Botan  2.11.0
Crypto and TLS for C++11
Public Types | Public Member Functions | Static Public Member Functions | List of all members
Botan::Path_Validation_Result Class Referencefinal

#include <x509path.h>

Public Types

typedef Certificate_Status_Code Code
 

Public Member Functions

const CertificatePathStatusCodesall_statuses () const
 
const std::vector< std::shared_ptr< const X509_Certificate > > & cert_path () const
 
bool no_warnings () const
 
 Path_Validation_Result (CertificatePathStatusCodes status, std::vector< std::shared_ptr< const X509_Certificate >> &&cert_chain)
 
 Path_Validation_Result (Certificate_Status_Code status)
 
Certificate_Status_Code result () const
 
std::string result_string () const
 
bool successful_validation () const
 
const X509_Certificatetrust_root () const
 
std::set< std::string > trusted_hashes () const
 
CertificatePathStatusCodes warnings () const
 
std::string warnings_string () const
 

Static Public Member Functions

static const char * status_string (Certificate_Status_Code code)
 

Detailed Description

Represents the result of a PKIX path validation

Definition at line 125 of file x509path.h.

Member Typedef Documentation

◆ Code

typedef Certificate_Status_Code Botan::Path_Validation_Result::Code

Definition at line 128 of file x509path.h.

Constructor & Destructor Documentation

◆ Path_Validation_Result() [1/2]

Botan::Path_Validation_Result::Path_Validation_Result ( CertificatePathStatusCodes  status,
std::vector< std::shared_ptr< const X509_Certificate >> &&  cert_chain 
)

Create a Path_Validation_Result

Parameters
statuslist of validation status codes
cert_chainthe certificate chain that was validated

Definition at line 1000 of file x509path.cpp.

1001  :
1002  m_all_status(status),
1003  m_warnings(find_warnings(m_all_status)),
1004  m_cert_path(cert_chain),
1005  m_overall(PKIX::overall_status(m_all_status))
1006  {
1007  }
Botan::PKIX::overall_status
Certificate_Status_Code overall_status(const CertificatePathStatusCodes &cert_status)
Definition: x509path.cpp:809

◆ Path_Validation_Result() [2/2]

Botan::Path_Validation_Result::Path_Validation_Result ( Certificate_Status_Code  status)
inlineexplicit

Create a Path_Validation_Result

Parameters
statusvalidation status code

Definition at line 202 of file x509path.h.

202 : m_overall(status) {}

Member Function Documentation

◆ all_statuses()

const CertificatePathStatusCodes& Botan::Path_Validation_Result::all_statuses ( ) const
inline
Returns
a set of status codes for each certificate in the chain

Definition at line 166 of file x509path.h.

167  { return m_all_status; }

◆ cert_path()

const std::vector<std::shared_ptr<const X509_Certificate> >& Botan::Path_Validation_Result::cert_path ( ) const
inline
Returns
the full path from subject to trust root This path may be empty

Definition at line 146 of file x509path.h.

146 { return m_cert_path; }

◆ no_warnings()

bool Botan::Path_Validation_Result::no_warnings ( ) const
Returns
true iff no warnings occured during validation

Definition at line 1034 of file x509path.cpp.

1035  {
1036  for(auto status_set_i : m_warnings)
1037  if(!status_set_i.empty())
1038  return false;
1039  return true;
1040  }

◆ result()

Certificate_Status_Code Botan::Path_Validation_Result::result ( ) const
inline
Returns
overall validation result code

Definition at line 161 of file x509path.h.

Referenced by result_string(), successful_validation(), and trust_root().

161 { return m_overall; }

◆ result_string()

std::string Botan::Path_Validation_Result::result_string ( ) const
Returns
string representation of the validation result

Definition at line 1047 of file x509path.cpp.

References result(), and status_string().

1048  {
1049  return status_string(result());
1050  }
Botan::Path_Validation_Result::status_string
static const char * status_string(Certificate_Status_Code code)
Definition: x509path.cpp:1052
Botan::Path_Validation_Result::result
Certificate_Status_Code result() const
Definition: x509path.h:161

◆ status_string()

const char * Botan::Path_Validation_Result::status_string ( Certificate_Status_Code  code)
static
Parameters
codevalidation status code
Returns
corresponding validation status message

Definition at line 1052 of file x509path.cpp.

References Botan::to_string().

Referenced by result_string(), and warnings_string().

1053  {
1054  if(const char* s = to_string(code))
1055  return s;
1056 
1057  return "Unknown error";
1058  }
Botan::to_string
std::string to_string(ErrorType type)
Convert an ErrorType to string.
Definition: exceptn.cpp:11

◆ successful_validation()

bool Botan::Path_Validation_Result::successful_validation ( ) const
Returns
true iff the validation was successful

Definition at line 1027 of file x509path.cpp.

References Botan::OCSP_RESPONSE_GOOD, result(), Botan::VALID_CRL_CHECKED, and Botan::VERIFIED.

1028  {
1029  return (result() == Certificate_Status_Code::VERIFIED ||
1030  result() == Certificate_Status_Code::OCSP_RESPONSE_GOOD ||
1031  result() == Certificate_Status_Code::VALID_CRL_CHECKED);
1032  }
Botan::Path_Validation_Result::result
Certificate_Status_Code result() const
Definition: x509path.h:161

◆ trust_root()

const X509_Certificate & Botan::Path_Validation_Result::trust_root ( ) const
Returns
the trust root of the validation if successful throws an exception if the validation failed

Definition at line 1009 of file x509path.cpp.

References result(), and Botan::VERIFIED.

1010  {
1011  if(m_cert_path.empty())
1012  throw Invalid_State("Path_Validation_Result::trust_root no path set");
1013  if(result() != Certificate_Status_Code::VERIFIED)
1014  throw Invalid_State("Path_Validation_Result::trust_root meaningless with invalid status");
1015 
1016  return *m_cert_path[m_cert_path.size()-1];
1017  }
Botan::Path_Validation_Result::result
Certificate_Status_Code result() const
Definition: x509path.h:161

◆ trusted_hashes()

std::set< std::string > Botan::Path_Validation_Result::trusted_hashes ( ) const
Returns
the set of hash functions you are implicitly trusting by trusting this result.

Definition at line 1019 of file x509path.cpp.

1020  {
1021  std::set<std::string> hashes;
1022  for(size_t i = 0; i != m_cert_path.size(); ++i)
1023  hashes.insert(m_cert_path[i]->hash_used_for_signature());
1024  return hashes;
1025  }

◆ warnings()

CertificatePathStatusCodes Botan::Path_Validation_Result::warnings ( ) const
Returns
the subset of status codes that are warnings

Definition at line 1042 of file x509path.cpp.

1043  {
1044  return m_warnings;
1045  }

◆ warnings_string()

std::string Botan::Path_Validation_Result::warnings_string ( ) const
Returns
string representation of the warnings

Definition at line 1060 of file x509path.cpp.

References status_string(), and Botan::ASN1::to_string().

1061  {
1062  const std::string sep(", ");
1063  std::string res;
1064  for(size_t i = 0; i < m_warnings.size(); i++)
1065  {
1066  for(auto code : m_warnings[i])
1067  res += "[" + std::to_string(i) + "] " + status_string(code) + sep;
1068  }
1069  // remove last sep
1070  if(res.size() >= sep.size())
1071  res = res.substr(0, res.size() - sep.size());
1072  return res;
1073  }
Botan::ASN1::to_string
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:213
Botan::Path_Validation_Result::status_string
static const char * status_string(Certificate_Status_Code code)
Definition: x509path.cpp:1052
The documentation for this class was generated from the following files:
Generated by   doxygen 1.8.14