11#ifndef BOTAN_PKIX_TYPES_H_
12#define BOTAN_PKIX_TYPES_H_
14#include <botan/asn1_obj.h>
15#include <botan/pkix_enums.h>
25class X509_Certificate;
41 explicit X509_DN(
const std::multimap<OID, std::string>& args) {
42 for(
const auto& i : args) {
43 add_attribute(i.first, i.second);
47 explicit X509_DN(
const std::multimap<std::string, std::string>& args) {
48 for(
const auto& i : args) {
49 add_attribute(i.first, i.second);
56 bool has_field(
const OID& oid)
const;
62 const std::vector<uint8_t>&
get_bits()
const {
return m_dn_bits; }
64 std::vector<uint8_t> DER_encode()
const;
66 bool empty()
const {
return m_rdn.empty(); }
68 std::string to_string()
const;
70 const std::vector<std::pair<OID, ASN1_String>>&
dn_info()
const {
return m_rdn; }
72 std::multimap<OID, std::string> get_attributes()
const;
73 std::multimap<std::string, std::string> contents()
const;
75 bool has_field(std::string_view attr)
const;
76 std::vector<std::string> get_attribute(std::string_view attr)
const;
77 std::string get_first_attribute(std::string_view attr)
const;
79 void add_attribute(std::string_view key, std::string_view val);
85 static std::string deref_info_field(std::string_view key);
94 static size_t lookup_ub(
const OID& oid);
97 std::vector<std::pair<OID, ASN1_String>> m_rdn;
98 std::vector<uint8_t> m_dn_bits;
101bool BOTAN_PUBLIC_API(2, 0) operator==(const X509_DN& dn1, const X509_DN& dn2);
102bool BOTAN_PUBLIC_API(2, 0) operator!=(const X509_DN& dn1, const X509_DN& dn2);
108bool BOTAN_PUBLIC_API(2, 0) operator<(const X509_DN& dn1, const X509_DN& dn2);
110BOTAN_PUBLIC_API(2, 0) std::ostream& operator<<(std::ostream& out, const X509_DN& dn);
111BOTAN_PUBLIC_API(2, 0) std::istream& operator>>(std::istream& in, X509_DN& dn);
121 std::multimap<std::string, std::string> contents()
const;
123 bool has_field(std::string_view attr)
const;
124 std::vector<std::string> get_attribute(std::string_view attr)
const;
126 std::string get_first_attribute(std::string_view attr)
const;
128 void add_attribute(std::string_view type, std::string_view value);
129 void add_othername(
const OID& oid, std::string_view value,
ASN1_Type type);
131 const std::multimap<std::string, std::string, std::less<>>&
get_attributes()
const {
return m_alt_info; }
133 const std::multimap<OID, ASN1_String>&
get_othernames()
const {
return m_othernames; }
137 bool has_items()
const;
140 std::string_view uri =
"",
141 std::string_view dns =
"",
142 std::string_view ip_address =
"");
145 std::multimap<std::string, std::string, std::less<>> m_alt_info;
146 std::multimap<OID, ASN1_String> m_othernames;
158 Attribute(
const OID& oid,
const std::vector<uint8_t>& params);
159 Attribute(std::string_view oid_str,
const std::vector<uint8_t>& params);
163 const std::vector<uint8_t>&
parameters()
const {
return m_parameters; }
171 std::vector<uint8_t> m_parameters;
209 const std::string&
type()
const {
return m_type; }
214 const std::string&
name()
const {
return m_name; }
227 bool matches_dns(
const std::string&)
const;
228 bool matches_dn(
const std::string&)
const;
229 bool matches_ip(
const std::string&)
const;
232std::ostream&
operator<<(std::ostream& os,
const GeneralName& gn);
246 GeneralSubtree() : m_base(), m_minimum(0), m_maximum(std::numeric_limits<std::size_t>::max()) {}
287std::ostream&
operator<<(std::ostream& os,
const GeneralSubtree& gs);
307 std::vector<GeneralSubtree>&& excluded_subtrees) :
308 m_permitted_subtrees(permitted_subtrees), m_excluded_subtrees(excluded_subtrees) {}
313 const std::vector<GeneralSubtree>&
permitted()
const {
return m_permitted_subtrees; }
318 const std::vector<GeneralSubtree>&
excluded()
const {
return m_excluded_subtrees; }
321 std::vector<GeneralSubtree> m_permitted_subtrees;
322 std::vector<GeneralSubtree> m_excluded_subtrees;
348 virtual std::unique_ptr<Certificate_Extension>
copy()
const = 0;
367 const std::vector<X509_Certificate>& cert_path,
368 std::vector<std::set<Certificate_Status_Code>>& cert_status,
396 template <
typename T>
400 if(extn->oid_name().empty()) {
402 }
else if(
const T* extn_as_T =
dynamic_cast<const T*
>(extn)) {
405 throw Decoding_Error(
"Exception::get_extension_object_as dynamic_cast failed");
421 bool extension_set(
const OID& oid)
const;
426 bool critical_extension_set(
const OID& oid)
const;
432 std::vector<uint8_t> get_extension_bits(
const OID& oid)
const;
443 void add(std::unique_ptr<Certificate_Extension> extn,
bool critical =
false);
453 bool add_new(std::unique_ptr<Certificate_Extension> extn,
bool critical =
false);
460 void replace(std::unique_ptr<Certificate_Extension> extn,
bool critical =
false);
466 bool remove(
const OID& oid);
475 std::unique_ptr<Certificate_Extension> get(
const OID& oid)
const;
487 template <
typename T>
489 auto extn_info = m_extension_info.find(oid);
491 if(extn_info != m_extension_info.end()) {
493 if(extn_info->second.obj().oid_name().empty()) {
494 auto ext = std::make_unique<T>();
495 ext->decode_inner(extn_info->second.bits());
508 std::vector<std::pair<std::unique_ptr<Certificate_Extension>,
bool>> extensions()
const;
515 std::map<OID, std::pair<std::vector<uint8_t>,
bool>> extensions_raw()
const;
526 static std::unique_ptr<Certificate_Extension> create_extn_obj(
const OID& oid,
528 const std::vector<uint8_t>& body);
530 class Extensions_Info {
532 Extensions_Info(
bool critical, std::unique_ptr<Certificate_Extension> ext) :
533 m_obj(std::move(ext)), m_bits(m_obj->encode_inner()), m_critical(critical) {}
535 Extensions_Info(
bool critical,
536 const std::vector<uint8_t>& encoding,
537 std::unique_ptr<Certificate_Extension> ext) :
538 m_obj(std::move(ext)), m_bits(encoding), m_critical(critical) {}
540 bool is_critical()
const {
return m_critical; }
542 const std::vector<uint8_t>& bits()
const {
return m_bits; }
544 const Certificate_Extension& obj()
const {
550 std::shared_ptr<Certificate_Extension> m_obj;
551 std::vector<uint8_t> m_bits;
552 bool m_critical =
false;
555 std::vector<OID> m_extension_oids;
556 std::map<OID, Extensions_Info> m_extension_info;
#define BOTAN_ASSERT_NONNULL(ptr)
const std::multimap< std::string, std::string, std::less<> > & get_attributes() const
const std::multimap< OID, ASN1_String > & get_othernames() const
const std::vector< uint8_t > & parameters() const
const OID & object_identifier() const
const std::vector< uint8_t > & get_parameters() const
virtual bool should_encode() const
virtual std::string oid_name() const =0
virtual OID oid_of() const =0
virtual std::unique_ptr< Certificate_Extension > copy() const =0
virtual std::vector< uint8_t > encode_inner() const =0
virtual ~Certificate_Extension()=default
virtual void decode_inner(const std::vector< uint8_t > &)=0
std::unique_ptr< T > get_raw(const OID &oid) const
Extensions & operator=(const Extensions &)=default
Extensions(const Extensions &)=default
Extensions(Extensions &&)=default
const std::vector< OID > & get_extension_oids() const
const T * get_extension_object_as(const OID &oid=T::static_oid()) const
Extensions & operator=(Extensions &&)=default
const std::string & type() const
const std::string & name() const
A single Name Constraint.
GeneralSubtree(const GeneralName &base, size_t min, size_t max)
const GeneralName & base() const
NameConstraints(std::vector< GeneralSubtree > &&permitted_subtrees, std::vector< GeneralSubtree > &&excluded_subtrees)
const std::vector< GeneralSubtree > & permitted() const
const std::vector< GeneralSubtree > & excluded() const
void add_attribute(const OID &oid, std::string_view val)
X509_DN(const std::multimap< OID, std::string > &args)
const std::vector< std::pair< OID, ASN1_String > > & dn_info() const
X509_DN(const std::multimap< std::string, std::string > &args)
const std::vector< uint8_t > & get_bits() const
int(* final)(unsigned char *, CTX *)
#define BOTAN_PUBLIC_API(maj, min)
#define BOTAN_DEPRECATED(msg)
std::ostream & operator<<(std::ostream &out, const OID &oid)
std::string key_constraints_to_string(Key_Constraints c)