Botan 3.12.0
Crypto and TLS for C&
alt_name.cpp
Go to the documentation of this file.
1/*
2* (C) 2024 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#include <botan/pkix_types.h>
8
9#include <botan/ber_dec.h>
10#include <botan/der_enc.h>
11#include <botan/internal/int_utils.h>
12#include <botan/internal/loadstor.h>
13#include <botan/internal/parsing.h>
14
15namespace Botan {
16
17void AlternativeName::add_uri(std::string_view uri) {
18 if(!uri.empty()) {
19 m_uri.insert(std::string(uri));
20 }
21}
22
23void AlternativeName::add_email(std::string_view addr) {
24 if(!addr.empty()) {
25 m_email.insert(std::string(addr));
26 }
27}
28
29void AlternativeName::add_dns(std::string_view dns) {
30 if(!dns.empty()) {
31 m_dns.insert(tolower_string(dns));
32 }
33}
34
35void AlternativeName::add_other_name(const OID& oid, const ASN1_String& value) {
36 m_othernames.insert(std::make_pair(oid, value));
37}
38
39void AlternativeName::add_dn(const X509_DN& dn) {
40 m_dn_names.insert(dn);
41}
42
43void AlternativeName::add_ipv4_address(uint32_t ip) {
44 m_ipv4_addr.insert(ip);
45}
46
47void AlternativeName::add_ipv6_address(const IPv6Address& ip) {
48 m_ipv6_addr.insert(ip);
49}
50
51size_t AlternativeName::count() const {
52 const auto sum = checked_add(m_dns.size(),
53 m_uri.size(),
54 m_email.size(),
55 m_ipv4_addr.size(),
56 m_ipv6_addr.size(),
57 m_dn_names.size(),
58 m_othernames.size());
59
60 BOTAN_ASSERT_NOMSG(sum.has_value());
61 return sum.value();
62}
63
64bool AlternativeName::has_items() const {
65 return this->count() > 0;
66}
67
68void AlternativeName::encode_into(DER_Encoder& der) const {
69 der.start_sequence();
70
71 /*
72 GeneralName ::= CHOICE {
73 otherName [0] OtherName,
74 rfc822Name [1] IA5String,
75 dNSName [2] IA5String,
76 x400Address [3] ORAddress,
77 directoryName [4] Name,
78 ediPartyName [5] EDIPartyName,
79 uniformResourceIdentifier [6] IA5String,
80 iPAddress [7] OCTET STRING,
81 registeredID [8] OBJECT IDENTIFIER }
82 */
83
84 for(const auto& othername : m_othernames) {
85 der.start_explicit(0)
86 .encode(othername.first)
87 .start_explicit(0)
88 .encode(othername.second)
89 .end_explicit()
90 .end_explicit();
91 }
92
93 for(const auto& name : m_email) {
94 const ASN1_String str(name, ASN1_Type::Ia5String);
95 der.add_object(ASN1_Type(1), ASN1_Class::ContextSpecific, str.value());
96 }
97
98 for(const auto& name : m_dns) {
99 const ASN1_String str(name, ASN1_Type::Ia5String);
100 der.add_object(ASN1_Type(2), ASN1_Class::ContextSpecific, str.value());
101 }
102
103 for(const auto& name : m_dn_names) {
104 der.add_object(ASN1_Type(4), ASN1_Class::ExplicitContextSpecific, name.DER_encode());
105 }
106
107 for(const auto& name : m_uri) {
108 const ASN1_String str(name, ASN1_Type::Ia5String);
109 der.add_object(ASN1_Type(6), ASN1_Class::ContextSpecific, str.value());
110 }
111
112 for(const uint32_t ip : m_ipv4_addr) {
113 auto ip_buf = store_be(ip);
114 // NOLINTNEXTLINE(clang-analyzer-optin.core.EnumCastOutOfRange)
115 der.add_object(ASN1_Type(7), ASN1_Class::ContextSpecific, ip_buf.data(), 4);
116 }
117
118 for(const auto& ip : m_ipv6_addr) {
119 // NOLINTNEXTLINE(clang-analyzer-optin.core.EnumCastOutOfRange)
120 der.add_object(ASN1_Type(7), ASN1_Class::ContextSpecific, ip.address().data(), ip.address().size());
121 }
122
123 der.end_cons();
124}
125
126void AlternativeName::decode_from(BER_Decoder& source) {
127 BER_Decoder names = source.start_sequence();
128
129 while(names.more_items()) {
130 const BER_Object obj = names.get_next_object();
131
132 if(obj.is_a(0, ASN1_Class::ExplicitContextSpecific)) {
133 BER_Decoder othername(obj, names.limits());
134
135 OID oid;
136 othername.decode(oid);
137 if(othername.more_items()) {
138 const BER_Object othername_value_outer = othername.get_next_object();
139 othername.verify_end();
140
141 if(!othername_value_outer.is_a(0, ASN1_Class::ExplicitContextSpecific)) {
142 throw Decoding_Error("Invalid tags on otherName value");
143 }
144
145 BER_Decoder othername_value_inner(othername_value_outer, names.limits());
146
147 const BER_Object value = othername_value_inner.get_next_object();
148 othername_value_inner.verify_end();
149
150 if(ASN1_String::is_string_type(value.type()) && value.get_class() == ASN1_Class::Universal) {
151 add_othername(oid, ASN1::to_string(value), value.type());
152 }
153 }
154 } else if(obj.is_a(1, ASN1_Class::ContextSpecific)) {
155 add_email(ASN1::to_string(obj));
156 } else if(obj.is_a(2, ASN1_Class::ContextSpecific)) {
157 m_dns.insert(check_and_canonicalize_dns_name(ASN1::to_string(obj)));
158 } else if(obj.is_a(4, ASN1_Class::ContextSpecific | ASN1_Class::Constructed)) {
159 BER_Decoder dec(obj, names.limits());
160 X509_DN dn;
161 dec.decode(dn);
162 this->add_dn(dn);
163 } else if(obj.is_a(6, ASN1_Class::ContextSpecific)) {
164 this->add_uri(ASN1::to_string(obj));
165 } else if(obj.is_a(7, ASN1_Class::ContextSpecific)) {
166 if(obj.length() == 4) {
167 const uint32_t ip = load_be<uint32_t>(obj.bits(), 0);
168 this->add_ipv4_address(ip);
169 } else if(obj.length() == 16) {
170 const IPv6Address ip(std::span<const uint8_t, 16>{obj.bits(), 16});
171 this->add_ipv6_address(ip);
172 } else {
173 throw Decoding_Error("Invalid IP constraint neither IPv4 or IPv6");
174 }
175 }
176 }
177}
178
179} // namespace Botan
BOTAN_ASSERT_NOMSG
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:75
Botan::ASN1_String
Definition asn1_obj.h:358
Botan::ASN1_String::value
const std::string & value() const
Definition asn1_obj.h:365
Botan::ASN1_String::is_string_type
static bool is_string_type(ASN1_Type tag)
Definition asn1_str.cpp:131
Botan::AlternativeName::add_dns
void add_dns(std::string_view dns)
Add a DNS name to this AlternativeName.
Definition alt_name.cpp:29
Botan::AlternativeName::add_ipv4_address
void add_ipv4_address(uint32_t ipv4)
Add an IP address to this alternative name.
Definition alt_name.cpp:43
Botan::AlternativeName::add_email
void add_email(std::string_view addr)
Add a URI to this AlternativeName.
Definition alt_name.cpp:23
Botan::AlternativeName::count
size_t count() const
Definition alt_name.cpp:51
Botan::AlternativeName::encode_into
void encode_into(DER_Encoder &to) const override
Definition alt_name.cpp:68
Botan::AlternativeName::add_uri
void add_uri(std::string_view uri)
Add a URI to this AlternativeName.
Definition alt_name.cpp:17
Botan::AlternativeName::add_ipv6_address
void add_ipv6_address(const IPv6Address &ipv6)
Add an IPv6 address to this alternative name.
Definition alt_name.cpp:47
Botan::AlternativeName::has_items
bool has_items() const
Return true if this has any names set.
Definition alt_name.cpp:64
Botan::AlternativeName::dns
const std::set< std::string > & dns() const
Return the set of DNS names included in this alternative name.
Definition pkix_types.h:183
Botan::AlternativeName::add_other_name
void add_other_name(const OID &oid, const ASN1_String &value)
Add an "OtherName" identified by object identifier to this AlternativeName.
Definition alt_name.cpp:35
Botan::AlternativeName::add_othername
void add_othername(const OID &oid, std::string_view value, ASN1_Type type)
Definition asn1_alt_name.cpp:75
Botan::AlternativeName::add_dn
void add_dn(const X509_DN &dn)
Add a directory name to this AlternativeName.
Definition alt_name.cpp:39
Botan::AlternativeName::decode_from
void decode_from(BER_Decoder &from) override
Definition alt_name.cpp:126
Botan::BER_Decoder
Definition ber_dec.h:25
Botan::BER_Decoder::get_next_object
BER_Object get_next_object()
Definition ber_dec.cpp:426
Botan::BER_Decoder::decode
BER_Decoder & decode(bool &out)
Definition ber_dec.h:220
Botan::BER_Decoder::more_items
bool more_items() const
Definition ber_dec.cpp:371
Botan::BER_Decoder::limits
Limits limits() const
Definition ber_dec.h:98
Botan::BER_Decoder::verify_end
BER_Decoder & verify_end()
Definition ber_dec.cpp:381
Botan::BER_Decoder::start_sequence
BER_Decoder start_sequence()
Definition ber_dec.h:160
Botan::BER_Object
Definition asn1_obj.h:128
Botan::BER_Object::length
size_t length() const
Definition asn1_obj.h:152
Botan::BER_Object::bits
const uint8_t * bits() const
Definition asn1_obj.h:150
Botan::BER_Object::is_a
bool is_a(ASN1_Type type_tag, ASN1_Class class_tag) const
Definition asn1_obj.cpp:66
Botan::BER_Object::type
ASN1_Type type() const
Definition asn1_obj.h:146
Botan::BER_Object::get_class
ASN1_Class get_class() const
Definition asn1_obj.h:148
Botan::DER_Encoder
Definition der_enc.h:25
Botan::DER_Encoder::add_object
DER_Encoder & add_object(ASN1_Type type_tag, ASN1_Class class_tag, const uint8_t rep[], size_t length)
Definition der_enc.cpp:217
Botan::DER_Encoder::end_explicit
DER_Encoder & end_explicit()
Definition der_enc.cpp:195
Botan::DER_Encoder::start_explicit
DER_Encoder & start_explicit(uint16_t type_tag)
Definition der_enc.cpp:188
Botan::DER_Encoder::start_sequence
DER_Encoder & start_sequence()
Definition der_enc.h:67
Botan::DER_Encoder::end_cons
DER_Encoder & end_cons()
Definition der_enc.cpp:173
Botan::DER_Encoder::encode
DER_Encoder & encode(bool b)
Definition der_enc.cpp:245
Botan::Decoding_Error
Definition exceptn.h:192
Botan::X509_DN
Definition pkix_types.h:43
Botan::ASN1::to_string
std::string to_string(const BER_Object &obj)
Definition asn1_obj.cpp:190
Botan::checked_add
constexpr std::optional< T > checked_add(T a, T b)
Definition int_utils.h:19
Botan::tolower_string
std::string tolower_string(std::string_view str)
Definition parsing.cpp:377
Botan::ASN1_Type
ASN1_Type
Definition asn1_obj.h:43
Botan::check_and_canonicalize_dns_name
std::string check_and_canonicalize_dns_name(std::string_view name)
Definition parsing.cpp:531
Botan::store_be
constexpr auto store_be(ParamTs &&... params)
Definition loadstor.h:745
Botan::load_be
constexpr auto load_be(ParamTs &&... params)
Definition loadstor.h:504
Generated by doxygen 1.16.1