   {
   return DER_Encoder()
      .start_cons(SEQUENCE)
         .raw_bytes(tbs_bits)
         .encode(algo)
         .encode(signer->sign_message(tbs_bits, rng), BIT_STRING)
      .end_cons()
   .get_contents_unlocked();
   }

Return the constraint on the path length defined in the BasicConstraints extension.

Returns:
path limit

Definition at line 203 of file pkcs10.cpp.

References Botan::Data_Store::get1_u32bit().

Referenced by Botan::X509_CA::sign_request().

   {
   return info.get1_u32bit("X509v3.BasicConstraints.path_constraint", 0);
   }
std::string Botan::X509_Object::PEM_encode ( ) const [inherited]
Returns:
PEM encoding of this

Definition at line 123 of file x509_obj.cpp.

References Botan::X509_Object::BER_encode(), and Botan::PEM_Code::encode().

Referenced by Botan::X509_Certificate::to_string().

   {
   return PEM_Code::encode(BER_encode(), PEM_label_pref);
   }
std::vector< byte > Botan::PKCS10_Request::raw_public_key ( ) const

Get the raw DER encoded public key.

Returns:
raw DER encoded public key

Definition at line 148 of file pkcs10.cpp.

References Botan::PEM_Code::decode_check_label(), Botan::Data_Store::get1(), and Botan::unlock().

Referenced by Botan::X509_CA::sign_request().

   {
   DataSource_Memory source(info.get1("X509.Certificate.public_key"));
   return unlock(PEM_Code::decode_check_label(source, "PUBLIC KEY"));
   }
std::vector< byte > Botan::X509_Object::signature ( ) const [inherited]
Returns:
signature on tbs_data()

Definition at line 139 of file x509_obj.cpp.

References Botan::X509_Object::sig.

Referenced by Botan::X509_Object::check_signature().

   {
   return sig;
   }
Returns:
signature algorithm that was used to generate signature

Definition at line 147 of file x509_obj.cpp.

References Botan::X509_Object::sig_algo.

Referenced by Botan::X509_Certificate::to_string().

   {
   return sig_algo;
   }

Get the subject alternative name.

Returns:
subject alternative name.

Definition at line 166 of file pkcs10.cpp.

References Botan::create_alt_name().

Referenced by Botan::X509_CA::sign_request().

   {
   return create_alt_name(info);
   }

Get the subject DN.

Returns:
subject DN

Definition at line 140 of file pkcs10.cpp.

References Botan::create_dn().

Referenced by Botan::X509_CA::sign_request().

   {
   return create_dn(info);
   }

Get the subject public key.

Returns:
subject public key

Definition at line 157 of file pkcs10.cpp.

References Botan::Data_Store::get1(), and Botan::PKCS8::load_key().

Referenced by Botan::X509_CA::sign_request().

   {
   DataSource_Memory source(info.get1("X509.Certificate.public_key"));
   return X509::load_key(source);
   }
std::vector< byte > Botan::X509_Object::tbs_data ( ) const [inherited]

The underlying data that is to be or was signed

Returns:
data that is or was signed

Definition at line 131 of file x509_obj.cpp.

References Botan::ASN1::put_in_sequence(), and Botan::X509_Object::tbs_bits.

Referenced by Botan::X509_Object::check_signature().


Member Data Documentation

std::vector<byte> Botan::X509_Object::sig [protected, inherited]
std::vector<byte> Botan::X509_Object::tbs_bits [protected, inherited]

The documentation for this class was generated from the following files: