Botan  1.11.15
src/lib/cert/x509/x509opt.cpp
Go to the documentation of this file.
00001 /*
00002 * X.509 Certificate Options
00003 * (C) 1999-2007 Jack Lloyd
00004 *
00005 * Botan is released under the Simplified BSD License (see license.txt)
00006 */
00007 
00008 #include <botan/x509self.h>
00009 #include <botan/oids.h>
00010 #include <botan/parsing.h>
00011 #include <chrono>
00012 
00013 namespace Botan {
00014 
00015 /*
00016 * Set when the certificate should become valid
00017 */
00018 void X509_Cert_Options::not_before(const std::string& time_string)
00019    {
00020    start = X509_Time(time_string);
00021    }
00022 
00023 /*
00024 * Set when the certificate should expire
00025 */
00026 void X509_Cert_Options::not_after(const std::string& time_string)
00027    {
00028    end = X509_Time(time_string);
00029    }
00030 
00031 /*
00032 * Set key constraint information
00033 */
00034 void X509_Cert_Options::add_constraints(Key_Constraints usage)
00035    {
00036    constraints = usage;
00037    }
00038 
00039 /*
00040 * Set key constraint information
00041 */
00042 void X509_Cert_Options::add_ex_constraint(const OID& oid)
00043    {
00044    ex_constraints.push_back(oid);
00045    }
00046 
00047 /*
00048 * Set key constraint information
00049 */
00050 void X509_Cert_Options::add_ex_constraint(const std::string& oid_str)
00051    {
00052    ex_constraints.push_back(OIDS::lookup(oid_str));
00053    }
00054 
00055 /*
00056 * Mark this certificate for CA usage
00057 */
00058 void X509_Cert_Options::CA_key(size_t limit)
00059    {
00060    is_CA = true;
00061    path_limit = limit;
00062    }
00063 
00064 /*
00065 * Do basic sanity checks
00066 */
00067 void X509_Cert_Options::sanity_check() const
00068    {
00069    if(common_name == "" || country == "")
00070       throw Encoding_Error("X.509 certificate: name and country MUST be set");
00071    if(country.size() != 2)
00072       throw Encoding_Error("Invalid ISO country code: " + country);
00073    if(start >= end)
00074       throw Encoding_Error("X509_Cert_Options: invalid time constraints");
00075    }
00076 
00077 /*
00078 * Initialize the certificate options
00079 */
00080 X509_Cert_Options::X509_Cert_Options(const std::string& initial_opts,
00081                                      u32bit expiration_time)
00082    {
00083    is_CA = false;
00084    path_limit = 0;
00085    constraints = NO_CONSTRAINTS;
00086 
00087    auto now = std::chrono::system_clock::now();
00088 
00089    start = X509_Time(now);
00090    end = X509_Time(now + std::chrono::seconds(expiration_time));
00091 
00092    if(initial_opts == "")
00093       return;
00094 
00095    std::vector<std::string> parsed = split_on(initial_opts, '/');
00096 
00097    if(parsed.size() > 4)
00098       throw Invalid_Argument("X.509 cert options: Too many names: "
00099                              + initial_opts);
00100 
00101    if(parsed.size() >= 1) common_name  = parsed[0];
00102    if(parsed.size() >= 2) country      = parsed[1];
00103    if(parsed.size() >= 3) organization = parsed[2];
00104    if(parsed.size() == 4) org_unit     = parsed[3];
00105    }
00106 
00107 }