Botan
1.11.15
|
Functions | |
std::vector< byte > | BER_encode (const Public_Key &key) |
Public_Key * | copy_key (const Public_Key &key) |
PKCS10_Request | create_cert_req (const X509_Cert_Options &opts, const Private_Key &key, const std::string &hash_fn, RandomNumberGenerator &rng) |
Public_Key * | load_key (DataSource &source) |
Public_Key * | load_key (const std::string &fsname) |
Public_Key * | load_key (const std::vector< byte > &mem) |
std::string | PEM_encode (const Public_Key &key) |
This namespace contains functions for handling X.509 public keys
BOTAN_DLL std::vector< byte > Botan::X509::BER_encode | ( | const Public_Key & | key | ) |
BER encode a key
key | the public key to encode |
Definition at line 19 of file x509_key.cpp.
References Botan::Public_Key::algorithm_identifier(), Botan::BIT_STRING, Botan::PEM_Code::encode(), Botan::DER_Encoder::encode(), Botan::SEQUENCE, Botan::DER_Encoder::start_cons(), and Botan::Public_Key::x509_subject_public_key().
Referenced by botan_privkey_export_pubkey(), botan_pubkey_export(), create_cert_req(), and PEM_encode().
{ return DER_Encoder() .start_cons(SEQUENCE) .encode(key.algorithm_identifier()) .encode(key.x509_subject_public_key(), BIT_STRING) .end_cons() .get_contents_unlocked(); }
BOTAN_DLL Public_Key * Botan::X509::copy_key | ( | const Public_Key & | key | ) |
Copy a key.
key | the public key to copy |
Definition at line 102 of file x509_key.cpp.
References load_key(), and PEM_encode().
{ DataSource_Memory source(PEM_encode(key)); return X509::load_key(source); }
BOTAN_DLL PKCS10_Request Botan::X509::create_cert_req | ( | const X509_Cert_Options & | opts, |
const Private_Key & | key, | ||
const std::string & | hash_fn, | ||
RandomNumberGenerator & | rng | ||
) |
Create a PKCS#10 certificate request.
opts | the options defining the request to create |
key | the key used to sign this request |
rng | the rng to use |
hash_fn | the hash function to use |
Definition at line 89 of file x509self.cpp.
References Botan::Extensions::add(), BER_encode(), Botan::X509_Cert_Options::challenge, Botan::choose_sig_format(), Botan::X509_Cert_Options::constraints, Botan::CRL_SIGN, Botan::DIRECTORY_STRING, Botan::PEM_Code::encode(), Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::end_explicit(), Botan::X509_Cert_Options::ex_constraints, Botan::find_constraints(), Botan::DER_Encoder::get_contents(), Botan::X509_Cert_Options::is_CA, Botan::KEY_CERT_SIGN, Botan::X509_Object::make_signed(), Botan::X509_Cert_Options::path_limit, Botan::DER_Encoder::raw_bytes(), Botan::X509_Cert_Options::sanity_check(), Botan::SEQUENCE, Botan::DER_Encoder::start_cons(), and Botan::DER_Encoder::start_explicit().
{ AlgorithmIdentifier sig_algo; X509_DN subject_dn; AlternativeName subject_alt; opts.sanity_check(); std::vector<byte> pub_key = X509::BER_encode(key); std::unique_ptr<PK_Signer> signer(choose_sig_format(key, hash_fn, sig_algo)); load_info(opts, subject_dn, subject_alt); const size_t PKCS10_VERSION = 0; Extensions extensions; extensions.add( new Cert_Extension::Basic_Constraints(opts.is_CA, opts.path_limit)); extensions.add( new Cert_Extension::Key_Usage( opts.is_CA ? Key_Constraints(KEY_CERT_SIGN | CRL_SIGN) : find_constraints(key, opts.constraints) ) ); extensions.add( new Cert_Extension::Extended_Key_Usage(opts.ex_constraints)); extensions.add( new Cert_Extension::Subject_Alternative_Name(subject_alt)); DER_Encoder tbs_req; tbs_req.start_cons(SEQUENCE) .encode(PKCS10_VERSION) .encode(subject_dn) .raw_bytes(pub_key) .start_explicit(0); if(opts.challenge != "") { ASN1_String challenge(opts.challenge, DIRECTORY_STRING); tbs_req.encode( Attribute("PKCS9.ChallengePassword", DER_Encoder().encode(challenge).get_contents_unlocked() ) ); } tbs_req.encode( Attribute("PKCS9.ExtensionRequest", DER_Encoder() .start_cons(SEQUENCE) .encode(extensions) .end_cons() .get_contents_unlocked() ) ) .end_explicit() .end_cons(); const std::vector<byte> req = X509_Object::make_signed(signer.get(), rng, sig_algo, tbs_req.get_contents()); return PKCS10_Request(req); }
BOTAN_DLL Public_Key * Botan::X509::load_key | ( | DataSource & | source | ) |
Create a public key from a data source.
source | the source providing the DER or PEM encoded key |
Definition at line 41 of file x509_key.cpp.
References Botan::BIT_STRING, Botan::BER_Decoder::decode(), Botan::PEM_Code::decode_check_label(), e, Botan::BER_Decoder::end_cons(), Botan::make_public_key(), Botan::PEM_Code::matches(), Botan::ASN1::maybe_BER(), Botan::SEQUENCE, Botan::BER_Decoder::start_cons(), and Botan::BER_Decoder::verify_end().
Referenced by botan_privkey_export_pubkey(), copy_key(), and load_key().
{ try { AlgorithmIdentifier alg_id; secure_vector<byte> key_bits; if(ASN1::maybe_BER(source) && !PEM_Code::matches(source)) { BER_Decoder(source) .start_cons(SEQUENCE) .decode(alg_id) .decode(key_bits, BIT_STRING) .verify_end() .end_cons(); } else { DataSource_Memory ber( PEM_Code::decode_check_label(source, "PUBLIC KEY") ); BER_Decoder(ber) .start_cons(SEQUENCE) .decode(alg_id) .decode(key_bits, BIT_STRING) .verify_end() .end_cons(); } if(key_bits.empty()) throw Decoding_Error("X.509 public key decoding failed"); return make_public_key(alg_id, key_bits); } catch(Decoding_Error& e) { throw Decoding_Error("X.509 public key decoding failed: " + std::string(e.what())); } }
BOTAN_DLL Public_Key * Botan::X509::load_key | ( | const std::string & | filename | ) |
Create a public key from a file
filename | pathname to the file to load |
Definition at line 84 of file x509_key.cpp.
References load_key().
{ DataSource_Stream source(fsname, true); return X509::load_key(source); }
BOTAN_DLL Public_Key * Botan::X509::load_key | ( | const std::vector< byte > & | enc | ) |
Create a public key from a memory region.
enc | the memory region containing the DER or PEM encoded key |
Definition at line 93 of file x509_key.cpp.
References load_key().
{ DataSource_Memory source(mem); return X509::load_key(source); }
BOTAN_DLL std::string Botan::X509::PEM_encode | ( | const Public_Key & | key | ) |
PEM encode a public key into a string.
key | the key to encode |
Definition at line 32 of file x509_key.cpp.
References BER_encode(), and Botan::PEM_Code::encode().
Referenced by botan_pubkey_export(), and copy_key().
{ return PEM_Code::encode(X509::BER_encode(key), "PUBLIC KEY"); }