#include <certstor_flatfile.h>
Certificate Store that is backed by a file of PEMs of trusted CAs.
Definition at line 22 of file certstor_flatfile.h.
◆ Flatfile_Certificate_Store() [1/3]
Botan::Flatfile_Certificate_Store::Flatfile_Certificate_Store |
( |
const std::string & |
file, |
|
|
bool |
ignore_non_ca = false |
|
) |
| |
Construct a new Certificate_Store given a file path to a file including PEMs of trusted self-signed CAs.
- Parameters
-
file | the name of the file to read certificates from |
ignore_non_ca | if true, certs that are not self-signed CA certs will be ignored. Otherwise (if false), an exception will be thrown instead. |
Definition at line 41 of file certstor_flatfile.cpp.
45 throw Invalid_Argument(
"Flatfile_Certificate_Store::Flatfile_Certificate_Store invalid file path");
48 DataSource_Stream file_stream(file);
50 for(
const std::vector<uint8_t>& der : decode_all_certificates(file_stream))
52 std::shared_ptr<const X509_Certificate> cert = std::make_shared<const X509_Certificate>(der.data(), der.size());
60 if(cert->is_self_signed() && cert->is_CA_cert())
62 m_all_subjects.push_back(cert->subject_dn());
63 m_dn_to_cert[cert->subject_dn()].push_back(cert);
64 m_pubkey_sha1_to_cert.emplace(cert->subject_public_key_bitstring_sha1(), cert);
65 m_subject_dn_sha256_to_cert.emplace(cert->raw_subject_dn_sha256(), cert);
67 else if(!ignore_non_ca)
69 throw Invalid_Argument(
"Flatfile_Certificate_Store received non CA cert " + cert->subject_dn().to_string());
73 if(m_all_subjects.empty())
75 throw Invalid_Argument(
"Flatfile_Certificate_Store::Flatfile_Certificate_Store cert file is empty");
◆ Flatfile_Certificate_Store() [2/3]
◆ Flatfile_Certificate_Store() [3/3]
◆ all_subjects()
std::vector< X509_DN > Botan::Flatfile_Certificate_Store::all_subjects |
( |
| ) |
const |
|
overridevirtual |
◆ certificate_known()
bool Botan::Certificate_Store::certificate_known |
( |
const X509_Certificate & |
cert | ) |
const |
|
inlineinherited |
◆ find_all_certs()
std::vector< std::shared_ptr< const X509_Certificate > > Botan::Flatfile_Certificate_Store::find_all_certs |
( |
const X509_DN & |
subject_dn, |
|
|
const std::vector< uint8_t > & |
key_id |
|
) |
| const |
|
overridevirtual |
Find all certificates with a given Subject DN. Subject DN and even the key identifier might not be unique.
Implements Botan::Certificate_Store.
Definition at line 84 of file certstor_flatfile.cpp.
88 std::vector<std::shared_ptr<const X509_Certificate>> found_certs;
91 const auto certs = m_dn_to_cert.at(subject_dn);
93 for(
auto cert : certs)
95 if(key_id.empty() || key_id == cert->subject_key_id())
97 found_certs.push_back(cert);
101 catch(
const std::out_of_range&)
◆ find_cert()
std::shared_ptr< const X509_Certificate > Botan::Certificate_Store::find_cert |
( |
const X509_DN & |
subject_dn, |
|
|
const std::vector< uint8_t > & |
key_id |
|
) |
| const |
|
virtualinherited |
◆ find_cert_by_pubkey_sha1()
std::shared_ptr< const X509_Certificate > Botan::Flatfile_Certificate_Store::find_cert_by_pubkey_sha1 |
( |
const std::vector< uint8_t > & |
key_hash | ) |
const |
|
overridevirtual |
Find a certificate by searching for one with a matching SHA-1 hash of public key.
- Returns
- a matching certificate or nullptr otherwise
Implements Botan::Certificate_Store.
Definition at line 110 of file certstor_flatfile.cpp.
112 if(key_hash.size() != 20)
114 throw Invalid_Argument(
"Flatfile_Certificate_Store::find_cert_by_pubkey_sha1 invalid hash");
117 auto found_cert = m_pubkey_sha1_to_cert.find(key_hash);
119 if(found_cert != m_pubkey_sha1_to_cert.end())
121 return found_cert->second;
◆ find_cert_by_raw_subject_dn_sha256()
std::shared_ptr< const X509_Certificate > Botan::Flatfile_Certificate_Store::find_cert_by_raw_subject_dn_sha256 |
( |
const std::vector< uint8_t > & |
subject_hash | ) |
const |
|
overridevirtual |
Find a certificate by searching for one with a matching SHA-256 hash of raw subject name. Used for OCSP.
- Parameters
-
subject_hash | SHA-256 hash of the subject's raw name |
- Returns
- a matching certificate or nullptr otherwise
Implements Botan::Certificate_Store.
Definition at line 128 of file certstor_flatfile.cpp.
130 if(subject_hash.size() != 32)
131 {
throw Invalid_Argument(
"Flatfile_Certificate_Store::find_cert_by_raw_subject_dn_sha256 invalid hash"); }
133 auto found_cert = m_subject_dn_sha256_to_cert.find(subject_hash);
135 if(found_cert != m_subject_dn_sha256_to_cert.end())
137 return found_cert->second;
◆ find_crl_for()
std::shared_ptr< const X509_CRL > Botan::Flatfile_Certificate_Store::find_crl_for |
( |
const X509_Certificate & |
subject | ) |
const |
|
overridevirtual |
◆ operator=() [1/2]
◆ operator=() [2/2]
The documentation for this class was generated from the following files: