Botan  2.6.0
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | Protected Member Functions | List of all members
Botan::X509_Object Class Referenceabstract

#include <x509_obj.h>

Inheritance diagram for Botan::X509_Object:
Botan::ASN1_Object Botan::PKCS10_Request Botan::X509_Certificate Botan::X509_CRL

Public Member Functions

virtual std::vector< std::string > alternate_PEM_labels () const
 
std::vector< uint8_t > BER_encode () const
 
bool check_signature (const Public_Key &key) const
 
bool check_signature (const Public_Key *key) const
 
void decode_from (class BER_Decoder &from) override
 
void encode_into (class DER_Encoder &to) const override
 
std::string hash_used_for_signature () const
 
X509_Objectoperator= (const X509_Object &)=default
 
std::string PEM_encode () const
 
virtual std::string PEM_label () const =0
 
const std::vector< uint8_t > & signature () const
 
const AlgorithmIdentifiersignature_algorithm () const
 
const std::vector< uint8_t > & signed_body () const
 
std::vector< uint8_t > tbs_data () const
 
Certificate_Status_Code verify_signature (const Public_Key &key) const
 
 X509_Object (const X509_Object &)=default
 
virtual ~X509_Object ()=default
 

Static Public Member Functions

static std::unique_ptr< PK_Signerchoose_sig_format (AlgorithmIdentifier &sig_algo, const Private_Key &key, RandomNumberGenerator &rng, const std::string &hash_fn, const std::string &padding_algo)
 
static std::vector< uint8_t > make_signed (class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const secure_vector< uint8_t > &tbs)
 

Protected Member Functions

void load_data (DataSource &src)
 
 X509_Object ()=default
 

Detailed Description

This class represents abstract X.509 signed objects as in the X.500 SIGNED macro

Definition at line 26 of file x509_obj.h.

Constructor & Destructor Documentation

◆ X509_Object() [1/2]

Botan::X509_Object::X509_Object ( const X509_Object )
default

◆ ~X509_Object()

virtual Botan::X509_Object::~X509_Object ( )
virtualdefault

◆ X509_Object() [2/2]

Botan::X509_Object::X509_Object ( )
protecteddefault

Member Function Documentation

◆ alternate_PEM_labels()

virtual std::vector<std::string> Botan::X509_Object::alternate_PEM_labels ( ) const
inlinevirtual

Definition at line 119 of file x509_obj.h.

Referenced by load_data().

120  { return std::vector<std::string>(); }

◆ BER_encode()

std::vector< uint8_t > Botan::X509_Object::BER_encode ( ) const
Returns
BER encoding of this

Definition at line 123 of file x509_obj.cpp.

References encode_into(), and Botan::DER_Encoder::get_contents_unlocked().

Referenced by Botan::X509_Certificate::fingerprint(), and PEM_encode().

124  {
125  DER_Encoder der;
126  encode_into(der);
127  return der.get_contents_unlocked();
128  }
void encode_into(class DER_Encoder &to) const override
Definition: x509_obj.cpp:93

◆ check_signature() [1/2]

bool Botan::X509_Object::check_signature ( const Public_Key key) const

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data
Returns
true if the signature is valid, otherwise false

Definition at line 188 of file x509_obj.cpp.

References Botan::VERIFIED, and verify_signature().

Referenced by check_signature().

189  {
190  const Certificate_Status_Code code = verify_signature(pub_key);
191  return (code == Certificate_Status_Code::VERIFIED);
192  }
Certificate_Status_Code verify_signature(const Public_Key &key) const
Definition: x509_obj.cpp:194
Certificate_Status_Code
Definition: cert_status.h:18

◆ check_signature() [2/2]

bool Botan::X509_Object::check_signature ( const Public_Key key) const

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data the object will be deleted after use (this should have been a std::unique_ptr<Public_Key>)
Returns
true if the signature is valid, otherwise false

Definition at line 180 of file x509_obj.cpp.

References check_signature(), and PEM_label().

181  {
182  if(!pub_key)
183  throw Exception("No key provided for " + PEM_label() + " signature check");
184  std::unique_ptr<const Public_Key> key(pub_key);
185  return check_signature(*key);
186  }
virtual std::string PEM_label() const =0
bool check_signature(const Public_Key &key) const
Definition: x509_obj.cpp:188

◆ choose_sig_format()

std::unique_ptr< PK_Signer > Botan::X509_Object::choose_sig_format ( AlgorithmIdentifier sig_algo,
const Private_Key key,
RandomNumberGenerator rng,
const std::string &  hash_fn,
const std::string &  padding_algo 
)
static

Definition at line 374 of file x509_obj.cpp.

References Botan::DER_SEQUENCE, Botan::IEEE_1363, and Botan::Public_Key::message_parts().

Referenced by Botan::choose_sig_format(), and Botan::PKCS10_Request::create().

379  {
380  const Signature_Format format = (key.message_parts() > 1) ? DER_SEQUENCE : IEEE_1363;
381 
382  const std::string emsa = choose_sig_algo(sig_algo, key, hash_fn, padding_algo);
383 
384  return std::unique_ptr<PK_Signer>(new PK_Signer(key, rng, emsa, format));
385  }
Signature_Format
Definition: pubkey.h:27

◆ decode_from()

void Botan::X509_Object::decode_from ( class BER_Decoder from)
overridevirtual

Decode a BER encoded X509_Object See ASN1_Object::decode_from()

Implements Botan::ASN1_Object.

Definition at line 107 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::BER_Decoder::decode(), Botan::BER_Decoder::end_cons(), Botan::BER_Decoder::raw_bytes(), Botan::SEQUENCE, and Botan::BER_Decoder::start_cons().

Referenced by load_data().

108  {
109  from.start_cons(SEQUENCE)
110  .start_cons(SEQUENCE)
111  .raw_bytes(m_tbs_bits)
112  .end_cons()
113  .decode(m_sig_algo)
114  .decode(m_sig, BIT_STRING)
115  .end_cons();
116 
117  force_decode();
118  }

◆ encode_into()

void Botan::X509_Object::encode_into ( class DER_Encoder to) const
overridevirtual

DER encode an X509_Object See ASN1_Object::encode_into()

Implements Botan::ASN1_Object.

Definition at line 93 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, signature(), signature_algorithm(), signed_body(), and Botan::DER_Encoder::start_cons().

Referenced by BER_encode(), and Botan::Certificate_Store_In_SQL::insert_cert().

94  {
95  to.start_cons(SEQUENCE)
96  .start_cons(SEQUENCE)
97  .raw_bytes(signed_body())
98  .end_cons()
99  .encode(signature_algorithm())
100  .encode(signature(), BIT_STRING)
101  .end_cons();
102  }
const AlgorithmIdentifier & signature_algorithm() const
Definition: x509_obj.h:48
const std::vector< uint8_t > & signature() const
Definition: x509_obj.h:38
const std::vector< uint8_t > & signed_body() const
Definition: x509_obj.h:43

◆ hash_used_for_signature()

std::string Botan::X509_Object::hash_used_for_signature ( ) const
Returns
hash algorithm that was used to generate signature

Definition at line 149 of file x509_obj.cpp.

References Botan::OID::as_string(), Botan::AlgorithmIdentifier::get_oid(), hash_algo, Botan::OIDS::lookup(), Botan::parse_algorithm_name(), signature_algorithm(), and Botan::split_on().

150  {
151  const OID& oid = m_sig_algo.get_oid();
152  const std::vector<std::string> sig_info = split_on(OIDS::lookup(oid), '/');
153 
154  if(sig_info.size() == 1 && sig_info[0] == "Ed25519")
155  return "SHA-512";
156  else if(sig_info.size() != 2)
157  throw Internal_Error("Invalid name format found for " + oid.as_string());
158 
159  if(sig_info[1] == "EMSA4")
160  {
161  return OIDS::lookup(decode_pss_params(signature_algorithm().get_parameters()).hash_algo.get_oid());
162  }
163  else
164  {
165  const std::vector<std::string> pad_and_hash =
166  parse_algorithm_name(sig_info[1]);
167 
168  if(pad_and_hash.size() != 2)
169  {
170  throw Internal_Error("Invalid name format " + sig_info[1]);
171  }
172 
173  return pad_and_hash[1];
174  }
175  }
const AlgorithmIdentifier & signature_algorithm() const
Definition: x509_obj.h:48
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:144
std::vector< std::string > parse_algorithm_name(const std::string &namex)
Definition: parsing.cpp:91
AlgorithmIdentifier hash_algo
Definition: x509_obj.cpp:23
const OID & get_oid() const
Definition: alg_id.h:37
std::string lookup(const OID &oid)
Definition: oids.cpp:113

◆ load_data()

void Botan::X509_Object::load_data ( DataSource src)
protected

Decodes from src as either DER or PEM data, then calls force_decode()

Definition at line 53 of file x509_obj.cpp.

References alternate_PEM_labels(), Botan::PEM_Code::decode(), decode_from(), Botan::PEM_Code::matches(), Botan::ASN1::maybe_BER(), PEM_label(), and Botan::Exception::what().

Referenced by Botan::PKCS10_Request::PKCS10_Request(), Botan::X509_Certificate::X509_Certificate(), and Botan::X509_CRL::X509_CRL().

54  {
55  try {
56  if(ASN1::maybe_BER(in) && !PEM_Code::matches(in))
57  {
58  BER_Decoder dec(in);
59  decode_from(dec);
60  }
61  else
62  {
63  std::string got_label;
64  DataSource_Memory ber(PEM_Code::decode(in, got_label));
65 
66  if(got_label != PEM_label())
67  {
68  bool is_alternate = false;
69  for(std::string alt_label : alternate_PEM_labels())
70  {
71  if(got_label == alt_label)
72  {
73  is_alternate = true;
74  break;
75  }
76  }
77 
78  if(!is_alternate)
79  throw Decoding_Error("Unexpected PEM label for " + PEM_label() + " of " + got_label);
80  }
81 
82  BER_Decoder dec(ber);
83  decode_from(dec);
84  }
85  }
86  catch(Decoding_Error& e)
87  {
88  throw Decoding_Error(PEM_label() + " decoding failed: " + e.what());
89  }
90  }
virtual std::vector< std::string > alternate_PEM_labels() const
Definition: x509_obj.h:119
virtual std::string PEM_label() const =0
bool maybe_BER(DataSource &source)
Definition: asn1_obj.cpp:154
void decode_from(class BER_Decoder &from) override
Definition: x509_obj.cpp:107
bool matches(DataSource &source, const std::string &extra, size_t search_range)
Definition: pem.cpp:142
secure_vector< uint8_t > decode(DataSource &source, std::string &label)
Definition: pem.cpp:68

◆ make_signed()

std::vector< uint8_t > Botan::X509_Object::make_signed ( class PK_Signer signer,
RandomNumberGenerator rng,
const AlgorithmIdentifier alg_id,
const secure_vector< uint8_t > &  tbs 
)
static

Create a signed X509 object.

Parameters
signerthe signer used to sign the object
rngthe random number generator to use
alg_idthe algorithm identifier of the signature scheme
tbsthe tbs bits to be signed
Returns
signed X509 object

Definition at line 280 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents_unlocked(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::PK_Signer::sign_message(), signature(), and Botan::DER_Encoder::start_cons().

Referenced by Botan::PKCS10_Request::create(), and Botan::X509_CA::make_cert().

284  {
285  const std::vector<uint8_t> signature = signer->sign_message(tbs_bits, rng);
286 
287  return DER_Encoder()
288  .start_cons(SEQUENCE)
289  .raw_bytes(tbs_bits)
290  .encode(algo)
291  .encode(signature, BIT_STRING)
292  .end_cons()
293  .get_contents_unlocked();
294  }
const std::vector< uint8_t > & signature() const
Definition: x509_obj.h:38

◆ operator=()

X509_Object& Botan::X509_Object::operator= ( const X509_Object )
default

◆ PEM_encode()

std::string Botan::X509_Object::PEM_encode ( ) const
Returns
PEM encoding of this

Definition at line 133 of file x509_obj.cpp.

References BER_encode(), Botan::PEM_Code::encode(), and PEM_label().

134  {
136  }
virtual std::string PEM_label() const =0
std::string encode(const uint8_t der[], size_t length, const std::string &label, size_t width)
Definition: pem.cpp:43
std::vector< uint8_t > BER_encode() const
Definition: x509_obj.cpp:123

◆ PEM_label()

virtual std::string Botan::X509_Object::PEM_label ( ) const
pure virtual

◆ signature()

const std::vector<uint8_t>& Botan::X509_Object::signature ( ) const
inline
Returns
signature on tbs_data()

Definition at line 38 of file x509_obj.h.

Referenced by encode_into(), make_signed(), Botan::X509_Certificate::operator<(), Botan::X509_Certificate::operator==(), and verify_signature().

38 { return m_sig; }

◆ signature_algorithm()

const AlgorithmIdentifier& Botan::X509_Object::signature_algorithm ( ) const
inline
Returns
signature algorithm that was used to generate signature

Definition at line 48 of file x509_obj.h.

Referenced by encode_into(), hash_used_for_signature(), Botan::X509_Certificate::operator==(), Botan::X509_Certificate::to_string(), verify_signature(), and Botan::X509_CA::X509_CA().

48 { return m_sig_algo; }

◆ signed_body()

const std::vector<uint8_t>& Botan::X509_Object::signed_body ( ) const
inline
Returns
signed body

Definition at line 43 of file x509_obj.h.

Referenced by encode_into(), Botan::X509_Certificate::operator<(), and Botan::X509_Certificate::operator==().

43 { return m_tbs_bits; }

◆ tbs_data()

std::vector< uint8_t > Botan::X509_Object::tbs_data ( ) const

The underlying data that is to be or was signed

Returns
data that is or was signed

Definition at line 141 of file x509_obj.cpp.

References Botan::ASN1::put_in_sequence().

Referenced by verify_signature().

142  {
143  return ASN1::put_in_sequence(m_tbs_bits);
144  }
std::vector< uint8_t > put_in_sequence(const std::vector< uint8_t > &contents)
Definition: asn1_obj.cpp:128

◆ verify_signature()

Certificate_Status_Code Botan::X509_Object::verify_signature ( const Public_Key key) const

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data
Returns
status of the signature - OK if verified or otherwise an indicator of the problem preventing verification.

Definition at line 194 of file x509_obj.cpp.

References Botan::Public_Key::algo_name(), Botan::DER_SEQUENCE, Botan::AlgorithmIdentifier::get_oid(), hash_algo, Botan::IEEE_1363, Botan::OIDS::lookup(), Botan::Public_Key::message_parts(), Botan::AlgorithmIdentifier::parameters, signature(), Botan::SIGNATURE_ALGO_BAD_PARAMS, Botan::SIGNATURE_ALGO_UNKNOWN, signature_algorithm(), Botan::SIGNATURE_ERROR, Botan::split_on(), tbs_data(), Botan::ASN1::to_string(), Botan::UNTRUSTED_HASH, Botan::VERIFIED, and Botan::PK_Verifier::verify_message().

Referenced by check_signature().

195  {
196  const std::vector<std::string> sig_info =
197  split_on(OIDS::lookup(m_sig_algo.get_oid()), '/');
198 
199  if(sig_info.size() < 1 || sig_info.size() > 2 || sig_info[0] != pub_key.algo_name())
201 
202  std::string padding;
203  if(sig_info.size() == 2)
204  padding = sig_info[1];
205  else if(sig_info[0] == "Ed25519")
206  padding = "Pure";
207  else
209 
210  const Signature_Format format =
211  (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
212 
213  if(padding == "EMSA4")
214  {
215  // "MUST contain RSASSA-PSS-params"
216  if(signature_algorithm().parameters.empty())
217  {
219  }
220 
221  Pss_params pss_parameter = decode_pss_params(signature_algorithm().parameters);
222 
223  // hash_algo must be SHA1, SHA2-224, SHA2-256, SHA2-384 or SHA2-512
224  const std::string hash_algo = OIDS::lookup(pss_parameter.hash_algo.oid);
225  if(hash_algo != "SHA-160" &&
226  hash_algo != "SHA-224" &&
227  hash_algo != "SHA-256" &&
228  hash_algo != "SHA-384" &&
229  hash_algo != "SHA-512")
230  {
232  }
233 
234  const std::string mgf_algo = OIDS::lookup(pss_parameter.mask_gen_algo.oid);
235  if(mgf_algo != "MGF1")
236  {
238  }
239 
240  // For MGF1, it is strongly RECOMMENDED that the underlying hash function be the same as the one identified by hashAlgorithm
241  // Must be SHA1, SHA2-224, SHA2-256, SHA2-384 or SHA2-512
242  if(pss_parameter.mask_gen_hash.oid != pss_parameter.hash_algo.oid)
243  {
245  }
246 
247  if(pss_parameter.trailer_field != 1)
248  {
250  }
251 
252  // salt_len is actually not used for verification. Length is inferred from the signature
253  padding += "(" + hash_algo + "," + mgf_algo + "," + std::to_string(pss_parameter.salt_len) + ")";
254  }
255 
256  try
257  {
258  PK_Verifier verifier(pub_key, padding, format);
259  const bool valid = verifier.verify_message(tbs_data(), signature());
260 
261  if(valid)
263  else
265  }
266  catch(Algorithm_Not_Found&)
267  {
269  }
270  catch(...)
271  {
272  // This shouldn't happen, fallback to generic signature error
274  }
275  }
const AlgorithmIdentifier & signature_algorithm() const
Definition: x509_obj.h:48
std::vector< uint8_t > parameters
Definition: alg_id.h:46
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:144
Signature_Format
Definition: pubkey.h:27
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:145
const std::vector< uint8_t > & signature() const
Definition: x509_obj.h:38
std::vector< uint8_t > tbs_data() const
Definition: x509_obj.cpp:141
AlgorithmIdentifier hash_algo
Definition: x509_obj.cpp:23
const OID & get_oid() const
Definition: alg_id.h:37
std::string lookup(const OID &oid)
Definition: oids.cpp:113

The documentation for this class was generated from the following files: