Botan 3.3.0
Crypto and TLS for C&
Public Member Functions | List of all members
Botan::Extensions Class Referencefinal

#include <pkix_types.h>

Inheritance diagram for Botan::Extensions:
Botan::ASN1_Object

Public Member Functions

void add (std::unique_ptr< Certificate_Extension > extn, bool critical=false)
 
bool add_new (std::unique_ptr< Certificate_Extension > extn, bool critical=false)
 
std::vector< uint8_t > BER_encode () const
 
bool critical_extension_set (const OID &oid) const
 
void decode_from (BER_Decoder &) override
 
void encode_into (DER_Encoder &) const override
 
bool extension_set (const OID &oid) const
 
std::vector< std::pair< std::unique_ptr< Certificate_Extension >, bool > > extensions () const
 
 Extensions ()=default
 
 Extensions (const Extensions &)=default
 
 Extensions (Extensions &&)=default
 
std::map< OID, std::pair< std::vector< uint8_t >, bool > > extensions_raw () const
 
std::unique_ptr< Certificate_Extensionget (const OID &oid) const
 
std::vector< uint8_t > get_extension_bits (const OID &oid) const
 
const Certificate_Extensionget_extension_object (const OID &oid) const
 
template<typename T >
const Tget_extension_object_as (const OID &oid=T::static_oid()) const
 
const std::vector< OID > & get_extension_oids () const
 
template<typename T >
std::unique_ptr< Tget_raw (const OID &oid) const
 
Extensionsoperator= (const Extensions &)=default
 
Extensionsoperator= (Extensions &&)=default
 
bool remove (const OID &oid)
 
void replace (std::unique_ptr< Certificate_Extension > extn, bool critical=false)
 

Detailed Description

X.509 Certificate Extension List

Definition at line 385 of file pkix_types.h.

Constructor & Destructor Documentation

◆ Extensions() [1/3]

Botan::Extensions::Extensions ( )
default

◆ Extensions() [2/3]

Botan::Extensions::Extensions ( const Extensions & )
default

◆ Extensions() [3/3]

Botan::Extensions::Extensions ( Extensions && )
default

Member Function Documentation

◆ add()

void Botan::Extensions::add ( std::unique_ptr< Certificate_Extension > extn,
bool critical = false )

Adds a new extension to the list.

Parameters
extnpointer to the certificate extension (Extensions takes ownership)
criticalwhether this extension should be marked as critical
Exceptions
Invalid_Argumentif the extension is already present in the list

Definition at line 124 of file x509_ext.cpp.

124 {
125 // sanity check: we don't want to have the same extension more than once
126 if(m_extension_info.contains(extn->oid_of())) {
127 const std::string name = extn->oid_name();
128 throw Invalid_Argument("Extension " + name + " already present in Extensions::add");
129 }
130
131 const OID oid = extn->oid_of();
132 Extensions_Info info(critical, std::move(extn));
133 m_extension_oids.push_back(oid);
134 m_extension_info.emplace(oid, info);
135}
std::string name

References name.

◆ add_new()

bool Botan::Extensions::add_new ( std::unique_ptr< Certificate_Extension > extn,
bool critical = false )

Adds a new extension to the list unless it already exists. If the extension already exists within the Extensions object, the extn pointer will be deleted.

Parameters
extnpointer to the certificate extension (Extensions takes ownership)
criticalwhether this extension should be marked as critical
Returns
true if the object was added false if the extension was already used

Definition at line 137 of file x509_ext.cpp.

137 {
138 if(m_extension_info.contains(extn->oid_of())) {
139 return false; // already exists
140 }
141
142 const OID oid = extn->oid_of();
143 Extensions_Info info(critical, std::move(extn));
144 m_extension_oids.push_back(oid);
145 m_extension_info.emplace(oid, info);
146 return true;
147}

Referenced by Botan::X509::create_cert_req(), and Botan::X509::create_self_signed_cert().

◆ BER_encode()

std::vector< uint8_t > Botan::ASN1_Object::BER_encode ( ) const
inherited

Return the encoding of this object. This is a convenience method when just one object needs to be serialized. Use DER_Encoder for complicated encodings.

Definition at line 19 of file asn1_obj.cpp.

19 {
20 std::vector<uint8_t> output;
21 DER_Encoder der(output);
22 this->encode_into(der);
23 return output;
24}
virtual void encode_into(DER_Encoder &to) const =0

References Botan::ASN1_Object::encode_into().

Referenced by Botan::PSS_Params::decode_from(), Botan::Certificate_Store_In_SQL::find_all_certs(), Botan::Certificate_Store_In_SQL::find_cert(), Botan::X509_Certificate::fingerprint(), Botan::Certificate_Store_In_SQL::insert_cert(), Botan::X509_Object::PEM_encode(), and Botan::Certificate_Store_In_SQL::revoke_cert().

◆ critical_extension_set()

bool Botan::Extensions::critical_extension_set ( const OID & oid) const

Return true if an extesion was set and marked critical

Definition at line 173 of file x509_ext.cpp.

173 {
174 auto i = m_extension_info.find(oid);
175 if(i != m_extension_info.end()) {
176 return i->second.is_critical();
177 }
178 return false;
179}

Referenced by Botan::X509_Certificate::is_critical().

◆ decode_from()

void Botan::Extensions::decode_from ( BER_Decoder & from)
overridevirtual

Decode whatever this object is from from

Parameters
fromthe BER_Decoder that will be read from

Implements Botan::ASN1_Object.

Definition at line 247 of file x509_ext.cpp.

247 {
248 m_extension_oids.clear();
249 m_extension_info.clear();
250
251 BER_Decoder sequence = from_source.start_sequence();
252
253 while(sequence.more_items()) {
254 OID oid;
255 bool critical;
256 std::vector<uint8_t> bits;
257
258 sequence.start_sequence()
259 .decode(oid)
260 .decode_optional(critical, ASN1_Type::Boolean, ASN1_Class::Universal, false)
261 .decode(bits, ASN1_Type::OctetString)
262 .end_cons();
263
264 auto obj = create_extn_obj(oid, critical, bits);
265 Extensions_Info info(critical, bits, std::move(obj));
266
267 m_extension_oids.push_back(oid);
268 m_extension_info.emplace(oid, info);
269 }
270 sequence.verify_end();
271}

References Botan::Boolean, Botan::BER_Decoder::decode(), Botan::BER_Decoder::decode_optional(), Botan::BER_Decoder::end_cons(), Botan::BER_Decoder::more_items(), Botan::OctetString, Botan::BER_Decoder::start_sequence(), Botan::Universal, and Botan::BER_Decoder::verify_end().

◆ encode_into()

void Botan::Extensions::encode_into ( DER_Encoder & to) const
overridevirtual

Encode whatever this object is into to

Parameters
tothe DER_Encoder that will be written to

Implements Botan::ASN1_Object.

Definition at line 226 of file x509_ext.cpp.

226 {
227 for(const auto& ext_info : m_extension_info) {
228 const OID& oid = ext_info.first;
229 const bool should_encode = ext_info.second.obj().should_encode();
230
231 if(should_encode) {
232 const bool is_critical = ext_info.second.is_critical();
233 const std::vector<uint8_t>& ext_value = ext_info.second.bits();
234
235 to_object.start_sequence()
236 .encode(oid)
237 .encode_optional(is_critical, false)
238 .encode(ext_value, ASN1_Type::OctetString)
239 .end_cons();
240 }
241 }
242}

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::encode_optional(), Botan::DER_Encoder::end_cons(), Botan::OctetString, and Botan::DER_Encoder::start_sequence().

◆ extension_set()

bool Botan::Extensions::extension_set ( const OID & oid) const

Return true if an extension was set

Definition at line 169 of file x509_ext.cpp.

169 {
170 return (m_extension_info.find(oid) != m_extension_info.end());
171}

◆ extensions()

std::vector< std::pair< std::unique_ptr< Certificate_Extension >, bool > > Botan::Extensions::extensions ( ) const

Returns a copy of the list of extensions together with the corresponding criticality flag. All extensions are encoded as some object, falling back to Unknown_Extension class which simply allows reading the bytes as well as the criticality flag.

Definition at line 206 of file x509_ext.cpp.

206 {
207 std::vector<std::pair<std::unique_ptr<Certificate_Extension>, bool>> exts;
208 exts.reserve(m_extension_info.size());
209 for(auto&& ext : m_extension_info) {
210 exts.push_back(std::make_pair(ext.second.obj().copy(), ext.second.is_critical()));
211 }
212 return exts;
213}

Referenced by Botan::PKIX::check_chain().

◆ extensions_raw()

std::map< OID, std::pair< std::vector< uint8_t >, bool > > Botan::Extensions::extensions_raw ( ) const

Returns the list of extensions as raw, encoded bytes together with the corresponding criticality flag. Contains all extensions, including any extensions encoded as Unknown_Extension

Definition at line 215 of file x509_ext.cpp.

215 {
216 std::map<OID, std::pair<std::vector<uint8_t>, bool>> out;
217 for(auto&& ext : m_extension_info) {
218 out.emplace(ext.first, std::make_pair(ext.second.bits(), ext.second.is_critical()));
219 }
220 return out;
221}

◆ get()

std::unique_ptr< Certificate_Extension > Botan::Extensions::get ( const OID & oid) const

Searches for an extension by OID and returns the result. Only the known extensions types declared in this header are searched for by this function.

Returns
Copy of extension with oid, nullptr if not found. Can avoid creating a copy by using get_extension_object function

Definition at line 199 of file x509_ext.cpp.

199 {
200 if(const Certificate_Extension* ext = this->get_extension_object(oid)) {
201 return ext->copy();
202 }
203 return nullptr;
204}
const Certificate_Extension * get_extension_object(const OID &oid) const
Definition x509_ext.cpp:190

References get_extension_object().

◆ get_extension_bits()

std::vector< uint8_t > Botan::Extensions::get_extension_bits ( const OID & oid) const

Return the raw bytes of the extension Will throw if OID was not set as an extension.

Definition at line 181 of file x509_ext.cpp.

181 {
182 auto i = m_extension_info.find(oid);
183 if(i == m_extension_info.end()) {
184 throw Invalid_Argument("Extensions::get_extension_bits no such extension set");
185 }
186
187 return i->second.bits();
188}

◆ get_extension_object()

const Certificate_Extension * Botan::Extensions::get_extension_object ( const OID & oid) const

Look up an object in the extensions, based on OID Returns nullptr if not set, if the extension was either absent or not handled. The pointer returned is owned by the Extensions object. This would be better with an optional<T> return value

Definition at line 190 of file x509_ext.cpp.

190 {
191 auto extn = m_extension_info.find(oid);
192 if(extn == m_extension_info.end()) {
193 return nullptr;
194 }
195
196 return &extn->second.obj();
197}

Referenced by get().

◆ get_extension_object_as()

template<typename T >
const T * Botan::Extensions::get_extension_object_as ( const OID & oid = T::static_oid()) const
inline

Definition at line 397 of file pkix_types.h.

397 {
398 if(const Certificate_Extension* extn = get_extension_object(oid)) {
399 // Unknown_Extension oid_name is empty
400 if(extn->oid_name().empty()) {
401 return nullptr;
402 } else if(const T* extn_as_T = dynamic_cast<const T*>(extn)) {
403 return extn_as_T;
404 } else {
405 throw Decoding_Error("Exception::get_extension_object_as dynamic_cast failed");
406 }
407 }
408
409 return nullptr;
410 }
FE_25519 T
Definition ge.cpp:34

References T.

Referenced by Botan::CRL_Entry::decode_from().

◆ get_extension_oids()

const std::vector< OID > & Botan::Extensions::get_extension_oids ( ) const
inline

Return the set of extensions in the order they appeared in the certificate (or as they were added, if constructed)

Definition at line 416 of file pkix_types.h.

416{ return m_extension_oids; }

Referenced by Botan::PKIX::check_chain().

◆ get_raw()

template<typename T >
std::unique_ptr< T > Botan::Extensions::get_raw ( const OID & oid) const
inline

Searches for an extension by OID and returns the result decoding it to some arbitrary extension type chosen by the application.

Only the unknown extensions, that is, extensions types that are not declared in this header, are searched for by this function.

Returns
Pointer to new extension with oid, nullptr if not found.

Definition at line 488 of file pkix_types.h.

488 {
489 auto extn_info = m_extension_info.find(oid);
490
491 if(extn_info != m_extension_info.end()) {
492 // Unknown_Extension oid_name is empty
493 if(extn_info->second.obj().oid_name().empty()) {
494 auto ext = std::make_unique<T>();
495 ext->decode_inner(extn_info->second.bits());
496 return ext;
497 }
498 }
499 return nullptr;
500 }

◆ operator=() [1/2]

Extensions & Botan::Extensions::operator= ( const Extensions & )
default

◆ operator=() [2/2]

Extensions & Botan::Extensions::operator= ( Extensions && )
default

◆ remove()

bool Botan::Extensions::remove ( const OID & oid)

Remove an extension from the list. Returns true if the extension had been set, false otherwise.

Definition at line 149 of file x509_ext.cpp.

149 {
150 const bool erased = m_extension_info.erase(oid) > 0;
151
152 if(erased) {
153 m_extension_oids.erase(std::find(m_extension_oids.begin(), m_extension_oids.end(), oid));
154 }
155
156 return erased;
157}

Referenced by replace().

◆ replace()

void Botan::Extensions::replace ( std::unique_ptr< Certificate_Extension > extn,
bool critical = false )

Adds an extension to the list or replaces it.

Parameters
extnthe certificate extension
criticalwhether this extension should be marked as critical

Definition at line 159 of file x509_ext.cpp.

159 {
160 // Remove it if it existed
161 remove(extn->oid_of());
162
163 const OID oid = extn->oid_of();
164 Extensions_Info info(critical, std::move(extn));
165 m_extension_oids.push_back(oid);
166 m_extension_info.emplace(oid, info);
167}
bool remove(const OID &oid)
Definition x509_ext.cpp:149

References remove().

Referenced by Botan::X509_CA::choose_extensions().


The documentation for this class was generated from the following files: