Botan  2.18.1
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | Protected Member Functions | List of all members
Botan::PKCS10_Request Class Referencefinal

#include <pkcs10.h>

Inheritance diagram for Botan::PKCS10_Request:
Botan::X509_Object Botan::ASN1_Object

Public Member Functions

std::vector< uint8_t > BER_encode () const
 
std::string challenge_password () const
 
bool check_signature (const Public_Key &key) const
 
bool check_signature (const Public_Key *key) const
 
Key_Constraints constraints () const
 
void decode_from (class BER_Decoder &from) override
 
void encode_into (class DER_Encoder &to) const override
 
std::vector< OIDex_constraints () const
 
const Extensionsextensions () const
 
std::string hash_used_for_signature () const
 
bool is_CA () const
 
size_t path_limit () const
 
std::string PEM_encode () const
 
 PKCS10_Request (DataSource &source)
 
 PKCS10_Request (const std::vector< uint8_t > &vec)
 
const std::vector< uint8_t > & raw_public_key () const
 
const std::vector< uint8_t > & signature () const
 
const AlgorithmIdentifiersignature_algorithm () const
 
const std::vector< uint8_t > & signed_body () const
 
const AlternativeNamesubject_alt_name () const
 
const X509_DNsubject_dn () const
 
Public_Keysubject_public_key () const
 
std::vector< uint8_t > tbs_data () const
 
Certificate_Status_Code verify_signature (const Public_Key &key) const
 

Static Public Member Functions

static std::unique_ptr< PK_Signerchoose_sig_format (AlgorithmIdentifier &sig_algo, const Private_Key &key, RandomNumberGenerator &rng, const std::string &hash_fn, const std::string &padding_algo)
 
static PKCS10_Request create (const Private_Key &key, const X509_DN &subject_dn, const Extensions &extensions, const std::string &hash_fn, RandomNumberGenerator &rng, const std::string &padding_scheme="", const std::string &challenge="")
 
static std::vector< uint8_t > make_signed (class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const secure_vector< uint8_t > &tbs)
 

Protected Member Functions

void load_data (DataSource &src)
 

Detailed Description

PKCS #10 Certificate Request.

Definition at line 28 of file pkcs10.h.

Constructor & Destructor Documentation

◆ PKCS10_Request() [1/2]

Botan::PKCS10_Request::PKCS10_Request ( DataSource source)
explicit

Create a PKCS#10 Request from a data source.

Parameters
sourcethe data source providing the DER encoded request

Definition at line 39 of file pkcs10.cpp.

References Botan::X509_Object::load_data().

Referenced by create().

40  {
41  load_data(src);
42  }
void load_data(DataSource &src)
Definition: x509_obj.cpp:52

◆ PKCS10_Request() [2/2]

Botan::PKCS10_Request::PKCS10_Request ( const std::vector< uint8_t > &  vec)
explicit

Create a PKCS#10 Request from binary data.

Parameters
veca std::vector containing the DER value

Definition at line 44 of file pkcs10.cpp.

References Botan::X509_Object::load_data().

45  {
46  DataSource_Memory src(vec.data(), vec.size());
47  load_data(src);
48  }
void load_data(DataSource &src)
Definition: x509_obj.cpp:52

Member Function Documentation

◆ BER_encode()

std::vector< uint8_t > Botan::ASN1_Object::BER_encode ( ) const
inherited

Return the encoding of this object. This is a convenience method when just one object needs to be serialized. Use DER_Encoder for complicated encodings.

Definition at line 16 of file asn1_obj.cpp.

References Botan::ASN1_Object::encode_into().

Referenced by Botan::PSSR::config_for_x509(), Botan::Certificate_Store_In_SQL::find_all_certs(), Botan::Certificate_Store_In_SQL::find_cert(), Botan::X509_Certificate::fingerprint(), Botan::Certificate_Store_In_SQL::insert_cert(), Botan::X509_Object::PEM_encode(), and Botan::Certificate_Store_In_SQL::revoke_cert().

17  {
18  std::vector<uint8_t> output;
19  DER_Encoder der(output);
20  this->encode_into(der);
21  return output;
22  }
virtual void encode_into(DER_Encoder &to) const =0

◆ challenge_password()

std::string Botan::PKCS10_Request::challenge_password ( ) const

Get the challenge password for this request

Returns
challenge password for this request

Definition at line 202 of file pkcs10.cpp.

203  {
204  return data().m_challenge;
205  }

◆ check_signature() [1/2]

bool Botan::X509_Object::check_signature ( const Public_Key key) const
inherited

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data
Returns
true if the signature is valid, otherwise false

Definition at line 178 of file x509_obj.cpp.

References Botan::VERIFIED, and Botan::X509_Object::verify_signature().

Referenced by Botan::X509_Object::check_signature().

179  {
180  const Certificate_Status_Code code = verify_signature(pub_key);
181  return (code == Certificate_Status_Code::VERIFIED);
182  }
Certificate_Status_Code verify_signature(const Public_Key &key) const
Definition: x509_obj.cpp:184
Certificate_Status_Code
Definition: pkix_enums.h:17

◆ check_signature() [2/2]

bool Botan::X509_Object::check_signature ( const Public_Key key) const
inherited

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data the object will be deleted after use (this should have been a std::unique_ptr<Public_Key>)
Returns
true if the signature is valid, otherwise false

Definition at line 170 of file x509_obj.cpp.

References Botan::X509_Object::check_signature(), and Botan::X509_Object::PEM_label().

171  {
172  if(!pub_key)
173  throw Invalid_Argument("No key provided for " + PEM_label() + " signature check");
174  std::unique_ptr<const Public_Key> key(pub_key);
175  return check_signature(*key);
176  }
virtual std::string PEM_label() const =0
bool check_signature(const Public_Key &key) const
Definition: x509_obj.cpp:178

◆ choose_sig_format()

std::unique_ptr< PK_Signer > Botan::X509_Object::choose_sig_format ( AlgorithmIdentifier sig_algo,
const Private_Key key,
RandomNumberGenerator rng,
const std::string &  hash_fn,
const std::string &  padding_algo 
)
staticinherited

Definition at line 411 of file x509_obj.cpp.

References Botan::Public_Key::default_x509_signature_format().

Referenced by Botan::choose_sig_format(), and create().

416  {
417  const Signature_Format format = key.default_x509_signature_format();
418 
419  const std::string emsa = choose_sig_algo(sig_algo, key, hash_fn, padding_algo);
420 
421  return std::unique_ptr<PK_Signer>(new PK_Signer(key, rng, emsa, format));
422  }
Signature_Format
Definition: pk_keys.h:23

◆ constraints()

Key_Constraints Botan::PKCS10_Request::constraints ( ) const

Get the key constraints for the key associated with this PKCS#10 object.

Returns
key constraints

Definition at line 251 of file pkcs10.cpp.

References extensions(), Botan::OID::from_string(), Botan::Cert_Extension::Key_Usage::get_constraints(), and Botan::NO_CONSTRAINTS.

252  {
253  if(auto ext = extensions().get(OID::from_string("X509v3.KeyUsage")))
254  {
255  return dynamic_cast<Cert_Extension::Key_Usage&>(*ext).get_constraints();
256  }
257 
258  return NO_CONSTRAINTS;
259  }
const Extensions & extensions() const
Definition: pkcs10.cpp:243
static OID from_string(const std::string &str)
Definition: asn1_oid.cpp:62

◆ create()

PKCS10_Request Botan::PKCS10_Request::create ( const Private_Key key,
const X509_DN subject_dn,
const Extensions extensions,
const std::string &  hash_fn,
RandomNumberGenerator rng,
const std::string &  padding_scheme = "",
const std::string &  challenge = "" 
)
static

Create a new PKCS10 certificate request

Parameters
keythe key that will be included in the certificate request
subject_dnthe DN to be placed in the request
extensionsextensions to include in the request
hash_fnthe hash function to use to create the signature
rnga random number generator
padding_schemeif set specifies the padding scheme, otherwise an algorithm-specific default is used.
challengea challenge string to be included in the PKCS10 request, sometimes used for revocation purposes.

Definition at line 59 of file pkcs10.cpp.

References Botan::X509_Object::choose_sig_format(), Botan::DIRECTORY_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::end_explicit(), extensions(), Botan::DER_Encoder::get_contents(), Botan::X509_Object::make_signed(), PKCS10_Request(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::DER_Encoder::start_cons(), subject_dn(), and Botan::Public_Key::subject_public_key().

Referenced by Botan::X509::create_cert_req().

66  {
67  AlgorithmIdentifier sig_algo;
68  std::unique_ptr<PK_Signer> signer = choose_sig_format(sig_algo, key, rng, hash_fn, padding_scheme);
69 
70  const size_t PKCS10_VERSION = 0;
71 
72  DER_Encoder tbs_req;
73 
74  tbs_req.start_cons(SEQUENCE)
75  .encode(PKCS10_VERSION)
76  .encode(subject_dn)
77  .raw_bytes(key.subject_public_key())
78  .start_explicit(0);
79 
80  if(challenge.empty() == false)
81  {
82  std::vector<uint8_t> value;
83  DER_Encoder(value).encode(ASN1_String(challenge, DIRECTORY_STRING));
84  tbs_req.encode(Attribute("PKCS9.ChallengePassword", value));
85  }
86 
87  std::vector<uint8_t> extension_req;
88  DER_Encoder(extension_req).start_cons(SEQUENCE).encode(extensions).end_cons();
89  tbs_req.encode(Attribute("PKCS9.ExtensionRequest", extension_req));
90 
91  // end the start_explicit above
92  tbs_req.end_explicit().end_cons();
93 
94  const std::vector<uint8_t> req =
95  X509_Object::make_signed(signer.get(), rng, sig_algo,
96  tbs_req.get_contents());
97 
98  return PKCS10_Request(req);
99  }
static std::vector< uint8_t > make_signed(class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const secure_vector< uint8_t > &tbs)
Definition: x509_obj.cpp:303
const Extensions & extensions() const
Definition: pkcs10.cpp:243
static std::unique_ptr< PK_Signer > choose_sig_format(AlgorithmIdentifier &sig_algo, const Private_Key &key, RandomNumberGenerator &rng, const std::string &hash_fn, const std::string &padding_algo)
Definition: x509_obj.cpp:411
const X509_DN & subject_dn() const
Definition: pkcs10.cpp:210
PKCS10_Request(DataSource &source)
Definition: pkcs10.cpp:39
CK_ATTRIBUTE Attribute
Definition: p11.h:847

◆ decode_from()

void Botan::X509_Object::decode_from ( class BER_Decoder from)
overridevirtualinherited

Decode a BER encoded X509_Object See ASN1_Object::decode_from()

Implements Botan::ASN1_Object.

Definition at line 106 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::BER_Decoder::decode(), Botan::BER_Decoder::end_cons(), Botan::BER_Decoder::raw_bytes(), Botan::SEQUENCE, and Botan::BER_Decoder::start_cons().

Referenced by Botan::X509_Object::load_data().

107  {
108  from.start_cons(SEQUENCE)
109  .start_cons(SEQUENCE)
110  .raw_bytes(m_tbs_bits)
111  .end_cons()
112  .decode(m_sig_algo)
113  .decode(m_sig, BIT_STRING)
114  .end_cons();
115 
116  force_decode();
117  }

◆ encode_into()

void Botan::X509_Object::encode_into ( class DER_Encoder to) const
overridevirtualinherited

DER encode an X509_Object See ASN1_Object::encode_into()

Implements Botan::ASN1_Object.

Definition at line 92 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::X509_Object::signature(), Botan::X509_Object::signature_algorithm(), Botan::X509_Object::signed_body(), and Botan::DER_Encoder::start_cons().

93  {
94  to.start_cons(SEQUENCE)
95  .start_cons(SEQUENCE)
96  .raw_bytes(signed_body())
97  .end_cons()
98  .encode(signature_algorithm())
99  .encode(signature(), BIT_STRING)
100  .end_cons();
101  }
const AlgorithmIdentifier & signature_algorithm() const
Definition: x509_obj.h:47
const std::vector< uint8_t > & signature() const
Definition: x509_obj.h:37
const std::vector< uint8_t > & signed_body() const
Definition: x509_obj.h:42

◆ ex_constraints()

std::vector< OID > Botan::PKCS10_Request::ex_constraints ( ) const

Get the extendend key constraints (if any).

Returns
extended key constraints

Definition at line 264 of file pkcs10.cpp.

References extensions(), Botan::OID::from_string(), and Botan::Cert_Extension::Extended_Key_Usage::get_oids().

265  {
266  if(auto ext = extensions().get(OID::from_string("X509v3.ExtendedKeyUsage")))
267  {
268  return dynamic_cast<Cert_Extension::Extended_Key_Usage&>(*ext).get_oids();
269  }
270 
271  return {};
272  }
const Extensions & extensions() const
Definition: pkcs10.cpp:243
static OID from_string(const std::string &str)
Definition: asn1_oid.cpp:62

◆ extensions()

const Extensions & Botan::PKCS10_Request::extensions ( ) const

Get the X509v3 extensions.

Returns
X509v3 extensions

Definition at line 243 of file pkcs10.cpp.

Referenced by constraints(), create(), ex_constraints(), is_CA(), and path_limit().

244  {
245  return data().m_extensions;
246  }

◆ hash_used_for_signature()

std::string Botan::X509_Object::hash_used_for_signature ( ) const
inherited
Returns
hash algorithm that was used to generate signature

Definition at line 138 of file x509_obj.cpp.

References Botan::AlgorithmIdentifier::get_oid(), Botan::parse_algorithm_name(), Botan::X509_Object::signature_algorithm(), Botan::split_on(), Botan::OID::to_formatted_string(), and Botan::OID::to_string().

139  {
140  const OID& oid = m_sig_algo.get_oid();
141  const std::vector<std::string> sig_info = split_on(oid.to_formatted_string(), '/');
142 
143  if(sig_info.size() == 1 && sig_info[0] == "Ed25519")
144  return "SHA-512";
145  else if(sig_info.size() != 2)
146  throw Internal_Error("Invalid name format found for " + oid.to_string());
147 
148  if(sig_info[1] == "EMSA4")
149  {
150  const OID hash_oid = decode_pss_params(signature_algorithm().get_parameters()).hash_algo.get_oid();
151  return hash_oid.to_formatted_string();
152  }
153  else
154  {
155  const std::vector<std::string> pad_and_hash =
156  parse_algorithm_name(sig_info[1]);
157 
158  if(pad_and_hash.size() != 2)
159  {
160  throw Internal_Error("Invalid name format " + sig_info[1]);
161  }
162 
163  return pad_and_hash[1];
164  }
165  }
const AlgorithmIdentifier & signature_algorithm() const
Definition: x509_obj.h:47
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:148
std::vector< std::string > parse_algorithm_name(const std::string &namex)
Definition: parsing.cpp:95
const OID & get_oid() const
Definition: asn1_obj.h:445

◆ is_CA()

bool Botan::PKCS10_Request::is_CA ( ) const

Find out whether this is a CA request.

Returns
true if it is a CA request, false otherwise.

Definition at line 277 of file pkcs10.cpp.

References extensions(), Botan::OID::from_string(), and Botan::Cert_Extension::Basic_Constraints::get_is_ca().

278  {
279  if(auto ext = extensions().get(OID::from_string("X509v3.BasicConstraints")))
280  {
281  return dynamic_cast<Cert_Extension::Basic_Constraints&>(*ext).get_is_ca();
282  }
283 
284  return false;
285  }
const Extensions & extensions() const
Definition: pkcs10.cpp:243
static OID from_string(const std::string &str)
Definition: asn1_oid.cpp:62

◆ load_data()

void Botan::X509_Object::load_data ( DataSource src)
protectedinherited

Decodes from src as either DER or PEM data, then calls force_decode()

Definition at line 52 of file x509_obj.cpp.

References Botan::X509_Object::alternate_PEM_labels(), Botan::PEM_Code::decode(), Botan::X509_Object::decode_from(), Botan::PEM_Code::matches(), Botan::ASN1::maybe_BER(), and Botan::X509_Object::PEM_label().

Referenced by PKCS10_Request(), Botan::X509_Certificate::X509_Certificate(), and Botan::X509_CRL::X509_CRL().

53  {
54  try {
55  if(ASN1::maybe_BER(in) && !PEM_Code::matches(in))
56  {
57  BER_Decoder dec(in);
58  decode_from(dec);
59  }
60  else
61  {
62  std::string got_label;
63  DataSource_Memory ber(PEM_Code::decode(in, got_label));
64 
65  if(got_label != PEM_label())
66  {
67  bool is_alternate = false;
68  for(std::string alt_label : alternate_PEM_labels())
69  {
70  if(got_label == alt_label)
71  {
72  is_alternate = true;
73  break;
74  }
75  }
76 
77  if(!is_alternate)
78  throw Decoding_Error("Unexpected PEM label for " + PEM_label() + " of " + got_label);
79  }
80 
81  BER_Decoder dec(ber);
82  decode_from(dec);
83  }
84  }
85  catch(Decoding_Error& e)
86  {
87  throw Decoding_Error(PEM_label() + " decoding", e);
88  }
89  }
virtual std::vector< std::string > alternate_PEM_labels() const
Definition: x509_obj.h:113
virtual std::string PEM_label() const =0
bool maybe_BER(DataSource &source)
Definition: asn1_obj.cpp:222
void decode_from(class BER_Decoder &from) override
Definition: x509_obj.cpp:106
bool matches(DataSource &source, const std::string &extra, size_t search_range)
Definition: pem.cpp:142
secure_vector< uint8_t > decode(DataSource &source, std::string &label)
Definition: pem.cpp:68

◆ make_signed()

std::vector< uint8_t > Botan::X509_Object::make_signed ( class PK_Signer signer,
RandomNumberGenerator rng,
const AlgorithmIdentifier alg_id,
const secure_vector< uint8_t > &  tbs 
)
staticinherited

Create a signed X509 object.

Parameters
signerthe signer used to sign the object
rngthe random number generator to use
alg_idthe algorithm identifier of the signature scheme
tbsthe tbs bits to be signed
Returns
signed X509 object

Definition at line 303 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::PK_Signer::sign_message(), Botan::X509_Object::signature(), and Botan::DER_Encoder::start_cons().

Referenced by create(), and Botan::X509_CA::make_cert().

307  {
308  const std::vector<uint8_t> signature = signer->sign_message(tbs_bits, rng);
309 
310  std::vector<uint8_t> output;
311  DER_Encoder(output)
312  .start_cons(SEQUENCE)
313  .raw_bytes(tbs_bits)
314  .encode(algo)
315  .encode(signature, BIT_STRING)
316  .end_cons();
317 
318  return output;
319  }
const std::vector< uint8_t > & signature() const
Definition: x509_obj.h:37

◆ path_limit()

size_t Botan::PKCS10_Request::path_limit ( ) const

Return the constraint on the path length defined in the BasicConstraints extension.

Returns
path limit

Definition at line 290 of file pkcs10.cpp.

References extensions(), Botan::OID::from_string(), Botan::Cert_Extension::Basic_Constraints::get_is_ca(), and Botan::Cert_Extension::Basic_Constraints::get_path_limit().

291  {
292  if(auto ext = extensions().get(OID::from_string("X509v3.BasicConstraints")))
293  {
294  Cert_Extension::Basic_Constraints& basic_constraints = dynamic_cast<Cert_Extension::Basic_Constraints&>(*ext);
295  if(basic_constraints.get_is_ca())
296  {
297  return basic_constraints.get_path_limit();
298  }
299  }
300 
301  return 0;
302  }
const Extensions & extensions() const
Definition: pkcs10.cpp:243
static OID from_string(const std::string &str)
Definition: asn1_oid.cpp:62

◆ PEM_encode()

std::string Botan::X509_Object::PEM_encode ( ) const
inherited
Returns
PEM encoding of this

Definition at line 122 of file x509_obj.cpp.

References Botan::ASN1_Object::BER_encode(), Botan::PEM_Code::encode(), and Botan::X509_Object::PEM_label().

123  {
125  }
virtual std::string PEM_label() const =0
std::vector< uint8_t > BER_encode() const
Definition: asn1_obj.cpp:16
std::string encode(const uint8_t der[], size_t length, const std::string &label, size_t width)
Definition: pem.cpp:43

◆ raw_public_key()

const std::vector< uint8_t > & Botan::PKCS10_Request::raw_public_key ( ) const

Get the raw DER encoded public key.

Returns
raw DER encoded public key

Definition at line 218 of file pkcs10.cpp.

Referenced by Botan::X509_CA::sign_request(), and subject_public_key().

219  {
220  return data().m_public_key_bits;
221  }

◆ signature()

const std::vector<uint8_t>& Botan::X509_Object::signature ( ) const
inlineinherited

◆ signature_algorithm()

const AlgorithmIdentifier& Botan::X509_Object::signature_algorithm ( ) const
inlineinherited
Returns
signature algorithm that was used to generate signature

Definition at line 47 of file x509_obj.h.

Referenced by Botan::X509_Object::encode_into(), Botan::X509_Object::hash_used_for_signature(), Botan::X509_Certificate::operator==(), Botan::X509_Certificate::to_string(), Botan::X509_Object::verify_signature(), and Botan::X509_CA::X509_CA().

47 { return m_sig_algo; }

◆ signed_body()

const std::vector<uint8_t>& Botan::X509_Object::signed_body ( ) const
inlineinherited
Returns
signed body

Definition at line 42 of file x509_obj.h.

Referenced by Botan::X509_Object::encode_into(), Botan::X509_Certificate::operator<(), and Botan::X509_Certificate::operator==().

42 { return m_tbs_bits; }

◆ subject_alt_name()

const AlternativeName & Botan::PKCS10_Request::subject_alt_name ( ) const

Get the subject alternative name.

Returns
subject alternative name.

Definition at line 235 of file pkcs10.cpp.

236  {
237  return data().m_alt_name;
238  }

◆ subject_dn()

const X509_DN & Botan::PKCS10_Request::subject_dn ( ) const

Get the subject DN.

Returns
subject DN

Definition at line 210 of file pkcs10.cpp.

Referenced by create(), and Botan::X509_CA::sign_request().

211  {
212  return data().m_subject_dn;
213  }

◆ subject_public_key()

Public_Key * Botan::PKCS10_Request::subject_public_key ( ) const

Get the subject public key.

Returns
subject public key

Definition at line 226 of file pkcs10.cpp.

References Botan::X509::load_key(), and raw_public_key().

227  {
228  DataSource_Memory source(raw_public_key());
229  return X509::load_key(source);
230  }
const std::vector< uint8_t > & raw_public_key() const
Definition: pkcs10.cpp:218
Public_Key * load_key(DataSource &source)
Definition: x509_key.cpp:37

◆ tbs_data()

std::vector< uint8_t > Botan::X509_Object::tbs_data ( ) const
inherited

The underlying data that is to be or was signed

Returns
data that is or was signed

Definition at line 130 of file x509_obj.cpp.

References Botan::ASN1::put_in_sequence().

Referenced by Botan::X509_Object::verify_signature().

131  {
132  return ASN1::put_in_sequence(m_tbs_bits);
133  }
std::vector< uint8_t > put_in_sequence(const std::vector< uint8_t > &contents)
Definition: asn1_obj.cpp:195

◆ verify_signature()

Certificate_Status_Code Botan::X509_Object::verify_signature ( const Public_Key key) const
inherited

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data
Returns
status of the signature - OK if verified or otherwise an indicator of the problem preventing verification.

Definition at line 184 of file x509_obj.cpp.

References Botan::Public_Key::algo_name(), Botan::Public_Key::default_x509_signature_format(), Botan::AlgorithmIdentifier::get_oid(), hash_algo, Botan::X509_Object::signature(), Botan::SIGNATURE_ALGO_BAD_PARAMS, Botan::SIGNATURE_ALGO_UNKNOWN, Botan::X509_Object::signature_algorithm(), Botan::SIGNATURE_ERROR, Botan::split_on(), Botan::X509_Object::tbs_data(), Botan::OID::to_formatted_string(), Botan::ASN1::to_string(), Botan::UNTRUSTED_HASH, Botan::VERIFIED, and Botan::PK_Verifier::verify_message().

Referenced by Botan::X509_Object::check_signature().

185  {
186  const std::vector<std::string> sig_info =
187  split_on(m_sig_algo.get_oid().to_formatted_string(), '/');
188 
189  if(sig_info.size() < 1 || sig_info.size() > 2 || sig_info[0] != pub_key.algo_name())
191 
192  const std::string pub_key_algo = sig_info[0];
193  std::string padding;
194  if(sig_info.size() == 2)
195  padding = sig_info[1];
196  else if(pub_key_algo == "Ed25519" || pub_key_algo == "XMSS")
197  padding = "Pure";
198  else
200 
201  const Signature_Format format = pub_key.default_x509_signature_format();
202 
203  if(padding == "EMSA4")
204  {
205  // "MUST contain RSASSA-PSS-params"
206  if(signature_algorithm().get_parameters().empty())
207  {
209  }
210 
211  Pss_params pss_parameter = decode_pss_params(signature_algorithm().get_parameters());
212 
213  // hash_algo must be SHA1, SHA2-224, SHA2-256, SHA2-384 or SHA2-512
214  const std::string hash_algo = pss_parameter.hash_algo.get_oid().to_formatted_string();
215  if(hash_algo != "SHA-160" &&
216  hash_algo != "SHA-224" &&
217  hash_algo != "SHA-256" &&
218  hash_algo != "SHA-384" &&
219  hash_algo != "SHA-512")
220  {
222  }
223 
224  const std::string mgf_algo = pss_parameter.mask_gen_algo.get_oid().to_formatted_string();
225  if(mgf_algo != "MGF1")
226  {
228  }
229 
230  // For MGF1, it is strongly RECOMMENDED that the underlying hash function be the same as the one identified by hashAlgorithm
231  // Must be SHA1, SHA2-224, SHA2-256, SHA2-384 or SHA2-512
232  if(pss_parameter.mask_gen_hash.get_oid() != pss_parameter.hash_algo.get_oid())
233  {
235  }
236 
237  if(pss_parameter.trailer_field != 1)
238  {
240  }
241 
242  padding += "(" + hash_algo + "," + mgf_algo + "," + std::to_string(pss_parameter.salt_len) + ")";
243  }
244  else
245  {
246  /*
247  * For all other signature types the signature parameters should
248  * be either NULL or empty. In theory there is some distinction between
249  * these but in practice they seem to be used somewhat interchangeably.
250  *
251  * The various RFCs all have prescriptions of what is allowed:
252  * RSA - NULL (RFC 3279)
253  * DSA - empty (RFC 3279)
254  * ECDSA - empty (RFC 3279)
255  * GOST - empty (RFC 4491)
256  * Ed25519 - empty (RFC 8410)
257  * XMSS - empty (draft-vangeest-x509-hash-sigs)
258  *
259  * But in practice we find RSA with empty and ECDSA will NULL all
260  * over the place so it's not really possible to enforce. For Ed25519
261  * and XMSS because they are new we attempt to enforce.
262  */
263  if(pub_key_algo == "Ed25519" || pub_key_algo == "XMSS")
264  {
265  if(!signature_algorithm().parameters_are_empty())
266  {
268  }
269  }
270  else
271  {
272  if(!signature_algorithm().parameters_are_null_or_empty())
273  {
275  }
276  }
277  }
278 
279  try
280  {
281  PK_Verifier verifier(pub_key, padding, format);
282  const bool valid = verifier.verify_message(tbs_data(), signature());
283 
284  if(valid)
286  else
288  }
289  catch(Algorithm_Not_Found&)
290  {
292  }
293  catch(...)
294  {
295  // This shouldn't happen, fallback to generic signature error
297  }
298  }
const AlgorithmIdentifier & signature_algorithm() const
Definition: x509_obj.h:47
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:148
Signature_Format
Definition: pk_keys.h:23
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:213
const std::vector< uint8_t > & signature() const
Definition: x509_obj.h:37
std::vector< uint8_t > tbs_data() const
Definition: x509_obj.cpp:130
AlgorithmIdentifier hash_algo
Definition: x509_obj.cpp:22
std::string to_formatted_string() const
Definition: asn1_oid.cpp:111
const OID & get_oid() const
Definition: asn1_obj.h:445

The documentation for this class was generated from the following files: