Botan  1.11.15
Public Member Functions | Public Attributes
Botan::X509_Cert_Options Class Reference

#include <x509self.h>

List of all members.

Public Member Functions

void add_constraints (Key_Constraints constr)
void add_ex_constraint (const OID &oid)
void add_ex_constraint (const std::string &name)
void CA_key (size_t limit=1)
void not_after (const std::string &time)
void not_before (const std::string &time)
void sanity_check () const
 X509_Cert_Options (const std::string &opts="", u32bit expire_time=365 *24 *60 *60)

Public Attributes

std::string challenge
std::string common_name
Key_Constraints constraints
std::string country
std::string dns
std::string email
X509_Time end
std::vector< OIDex_constraints
std::string ip
bool is_CA
std::string locality
std::string org_unit
std::string organization
size_t path_limit
std::string serial_number
X509_Time start
std::string state
std::string uri
std::string xmpp

Detailed Description

Options for X.509 certificates.

Definition at line 21 of file x509self.h.


Constructor & Destructor Documentation

Botan::X509_Cert_Options::X509_Cert_Options ( const std::string &  opts = "",
u32bit  expire_time = 365 * 24 * 60 * 60 
)

Construct a new options object

Parameters:
optsdefine the common name of this object. An example for this parameter would be "common_name/country/organization/organizational_unit".
expire_timethe expiration time (from the current clock in seconds)

Definition at line 80 of file x509opt.cpp.

References common_name, constraints, country, end, is_CA, Botan::NO_CONSTRAINTS, org_unit, organization, path_limit, Botan::split_on(), and start.

   {
   is_CA = false;
   path_limit = 0;
   constraints = NO_CONSTRAINTS;

   auto now = std::chrono::system_clock::now();

   start = X509_Time(now);
   end = X509_Time(now + std::chrono::seconds(expiration_time));

   if(initial_opts == "")
      return;

   std::vector<std::string> parsed = split_on(initial_opts, '/');

   if(parsed.size() > 4)
      throw Invalid_Argument("X.509 cert options: Too many names: "
                             + initial_opts);

   if(parsed.size() >= 1) common_name  = parsed[0];
   if(parsed.size() >= 2) country      = parsed[1];
   if(parsed.size() >= 3) organization = parsed[2];
   if(parsed.size() == 4) org_unit     = parsed[3];
   }

Member Function Documentation

Add the key constraints of the KeyUsage extension.

Parameters:
constrthe constraints to set

Definition at line 34 of file x509opt.cpp.

References constraints.

   {
   constraints = usage;
   }

Add constraints to the ExtendedKeyUsage extension.

Parameters:
oidthe oid to add

Definition at line 42 of file x509opt.cpp.

References ex_constraints.

   {
   ex_constraints.push_back(oid);
   }
void Botan::X509_Cert_Options::add_ex_constraint ( const std::string &  name)

Add constraints to the ExtendedKeyUsage extension.

Parameters:
namethe name to look up the oid to add

Definition at line 50 of file x509opt.cpp.

References ex_constraints, and Botan::OIDS::lookup().

   {
   ex_constraints.push_back(OIDS::lookup(oid_str));
   }
void Botan::X509_Cert_Options::CA_key ( size_t  limit = 1)

Mark the certificate as a CA certificate and set the path limit.

Parameters:
limitthe path limit to be set in the BasicConstraints extension.

Definition at line 58 of file x509opt.cpp.

References is_CA, and path_limit.

   {
   is_CA = true;
   path_limit = limit;
   }
void Botan::X509_Cert_Options::not_after ( const std::string &  time)

Set the notAfter of the certificate.

Parameters:
timethe notAfter value of the certificate

Definition at line 26 of file x509opt.cpp.

References end.

   {
   end = X509_Time(time_string);
   }
void Botan::X509_Cert_Options::not_before ( const std::string &  time)

Set the notBefore of the certificate.

Parameters:
timethe notBefore value of the certificate

Definition at line 18 of file x509opt.cpp.

References start.

   {
   start = X509_Time(time_string);
   }

Check the options set in this object for validity.

Definition at line 67 of file x509opt.cpp.

References common_name, country, end, and start.

Referenced by Botan::X509::create_cert_req().

   {
   if(common_name == "" || country == "")
      throw Encoding_Error("X.509 certificate: name and country MUST be set");
   if(country.size() != 2)
      throw Encoding_Error("Invalid ISO country code: " + country);
   if(start >= end)
      throw Encoding_Error("X509_Cert_Options: invalid time constraints");
   }

Member Data Documentation

the subject challenge password

Definition at line 87 of file x509self.h.

Referenced by Botan::X509::create_cert_req().

the subject common name

Definition at line 27 of file x509self.h.

Referenced by sanity_check(), and X509_Cert_Options().

The key constraints for the subject public key

Definition at line 111 of file x509self.h.

Referenced by add_constraints(), Botan::X509::create_cert_req(), and X509_Cert_Options().

the subject counry

Definition at line 32 of file x509self.h.

Referenced by sanity_check(), and X509_Cert_Options().

the subject DNS

Definition at line 77 of file x509self.h.

the subject email adress

Definition at line 62 of file x509self.h.

the subject notAfter

Definition at line 96 of file x509self.h.

Referenced by not_after(), sanity_check(), and X509_Cert_Options().

The key extended constraints for the subject public key

Definition at line 116 of file x509self.h.

Referenced by add_ex_constraint(), and Botan::X509::create_cert_req().

the subject IPv4 address

Definition at line 72 of file x509self.h.

Indicates whether the certificate request

Definition at line 101 of file x509self.h.

Referenced by CA_key(), Botan::X509::create_cert_req(), and X509_Cert_Options().

the subject locality

Definition at line 47 of file x509self.h.

the subject organizational unit

Definition at line 42 of file x509self.h.

Referenced by X509_Cert_Options().

the subject organization

Definition at line 37 of file x509self.h.

Referenced by X509_Cert_Options().

Indicates the BasicConstraints path limit

Definition at line 106 of file x509self.h.

Referenced by CA_key(), Botan::X509::create_cert_req(), and X509_Cert_Options().

the subject serial number

Definition at line 57 of file x509self.h.

the subject notBefore

Definition at line 92 of file x509self.h.

Referenced by not_before(), sanity_check(), and X509_Cert_Options().

the subject state

Definition at line 52 of file x509self.h.

the subject URI

Definition at line 67 of file x509self.h.

the subject XMPP

Definition at line 82 of file x509self.h.


The documentation for this class was generated from the following files: