Botan::Extensions Class Reference

#include <pkix_types.h>

Inheritance diagram for Botan::Extensions:

Public Member Functions
void	add (std::unique_ptr< Certificate_Extension > extn, bool critical=false)
bool	add_new (std::unique_ptr< Certificate_Extension > extn, bool critical=false)
std::vector< uint8_t >	BER_encode () const
bool	critical_extension_set (const OID &oid) const
void	decode_from (BER_Decoder &) override
void	encode_into (DER_Encoder &) const override
bool	extension_set (const OID &oid) const
	Extensions ()
std::vector< std::pair< std::unique_ptr< Certificate_Extension >, bool > >	extensions () const
	Extensions (const Extensions &)=default
	Extensions (Extensions &&)=default
std::map< OID, std::pair< std::vector< uint8_t >, bool > >	extensions_raw () const
std::unique_ptr< Certificate_Extension >	get (const OID &oid) const
std::vector< uint8_t >	get_extension_bits (const OID &oid) const
const Certificate_Extension *	get_extension_object (const OID &oid) const
template<typename T >
const T *	get_extension_object_as (const OID &oid=T::static_oid()) const
const std::vector< OID > &	get_extension_oids () const
template<typename T >
std::unique_ptr< T >	get_raw (const OID &oid) const
Extensions &	operator= (const Extensions &)=default
Extensions &	operator= (Extensions &&)=default
bool	remove (const OID &oid)
void	replace (std::unique_ptr< Certificate_Extension > extn, bool critical=false)

Detailed Description

X.509 Certificate Extension List

Definition at line 399 of file pkix_types.h.

Constructor & Destructor Documentation

Extensions() [1/3]

Botan::Extensions::Extensions ( )

inline

Definition at line 545 of file pkix_types.h.

{}

Extensions() [2/3]

Botan::Extensions::Extensions ( const Extensions &  )

default

Extensions() [3/3]

Botan::Extensions::Extensions ( Extensions &&  )

default

Member Function Documentation

add()

void Botan::Extensions::add	(	std::unique_ptr< Certificate_Extension >	extn,
		bool	critical = false
	)

Adds a new extension to the list.

Parameters

extn	pointer to the certificate extension (Extensions takes ownership)
critical	whether this extension should be marked as critical

Exceptions

Invalid_Argument

if the extension is already present in the list

Definition at line 118 of file x509_ext.cpp.

   {
   // sanity check: we don't want to have the same extension more than once
   if(m_extension_info.contains(extn->oid_of()))
      {
      const std::string name = extn->oid_name();
      throw Invalid_Argument("Extension " + name + " already present in Extensions::add");
      }
 
   const OID oid = extn->oid_of();
   Extensions_Info info(critical, std::move(extn));
   m_extension_oids.push_back(oid);
   m_extension_info.emplace(oid, info);
   }

References name.

add_new()

bool Botan::Extensions::add_new	(	std::unique_ptr< Certificate_Extension >	extn,
		bool	critical = false
	)

Adds a new extension to the list unless it already exists. If the extension already exists within the Extensions object, the extn pointer will be deleted.

Parameters

extn	pointer to the certificate extension (Extensions takes ownership)
critical	whether this extension should be marked as critical

Returns

true if the object was added false if the extension was already used

Definition at line 133 of file x509_ext.cpp.

   {
   if(m_extension_info.contains(extn->oid_of()))
      {
      return false; // already exists
      }
 
   const OID oid = extn->oid_of();
   Extensions_Info info(critical, std::move(extn));
   m_extension_oids.push_back(oid);
   m_extension_info.emplace(oid, info);
   return true;
   }

Referenced by Botan::X509::create_cert_req(), and Botan::X509::create_self_signed_cert().

BER_encode()

std::vector< uint8_t > Botan::ASN1_Object::BER_encode ( ) const

inherited

Return the encoding of this object. This is a convenience method when just one object needs to be serialized. Use DER_Encoder for complicated encodings.

Definition at line 17 of file asn1_obj.cpp.

   {
   std::vector<uint8_t> output;
   DER_Encoder der(output);
   this->encode_into(der);
   return output;
   }

References Botan::ASN1_Object::encode_into().

Referenced by Botan::PSS_Params::decode_from(), Botan::Certificate_Store_In_SQL::find_all_certs(), Botan::Certificate_Store_In_SQL::find_cert(), Botan::X509_Certificate::fingerprint(), Botan::Certificate_Store_In_SQL::insert_cert(), Botan::X509_Object::PEM_encode(), and Botan::Certificate_Store_In_SQL::revoke_cert().

critical_extension_set()

bool Botan::Extensions::critical_extension_set

(

const OID &

oid

)

const

Return true if an extesion was set and marked critical

Definition at line 175 of file x509_ext.cpp.

   {
   auto i = m_extension_info.find(oid);
   if(i != m_extension_info.end())
      return i->second.is_critical();
   return false;
   }

Referenced by Botan::X509_Certificate::is_critical().

decode_from()

void Botan::Extensions::decode_from ( BER_Decoder &  from )

overridevirtual

Decode whatever this object is from from

Parameters

from	the BER_Decoder that will be read from

Implements Botan::ASN1_Object.

Definition at line 264 of file x509_ext.cpp.

   {
   m_extension_oids.clear();
   m_extension_info.clear();
 
   BER_Decoder sequence = from_source.start_sequence();
 
   while(sequence.more_items())
      {
      OID oid;
      bool critical;
      std::vector<uint8_t> bits;
 
      sequence.start_sequence()
         .decode(oid)
         .decode_optional(critical, ASN1_Type::Boolean, ASN1_Class::Universal, false)
         .decode(bits, ASN1_Type::OctetString)
      .end_cons();
 
      auto obj = create_extn_obj(oid, critical, bits);
      Extensions_Info info(critical, bits, std::move(obj));
 
      m_extension_oids.push_back(oid);
      m_extension_info.emplace(oid, info);
      }
   sequence.verify_end();
   }

References Botan::Boolean, Botan::BER_Decoder::decode(), Botan::BER_Decoder::decode_optional(), Botan::BER_Decoder::end_cons(), Botan::BER_Decoder::more_items(), Botan::OctetString, Botan::BER_Decoder::start_sequence(), Botan::Universal, and Botan::BER_Decoder::verify_end().

encode_into()

void Botan::Extensions::encode_into ( DER_Encoder &  to ) const

overridevirtual

Encode whatever this object is into to

Parameters

to	the DER_Encoder that will be written to

Implements Botan::ASN1_Object.

Definition at line 240 of file x509_ext.cpp.

   {
   for(const auto& ext_info : m_extension_info)
      {
      const OID& oid = ext_info.first;
      const bool should_encode = ext_info.second.obj().should_encode();
 
      if(should_encode)
         {
         const bool is_critical = ext_info.second.is_critical();
         const std::vector<uint8_t>& ext_value = ext_info.second.bits();
 
         to_object.start_sequence()
               .encode(oid)
               .encode_optional(is_critical, false)
               .encode(ext_value, ASN1_Type::OctetString)
            .end_cons();
         }
      }
   }

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::encode_optional(), Botan::DER_Encoder::end_cons(), Botan::OctetString, and Botan::DER_Encoder::start_sequence().

extension_set()

bool Botan::Extensions::extension_set

(

const OID &

oid

)

const

Return true if an extension was set

Definition at line 170 of file x509_ext.cpp.

   {
   return (m_extension_info.find(oid) != m_extension_info.end());
   }

extensions()

std::vector< std::pair< std::unique_ptr< Certificate_Extension >, bool > > Botan::Extensions::extensions

(

)

const

Returns a copy of the list of extensions together with the corresponding criticality flag. All extensions are encoded as some object, falling back to Unknown_Extension class which simply allows reading the bytes as well as the criticality flag.

Definition at line 210 of file x509_ext.cpp.

   {
   std::vector<std::pair<std::unique_ptr<Certificate_Extension>, bool>> exts;
   exts.reserve(m_extension_info.size());
   for(auto&& ext : m_extension_info)
      {
      exts.push_back(
         std::make_pair(
            ext.second.obj().copy(),
            ext.second.is_critical())
         );
      }
   return exts;
   }

Referenced by Botan::PKIX::check_chain().

extensions_raw()

std::map< OID, std::pair< std::vector< uint8_t >, bool > > Botan::Extensions::extensions_raw

(

)

const

Returns the list of extensions as raw, encoded bytes together with the corresponding criticality flag. Contains all extensions, including any extensions encoded as Unknown_Extension

Definition at line 225 of file x509_ext.cpp.

   {
   std::map<OID, std::pair<std::vector<uint8_t>, bool>> out;
   for(auto&& ext : m_extension_info)
      {
      out.emplace(ext.first,
                  std::make_pair(ext.second.bits(),
                                 ext.second.is_critical()));
      }
   return out;
   }

get()

std::unique_ptr< Certificate_Extension > Botan::Extensions::get

(

const OID &

oid

)

const

Searches for an extension by OID and returns the result. Only the known extensions types declared in this header are searched for by this function.

Returns

Copy of extension with oid, nullptr if not found. Can avoid creating a copy by using get_extension_object function

Definition at line 201 of file x509_ext.cpp.

   {
   if(const Certificate_Extension* ext = this->get_extension_object(oid))
      {
      return ext->copy();
      }
   return nullptr;
   }

References get_extension_object().

get_extension_bits()

std::vector< uint8_t > Botan::Extensions::get_extension_bits

(

const OID &

oid

)

const

Return the raw bytes of the extension Will throw if OID was not set as an extension.

Definition at line 183 of file x509_ext.cpp.

   {
   auto i = m_extension_info.find(oid);
   if(i == m_extension_info.end())
      throw Invalid_Argument("Extensions::get_extension_bits no such extension set");
 
   return i->second.bits();
   }

get_extension_object()

const Certificate_Extension * Botan::Extensions::get_extension_object

(

const OID &

oid

)

const

Look up an object in the extensions, based on OID Returns nullptr if not set, if the extension was either absent or not handled. The pointer returned is owned by the Extensions object. This would be better with an optional<T> return value

Definition at line 192 of file x509_ext.cpp.

   {
   auto extn = m_extension_info.find(oid);
   if(extn == m_extension_info.end())
      return nullptr;
 
   return &extn->second.obj();
   }

Referenced by get().

get_extension_object_as()

template<typename T >

const T * Botan::Extensions::get_extension_object_as ( const OID &  oid = T::static_oid() ) const

inline

Definition at line 412 of file pkix_types.h.

         {
         if(const Certificate_Extension* extn = get_extension_object(oid))
            {
            // Unknown_Extension oid_name is empty
            if(extn->oid_name().empty())
               {
               return nullptr;
               }
            else if(const T* extn_as_T = dynamic_cast<const T*>(extn))
               {
               return extn_as_T;
               }
            else
               {
               throw Decoding_Error("Exception::get_extension_object_as dynamic_cast failed");
               }
            }
 
         return nullptr;
         }

References T.

get_extension_oids()

const std::vector< OID > & Botan::Extensions::get_extension_oids ( ) const

inline

Return the set of extensions in the order they appeared in the certificate (or as they were added, if constructed)

Definition at line 438 of file pkix_types.h.

         {
         return m_extension_oids;
         }

Referenced by Botan::PKIX::check_chain().

get_raw()

template<typename T >

std::unique_ptr< T > Botan::Extensions::get_raw ( const OID &  oid ) const

inline

Searches for an extension by OID and returns the result decoding it to some arbitrary extension type chosen by the application.

Only the unknown extensions, that is, extensions types that are not declared in this header, are searched for by this function.

Returns

Pointer to new extension with oid, nullptr if not found.

Definition at line 513 of file pkix_types.h.

         {
         auto extn_info = m_extension_info.find(oid);
 
         if(extn_info != m_extension_info.end())
            {
            // Unknown_Extension oid_name is empty
            if(extn_info->second.obj().oid_name() == "")
               {
               auto ext = std::make_unique<T>();
               ext->decode_inner(extn_info->second.bits());
               return ext;
               }
            }
         return nullptr;
         }

operator=() [1/2]

Extensions & Botan::Extensions::operator= ( const Extensions &  )

default

operator=() [2/2]

Extensions & Botan::Extensions::operator= ( Extensions &&  )

default

remove()

bool Botan::Extensions::remove

(

const OID &

oid

)

Remove an extension from the list. Returns true if the extension had been set, false otherwise.

Definition at line 147 of file x509_ext.cpp.

   {
   const bool erased = m_extension_info.erase(oid) > 0;
 
   if(erased)
      {
      m_extension_oids.erase(std::find(m_extension_oids.begin(), m_extension_oids.end(), oid));
      }
 
   return erased;
   }

Referenced by replace().

replace()

void Botan::Extensions::replace	(	std::unique_ptr< Certificate_Extension >	extn,
		bool	critical = false
	)

Adds an extension to the list or replaces it.

Parameters

extn	the certificate extension
critical	whether this extension should be marked as critical

Definition at line 159 of file x509_ext.cpp.

   {
   // Remove it if it existed
   remove(extn->oid_of());
 
   const OID oid = extn->oid_of();
   Extensions_Info info(critical, std::move(extn));
   m_extension_oids.push_back(oid);
   m_extension_info.emplace(oid, info);
   }

References remove().

Referenced by Botan::X509_CA::choose_extensions().

---

The documentation for this class was generated from the following files:

• src/lib/x509/pkix_types.h
• src/lib/x509/x509_ext.cpp