Botan  1.11.34
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
Botan::X509_Object Class Referenceabstract

#include <x509_obj.h>

Inheritance diagram for Botan::X509_Object:
Botan::ASN1_Object Botan::PKCS10_Request Botan::X509_Certificate Botan::X509_CRL

Public Member Functions

std::vector< byteBER_encode () const
 
bool check_signature (const Public_Key &key) const
 
bool check_signature (const Public_Key *key) const
 
void decode_from (class BER_Decoder &from) override
 
void encode_into (class DER_Encoder &to) const override
 
std::string hash_used_for_signature () const
 
std::string PEM_encode () const
 
std::vector< bytesignature () const
 
AlgorithmIdentifier signature_algorithm () const
 
std::vector< bytetbs_data () const
 
virtual ~X509_Object ()
 

Static Public Member Functions

static std::vector< bytemake_signed (class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const secure_vector< byte > &tbs)
 

Protected Member Functions

void do_decode ()
 
 X509_Object (DataSource &src, const std::string &pem_labels)
 
 X509_Object (const std::vector< byte > &vec, const std::string &labels)
 
 X509_Object ()
 

Protected Attributes

std::vector< bytem_sig
 
AlgorithmIdentifier m_sig_algo
 
std::vector< bytem_tbs_bits
 

Detailed Description

This class represents abstract X.509 signed objects as in the X.500 SIGNED macro

Definition at line 22 of file x509_obj.h.

Constructor & Destructor Documentation

§ ~X509_Object()

virtual Botan::X509_Object::~X509_Object ( )
inlinevirtual

Definition at line 96 of file x509_obj.h.

96 {}

§ X509_Object() [1/3]

Botan::X509_Object::X509_Object ( DataSource src,
const std::string &  pem_labels 
)
protected

Definition at line 23 of file x509_obj.cpp.

References X509_Object().

24  {
25  init(stream, labels);
26  }

§ X509_Object() [2/3]

Botan::X509_Object::X509_Object ( const std::vector< byte > &  vec,
const std::string &  labels 
)
protected

Definition at line 42 of file x509_obj.cpp.

References Botan::PEM_Code::decode(), decode_from(), Botan::PEM_Code::matches(), Botan::ASN1::maybe_BER(), Botan::split_on(), and Botan::Exception::what().

43  {
44  DataSource_Memory stream(vec.data(), vec.size());
45  init(stream, labels);
46  }

§ X509_Object() [3/3]

Botan::X509_Object::X509_Object ( )
inlineprotected

Member Function Documentation

§ BER_encode()

std::vector< byte > Botan::X509_Object::BER_encode ( ) const
Returns
BER encoding of this

Definition at line 115 of file x509_obj.cpp.

References encode_into(), and Botan::DER_Encoder::get_contents_unlocked().

Referenced by Botan::X509_Certificate::fingerprint(), and PEM_encode().

116  {
117  DER_Encoder der;
118  encode_into(der);
119  return der.get_contents_unlocked();
120  }
void encode_into(class DER_Encoder &to) const override
Definition: x509_obj.cpp:86

§ check_signature() [1/2]

bool Botan::X509_Object::check_signature ( const Public_Key key) const

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data
Returns
true if the signature is valid, otherwise false

Definition at line 189 of file x509_obj.cpp.

References Botan::Public_Key::algo_name(), Botan::DER_SEQUENCE, Botan::IEEE_1363, Botan::OIDS::lookup(), m_sig_algo, Botan::Public_Key::message_parts(), Botan::AlgorithmIdentifier::oid, signature(), Botan::split_on(), tbs_data(), and Botan::PK_Verifier::verify_message().

Referenced by check_signature(), Botan::PKCS10_Request::PKCS10_Request(), and Botan::X509_Certificate::X509_Certificate().

190  {
191  try {
192  std::vector<std::string> sig_info =
194 
195  if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name())
196  return false;
197 
198  std::string padding = sig_info[1];
199  Signature_Format format =
200  (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
201 
202  PK_Verifier verifier(pub_key, padding, format);
203 
204  return verifier.verify_message(tbs_data(), signature());
205  }
206  catch(std::exception&)
207  {
208  return false;
209  }
210  }
AlgorithmIdentifier m_sig_algo
Definition: x509_obj.h:107
Signature_Format
Definition: pubkey.h:29
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:138
std::vector< byte > signature() const
Definition: x509_obj.cpp:141
std::string lookup(const OID &oid)
Definition: oids.cpp:18
std::vector< byte > tbs_data() const
Definition: x509_obj.cpp:133

§ check_signature() [2/2]

bool Botan::X509_Object::check_signature ( const Public_Key key) const

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data the pointer will be deleted after use
Returns
true if the signature is valid, otherwise false

Definition at line 178 of file x509_obj.cpp.

References check_signature().

179  {
180  if(!pub_key)
181  throw Exception("No key provided for " + m_PEM_label_pref + " signature check");
182  std::unique_ptr<const Public_Key> key(pub_key);
183  return check_signature(*key);
184 }
bool check_signature(const Public_Key &key) const
Definition: x509_obj.cpp:189

§ decode_from()

void Botan::X509_Object::decode_from ( class BER_Decoder from)
overridevirtual

Decode a BER encoded X509_Object See ASN1_Object::decode_from()

Implements Botan::ASN1_Object.

Definition at line 100 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::BER_Decoder::decode(), Botan::BER_Decoder::end_cons(), m_sig, m_sig_algo, m_tbs_bits, Botan::BER_Decoder::raw_bytes(), Botan::SEQUENCE, Botan::BER_Decoder::start_cons(), and Botan::BER_Decoder::verify_end().

Referenced by X509_Object().

101  {
102  from.start_cons(SEQUENCE)
103  .start_cons(SEQUENCE)
104  .raw_bytes(m_tbs_bits)
105  .end_cons()
106  .decode(m_sig_algo)
107  .decode(m_sig, BIT_STRING)
108  .verify_end()
109  .end_cons();
110  }
AlgorithmIdentifier m_sig_algo
Definition: x509_obj.h:107
std::vector< byte > m_tbs_bits
Definition: x509_obj.h:108
std::vector< byte > m_sig
Definition: x509_obj.h:108

§ do_decode()

void Botan::X509_Object::do_decode ( )
protected

Definition at line 232 of file x509_obj.cpp.

References Botan::Exception::what().

Referenced by Botan::PKCS10_Request::PKCS10_Request(), Botan::X509_Certificate::X509_Certificate(), and Botan::X509_CRL::X509_CRL().

233  {
234  try {
235  force_decode();
236  }
237  catch(Decoding_Error& e)
238  {
239  throw Decoding_Error(m_PEM_label_pref + " decoding failed (" +
240  e.what() + ")");
241  }
242  catch(Invalid_Argument& e)
243  {
244  throw Decoding_Error(m_PEM_label_pref + " decoding failed (" +
245  e.what() + ")");
246  }
247  }

§ encode_into()

void Botan::X509_Object::encode_into ( class DER_Encoder to) const
overridevirtual

DER encode an X509_Object See ASN1_Object::encode_into()

Implements Botan::ASN1_Object.

Definition at line 86 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), m_sig, m_sig_algo, m_tbs_bits, Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

Referenced by BER_encode(), and Botan::Certificate_Store_In_SQL::insert_cert().

87  {
88  to.start_cons(SEQUENCE)
89  .start_cons(SEQUENCE)
90  .raw_bytes(m_tbs_bits)
91  .end_cons()
92  .encode(m_sig_algo)
93  .encode(m_sig, BIT_STRING)
94  .end_cons();
95  }
AlgorithmIdentifier m_sig_algo
Definition: x509_obj.h:107
std::vector< byte > m_tbs_bits
Definition: x509_obj.h:108
std::vector< byte > m_sig
Definition: x509_obj.h:108

§ hash_used_for_signature()

std::string Botan::X509_Object::hash_used_for_signature ( ) const
Returns
hash algorithm that was used to generate signature

Definition at line 157 of file x509_obj.cpp.

References Botan::OID::as_string(), Botan::OIDS::lookup(), m_sig_algo, Botan::AlgorithmIdentifier::oid, Botan::parse_algorithm_name(), and Botan::split_on().

158  {
159  std::vector<std::string> sig_info =
161 
162  if(sig_info.size() != 2)
163  throw Internal_Error("Invalid name format found for " +
165 
166  std::vector<std::string> pad_and_hash =
167  parse_algorithm_name(sig_info[1]);
168 
169  if(pad_and_hash.size() != 2)
170  throw Internal_Error("Invalid name format " + sig_info[1]);
171 
172  return pad_and_hash[1];
173  }
std::vector< std::string > parse_algorithm_name(const std::string &namex)
Definition: parsing.cpp:85
AlgorithmIdentifier m_sig_algo
Definition: x509_obj.h:107
std::string as_string() const
Definition: asn1_oid.cpp:50
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:138
std::string lookup(const OID &oid)
Definition: oids.cpp:18

§ make_signed()

std::vector< byte > Botan::X509_Object::make_signed ( class PK_Signer signer,
RandomNumberGenerator rng,
const AlgorithmIdentifier alg_id,
const secure_vector< byte > &  tbs 
)
static

Create a signed X509 object.

Parameters
signerthe signer used to sign the object
rngthe random number generator to use
alg_idthe algorithm identifier of the signature scheme
tbsthe tbs bits to be signed
Returns
signed X509 object

Definition at line 215 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::get_contents_unlocked(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::PK_Signer::sign_message(), and Botan::DER_Encoder::start_cons().

Referenced by Botan::X509::create_cert_req(), Botan::X509_CA::make_cert(), and Botan::X509_CA::update_crl().

219  {
220  return DER_Encoder()
221  .start_cons(SEQUENCE)
222  .raw_bytes(tbs_bits)
223  .encode(algo)
224  .encode(signer->sign_message(tbs_bits, rng), BIT_STRING)
225  .end_cons()
226  .get_contents_unlocked();
227  }

§ PEM_encode()

std::string Botan::X509_Object::PEM_encode ( ) const
Returns
PEM encoding of this

Definition at line 125 of file x509_obj.cpp.

References BER_encode(), and Botan::PEM_Code::encode().

126  {
127  return PEM_Code::encode(BER_encode(), m_PEM_label_pref);
128  }
std::vector< byte > BER_encode() const
Definition: x509_obj.cpp:115
std::string encode(const byte der[], size_t length, const std::string &label, size_t width)
Definition: pem.cpp:43

§ signature()

std::vector< byte > Botan::X509_Object::signature ( ) const
Returns
signature on tbs_data()

Definition at line 141 of file x509_obj.cpp.

References m_sig.

Referenced by check_signature().

142  {
143  return m_sig;
144  }
std::vector< byte > m_sig
Definition: x509_obj.h:108

§ signature_algorithm()

AlgorithmIdentifier Botan::X509_Object::signature_algorithm ( ) const
Returns
signature algorithm that was used to generate signature

Definition at line 149 of file x509_obj.cpp.

References m_sig_algo.

Referenced by Botan::X509_Certificate::to_string().

150  {
151  return m_sig_algo;
152  }
AlgorithmIdentifier m_sig_algo
Definition: x509_obj.h:107

§ tbs_data()

std::vector< byte > Botan::X509_Object::tbs_data ( ) const

The underlying data that is to be or was signed

Returns
data that is or was signed

Definition at line 133 of file x509_obj.cpp.

References m_tbs_bits, and Botan::ASN1::put_in_sequence().

Referenced by check_signature().

134  {
136  }
std::vector< byte > m_tbs_bits
Definition: x509_obj.h:108
std::vector< byte > put_in_sequence(const std::vector< byte > &contents)
Definition: asn1_obj.cpp:35

Member Data Documentation

§ m_sig

std::vector<byte> Botan::X509_Object::m_sig
protected

§ m_sig_algo

AlgorithmIdentifier Botan::X509_Object::m_sig_algo
protected

§ m_tbs_bits

std::vector<byte> Botan::X509_Object::m_tbs_bits
protected

The documentation for this class was generated from the following files: