Botan 2.19.0
Crypto and TLS for C&
Classes | Public Member Functions | List of all members
Botan::Extensions Class Referencefinal

#include <pkix_types.h>

Inheritance diagram for Botan::Extensions:
Botan::ASN1_Object

Public Member Functions

void add (Certificate_Extension *extn, bool critical=false)
 
bool add_new (Certificate_Extension *extn, bool critical=false)
 
std::vector< uint8_t > BER_encode () const
 
void contents_to (Data_Store &, Data_Store &) const
 
bool critical_extension_set (const OID &oid) const
 
void decode_from (class BER_Decoder &) override
 
void encode_into (class DER_Encoder &) const override
 
bool extension_set (const OID &oid) const
 
 Extensions ()
 
std::vector< std::pair< std::unique_ptr< Certificate_Extension >, bool > > extensions () const
 
 Extensions (const Extensions &)=default
 
 Extensions (Extensions &&)=default
 
std::map< OID, std::pair< std::vector< uint8_t >, bool > > extensions_raw () const
 
std::unique_ptr< Certificate_Extensionget (const OID &oid) const
 
std::vector< uint8_t > get_extension_bits (const OID &oid) const
 
const Certificate_Extensionget_extension_object (const OID &oid) const
 
template<typename T >
const Tget_extension_object_as (const OID &oid=T::static_oid()) const
 
const std::vector< OID > & get_extension_oids () const
 
template<typename T >
std::unique_ptr< Tget_raw (const OID &oid) const
 
Extensionsoperator= (const Extensions &)=default
 
Extensionsoperator= (Extensions &&)=default
 
bool remove (const OID &oid)
 
void replace (Certificate_Extension *extn, bool critical=false)
 

Detailed Description

X.509 Certificate Extension List

Definition at line 412 of file pkix_types.h.

Constructor & Destructor Documentation

◆ Extensions() [1/3]

Botan::Extensions::Extensions ( )
inline

Definition at line 559 of file pkix_types.h.

559{}

◆ Extensions() [2/3]

Botan::Extensions::Extensions ( const Extensions )
default

◆ Extensions() [3/3]

Botan::Extensions::Extensions ( Extensions &&  )
default

Member Function Documentation

◆ add()

void Botan::Extensions::add ( Certificate_Extension extn,
bool  critical = false 
)

Adds a new extension to the list.

Parameters
extnpointer to the certificate extension (Extensions takes ownership)
criticalwhether this extension should be marked as critical
Exceptions
Invalid_Argumentif the extension is already present in the list

Definition at line 123 of file x509_ext.cpp.

124 {
125 // sanity check: we don't want to have the same extension more than once
126 if(m_extension_info.count(extn->oid_of()) > 0)
127 {
128 const std::string name = extn->oid_name();
129 delete extn;
130 throw Invalid_Argument("Extension " + name + " already present in Extensions::add");
131 }
132
133 const OID oid = extn->oid_of();
134 Extensions_Info info(critical, extn);
135 m_extension_oids.push_back(oid);
136 m_extension_info.emplace(oid, info);
137 }
std::string name

References name, Botan::Certificate_Extension::oid_name(), and Botan::Certificate_Extension::oid_of().

◆ add_new()

bool Botan::Extensions::add_new ( Certificate_Extension extn,
bool  critical = false 
)

Adds a new extension to the list unless it already exists. If the extension already exists within the Extensions object, the extn pointer will be deleted.

Parameters
extnpointer to the certificate extension (Extensions takes ownership)
criticalwhether this extension should be marked as critical
Returns
true if the object was added false if the extension was already used

Definition at line 139 of file x509_ext.cpp.

140 {
141 if(m_extension_info.count(extn->oid_of()) > 0)
142 {
143 delete extn;
144 return false; // already exists
145 }
146
147 const OID oid = extn->oid_of();
148 Extensions_Info info(critical, extn);
149 m_extension_oids.push_back(oid);
150 m_extension_info.emplace(oid, info);
151 return true;
152 }

References Botan::Certificate_Extension::oid_of().

Referenced by Botan::X509::create_cert_req(), and Botan::X509::create_self_signed_cert().

◆ BER_encode()

std::vector< uint8_t > Botan::ASN1_Object::BER_encode ( ) const
inherited

Return the encoding of this object. This is a convenience method when just one object needs to be serialized. Use DER_Encoder for complicated encodings.

Definition at line 16 of file asn1_obj.cpp.

17 {
18 std::vector<uint8_t> output;
19 DER_Encoder der(output);
20 this->encode_into(der);
21 return output;
22 }
virtual void encode_into(DER_Encoder &to) const =0

References Botan::ASN1_Object::encode_into().

Referenced by Botan::PSSR::config_for_x509(), Botan::Certificate_Store_In_SQL::find_all_certs(), Botan::Certificate_Store_In_SQL::find_cert(), Botan::X509_Certificate::fingerprint(), Botan::Certificate_Store_In_SQL::insert_cert(), Botan::X509_Object::PEM_encode(), and Botan::Certificate_Store_In_SQL::revoke_cert().

◆ contents_to()

void Botan::Extensions::contents_to ( Data_Store subject_info,
Data_Store issuer_info 
) const

Definition at line 301 of file x509_ext.cpp.

303 {
304 for(auto&& m_extn_info : m_extension_info)
305 {
306 m_extn_info.second.obj().contents_to(subject_info, issuer_info);
307 subject_info.add(m_extn_info.second.obj().oid_name() + ".is_critical",
308 m_extn_info.second.is_critical());
309 }
310 }

References Botan::Data_Store::add().

◆ critical_extension_set()

bool Botan::Extensions::critical_extension_set ( const OID oid) const

Return true if an extesion was set and marked critical

Definition at line 182 of file x509_ext.cpp.

183 {
184 auto i = m_extension_info.find(oid);
185 if(i != m_extension_info.end())
186 return i->second.is_critical();
187 return false;
188 }

Referenced by Botan::X509_Certificate::is_critical().

◆ decode_from()

void Botan::Extensions::decode_from ( class BER_Decoder from)
overridevirtual

Decode whatever this object is from from

Parameters
fromthe BER_Decoder that will be read from

Implements Botan::ASN1_Object.

Definition at line 270 of file x509_ext.cpp.

271 {
272 m_extension_oids.clear();
273 m_extension_info.clear();
274
275 BER_Decoder sequence = from_source.start_cons(SEQUENCE);
276
277 while(sequence.more_items())
278 {
279 OID oid;
280 bool critical;
281 std::vector<uint8_t> bits;
282
283 sequence.start_cons(SEQUENCE)
284 .decode(oid)
285 .decode_optional(critical, BOOLEAN, UNIVERSAL, false)
286 .decode(bits, OCTET_STRING)
287 .end_cons();
288
289 std::unique_ptr<Certificate_Extension> obj = create_extn_obj(oid, critical, bits);
290 Extensions_Info info(critical, bits, obj.release());
291
292 m_extension_oids.push_back(oid);
293 m_extension_info.emplace(oid, info);
294 }
295 sequence.verify_end();
296 }
@ SEQUENCE
Definition: asn1_obj.h:42
@ BOOLEAN
Definition: asn1_obj.h:35
@ OCTET_STRING
Definition: asn1_obj.h:38
@ UNIVERSAL
Definition: asn1_obj.h:26

References Botan::BOOLEAN, Botan::BER_Decoder::decode(), Botan::BER_Decoder::decode_optional(), Botan::BER_Decoder::end_cons(), Botan::BER_Decoder::more_items(), Botan::OCTET_STRING, Botan::SEQUENCE, Botan::BER_Decoder::start_cons(), Botan::UNIVERSAL, and Botan::BER_Decoder::verify_end().

◆ encode_into()

void Botan::Extensions::encode_into ( class DER_Encoder to) const
overridevirtual

Encode whatever this object is into to

Parameters
tothe DER_Encoder that will be written to

Implements Botan::ASN1_Object.

Definition at line 246 of file x509_ext.cpp.

247 {
248 for(auto ext_info : m_extension_info)
249 {
250 const OID& oid = ext_info.first;
251 const bool should_encode = ext_info.second.obj().should_encode();
252
253 if(should_encode)
254 {
255 const bool is_critical = ext_info.second.is_critical();
256 const std::vector<uint8_t>& ext_value = ext_info.second.bits();
257
258 to_object.start_cons(SEQUENCE)
259 .encode(oid)
260 .encode_optional(is_critical, false)
261 .encode(ext_value, OCTET_STRING)
262 .end_cons();
263 }
264 }
265 }

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::encode_optional(), Botan::DER_Encoder::end_cons(), Botan::OCTET_STRING, Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

◆ extension_set()

bool Botan::Extensions::extension_set ( const OID oid) const

Return true if an extension was set

Definition at line 177 of file x509_ext.cpp.

178 {
179 return (m_extension_info.find(oid) != m_extension_info.end());
180 }

◆ extensions()

std::vector< std::pair< std::unique_ptr< Certificate_Extension >, bool > > Botan::Extensions::extensions ( ) const

Returns a copy of the list of extensions together with the corresponding criticality flag. All extensions are encoded as some object, falling back to Unknown_Extension class which simply allows reading the bytes as well as the criticality flag.

Definition at line 217 of file x509_ext.cpp.

218 {
219 std::vector<std::pair<std::unique_ptr<Certificate_Extension>, bool>> exts;
220 for(auto&& ext : m_extension_info)
221 {
222 exts.push_back(
223 std::make_pair(
224 std::unique_ptr<Certificate_Extension>(ext.second.obj().copy()),
225 ext.second.is_critical())
226 );
227 }
228 return exts;
229 }

Referenced by Botan::PKIX::check_chain().

◆ extensions_raw()

std::map< OID, std::pair< std::vector< uint8_t >, bool > > Botan::Extensions::extensions_raw ( ) const

Returns the list of extensions as raw, encoded bytes together with the corresponding criticality flag. Contains all extensions, including any extensions encoded as Unknown_Extension

Definition at line 231 of file x509_ext.cpp.

232 {
233 std::map<OID, std::pair<std::vector<uint8_t>, bool>> out;
234 for(auto&& ext : m_extension_info)
235 {
236 out.emplace(ext.first,
237 std::make_pair(ext.second.bits(),
238 ext.second.is_critical()));
239 }
240 return out;
241 }

◆ get()

std::unique_ptr< Certificate_Extension > Botan::Extensions::get ( const OID oid) const

Searches for an extension by OID and returns the result. Only the known extensions types declared in this header are searched for by this function.

Returns
Copy of extension with oid, nullptr if not found. Can avoid creating a copy by using get_extension_object function

Definition at line 208 of file x509_ext.cpp.

209 {
210 if(const Certificate_Extension* ext = this->get_extension_object(oid))
211 {
212 return std::unique_ptr<Certificate_Extension>(ext->copy());
213 }
214 return nullptr;
215 }
const Certificate_Extension * get_extension_object(const OID &oid) const
Definition: x509_ext.cpp:199

References get_extension_object().

◆ get_extension_bits()

std::vector< uint8_t > Botan::Extensions::get_extension_bits ( const OID oid) const

Return the raw bytes of the extension Will throw if OID was not set as an extension.

Definition at line 190 of file x509_ext.cpp.

191 {
192 auto i = m_extension_info.find(oid);
193 if(i == m_extension_info.end())
194 throw Invalid_Argument("Extensions::get_extension_bits no such extension set");
195
196 return i->second.bits();
197 }

◆ get_extension_object()

const Certificate_Extension * Botan::Extensions::get_extension_object ( const OID oid) const

Look up an object in the extensions, based on OID Returns nullptr if not set, if the extension was either absent or not handled. The pointer returned is owned by the Extensions object. This would be better with an optional<T> return value

Definition at line 199 of file x509_ext.cpp.

200 {
201 auto extn = m_extension_info.find(oid);
202 if(extn == m_extension_info.end())
203 return nullptr;
204
205 return &extn->second.obj();
206 }

Referenced by get().

◆ get_extension_object_as()

template<typename T >
const T * Botan::Extensions::get_extension_object_as ( const OID oid = T::static_oid()) const
inline

Definition at line 425 of file pkix_types.h.

426 {
427 if(const Certificate_Extension* extn = get_extension_object(oid))
428 {
429 // Unknown_Extension oid_name is empty
430 if(extn->oid_name().empty())
431 {
432 return nullptr;
433 }
434 else if(const T* extn_as_T = dynamic_cast<const T*>(extn))
435 {
436 return extn_as_T;
437 }
438 else
439 {
440 throw Decoding_Error("Exception::get_extension_object_as dynamic_cast failed");
441 }
442 }
443
444 return nullptr;
445 }
fe T
Definition: ge.cpp:37

References T.

◆ get_extension_oids()

const std::vector< OID > & Botan::Extensions::get_extension_oids ( ) const
inline

Return the set of extensions in the order they appeared in the certificate (or as they were added, if constructed)

Definition at line 451 of file pkix_types.h.

452 {
453 return m_extension_oids;
454 }

Referenced by Botan::PKIX::check_chain().

◆ get_raw()

template<typename T >
std::unique_ptr< T > Botan::Extensions::get_raw ( const OID oid) const
inline

Searches for an extension by OID and returns the result decoding it to some arbitrary extension type chosen by the application.

Only the unknown extensions, that is, extensions types that are not declared in this header, are searched for by this function.

Returns
Pointer to new extension with oid, nullptr if not found.

Definition at line 527 of file pkix_types.h.

528 {
529 auto extn_info = m_extension_info.find(oid);
530
531 if(extn_info != m_extension_info.end())
532 {
533 // Unknown_Extension oid_name is empty
534 if(extn_info->second.obj().oid_name() == "")
535 {
536 std::unique_ptr<T> ext(new T);
537 ext->decode_inner(extn_info->second.bits());
538 return ext;
539 }
540 }
541 return nullptr;
542 }

References T.

◆ operator=() [1/2]

Extensions & Botan::Extensions::operator= ( const Extensions )
default

◆ operator=() [2/2]

Extensions & Botan::Extensions::operator= ( Extensions &&  )
default

◆ remove()

bool Botan::Extensions::remove ( const OID oid)

Remove an extension from the list. Returns true if the extension had been set, false otherwise.

Definition at line 154 of file x509_ext.cpp.

155 {
156 const bool erased = m_extension_info.erase(oid) > 0;
157
158 if(erased)
159 {
160 m_extension_oids.erase(std::find(m_extension_oids.begin(), m_extension_oids.end(), oid));
161 }
162
163 return erased;
164 }

Referenced by replace().

◆ replace()

void Botan::Extensions::replace ( Certificate_Extension extn,
bool  critical = false 
)

Adds an extension to the list or replaces it.

Parameters
extnthe certificate extension
criticalwhether this extension should be marked as critical

Definition at line 166 of file x509_ext.cpp.

167 {
168 // Remove it if it existed
169 remove(extn->oid_of());
170
171 const OID oid = extn->oid_of();
172 Extensions_Info info(critical, extn);
173 m_extension_oids.push_back(oid);
174 m_extension_info.emplace(oid, info);
175 }
bool remove(const OID &oid)
Definition: x509_ext.cpp:154

References Botan::Certificate_Extension::oid_of(), and remove().


The documentation for this class was generated from the following files: