Botan
1.11.15
|
#include <ocsp_types.h>
Public Member Functions | |
CertID () | |
CertID (const X509_Certificate &issuer, const X509_Certificate &subject) | |
void | decode_from (class BER_Decoder &from) override |
void | encode_into (class DER_Encoder &to) const override |
bool | is_id_for (const X509_Certificate &issuer, const X509_Certificate &subject) const |
Definition at line 19 of file ocsp_types.h.
Botan::OCSP::CertID::CertID | ( | ) | [inline] |
Definition at line 22 of file ocsp_types.h.
{}
Botan::OCSP::CertID::CertID | ( | const X509_Certificate & | issuer, |
const X509_Certificate & | subject | ||
) |
Definition at line 20 of file ocsp_types.cpp.
References Botan::BER::decode(), Botan::get_hash(), Botan::X509_Certificate::raw_issuer_dn(), Botan::X509_Certificate::serial_number(), Botan::unlock(), and Botan::AlgorithmIdentifier::USE_NULL_PARAM.
{ /* In practice it seems some responders, including, notably, ocsp.verisign.com, will reject anything but SHA-1 here */ std::unique_ptr<HashFunction> hash(get_hash("SHA-160")); m_hash_id = AlgorithmIdentifier(hash->name(), AlgorithmIdentifier::USE_NULL_PARAM); m_issuer_key_hash = unlock(hash->process(extract_key_bitstr(issuer))); m_issuer_dn_hash = unlock(hash->process(subject.raw_issuer_dn())); m_subject_serial = BigInt::decode(subject.serial_number()); }
void Botan::OCSP::CertID::decode_from | ( | class BER_Decoder & | from | ) | [override, virtual] |
Decode whatever this object is from from
from | the BER_Decoder that will be read from |
Implements Botan::ASN1_Object.
Definition at line 83 of file ocsp_types.cpp.
References Botan::BER_Decoder::decode(), Botan::BER_Decoder::end_cons(), Botan::OCTET_STRING, Botan::SEQUENCE, and Botan::BER_Decoder::start_cons().
{ from.start_cons(SEQUENCE) .decode(m_hash_id) .decode(m_issuer_dn_hash, OCTET_STRING) .decode(m_issuer_key_hash, OCTET_STRING) .decode(m_subject_serial) .end_cons(); }
void Botan::OCSP::CertID::encode_into | ( | class DER_Encoder & | to | ) | const [override, virtual] |
Encode whatever this object is into to
to | the DER_Encoder that will be written to |
Implements Botan::ASN1_Object.
Definition at line 73 of file ocsp_types.cpp.
References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::OCTET_STRING, Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().
{ to.start_cons(SEQUENCE) .encode(m_hash_id) .encode(m_issuer_dn_hash, OCTET_STRING) .encode(m_issuer_key_hash, OCTET_STRING) .encode(m_subject_serial) .end_cons(); }
bool Botan::OCSP::CertID::is_id_for | ( | const X509_Certificate & | issuer, |
const X509_Certificate & | subject | ||
) | const |
Definition at line 49 of file ocsp_types.cpp.
References Botan::BigInt::decode(), Botan::get_hash(), Botan::OIDS::lookup(), Botan::AlgorithmIdentifier::oid, Botan::X509_Certificate::raw_issuer_dn(), Botan::X509_Certificate::serial_number(), and Botan::unlock().
{ try { if(BigInt::decode(subject.serial_number()) != m_subject_serial) return false; std::unique_ptr<HashFunction> hash(get_hash(OIDS::lookup(m_hash_id.oid))); if(m_issuer_dn_hash != unlock(hash->process(subject.raw_issuer_dn()))) return false; if(m_issuer_key_hash != unlock(hash->process(extract_key_bitstr(issuer)))) return false; } catch(...) { return false; } return true; }