ffi_cert.cpp File Reference

#include <botan/ffi.h>
#include <botan/internal/ffi_util.h>
#include <botan/internal/ffi_pkey.h>
#include <memory>

Go to the source code of this file.

Functions
int	botan_x509_cert_allowed_usage (botan_x509_cert_t cert, unsigned int key_usage)
int	botan_x509_cert_destroy (botan_x509_cert_t cert)
int	botan_x509_cert_dup (botan_x509_cert_t *cert_obj, botan_x509_cert_t cert)
int	botan_x509_cert_get_authority_key_id (botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
int	botan_x509_cert_get_fingerprint (botan_x509_cert_t cert, const char *hash, uint8_t out[], size_t *out_len)
int	botan_x509_cert_get_issuer_dn (botan_x509_cert_t cert, const char *key, size_t index, uint8_t out[], size_t *out_len)
int	botan_x509_cert_get_public_key (botan_x509_cert_t cert, botan_pubkey_t *key)
int	botan_x509_cert_get_public_key_bits (botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
int	botan_x509_cert_get_serial_number (botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
int	botan_x509_cert_get_subject_dn (botan_x509_cert_t cert, const char *key, size_t index, uint8_t out[], size_t *out_len)
int	botan_x509_cert_get_subject_key_id (botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
int	botan_x509_cert_get_time_expires (botan_x509_cert_t cert, char out[], size_t *out_len)
int	botan_x509_cert_get_time_starts (botan_x509_cert_t cert, char out[], size_t *out_len)
int	botan_x509_cert_hostname_match (botan_x509_cert_t cert, const char *hostname)
int	botan_x509_cert_load (botan_x509_cert_t *cert_obj, const uint8_t cert_bits[], size_t cert_bits_len)
int	botan_x509_cert_load_file (botan_x509_cert_t *cert_obj, const char *cert_path)
int	botan_x509_cert_not_after (botan_x509_cert_t cert, uint64_t *time_since_epoch)
int	botan_x509_cert_not_before (botan_x509_cert_t cert, uint64_t *time_since_epoch)
int	botan_x509_cert_to_string (botan_x509_cert_t cert, char out[], size_t *out_len)
const char *	botan_x509_cert_validation_status (int code)
int	botan_x509_cert_verify (int *result_code, botan_x509_cert_t cert, const botan_x509_cert_t *intermediates, size_t intermediates_len, const botan_x509_cert_t *trusted, size_t trusted_len, const char *trusted_path, size_t required_strength, const char *hostname_cstr, uint64_t reference_time)
int	botan_x509_cert_verify_with_crl (int *result_code, botan_x509_cert_t cert, const botan_x509_cert_t *intermediates, size_t intermediates_len, const botan_x509_cert_t *trusted, size_t trusted_len, const botan_x509_crl_t *crls, size_t crls_len, const char *trusted_path, size_t required_strength, const char *hostname_cstr, uint64_t reference_time)
int	botan_x509_cert_view_as_string (botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_str_fn view)
int	botan_x509_cert_view_public_key_bits (botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_bin_fn view)
int	botan_x509_crl_destroy (botan_x509_crl_t crl)
int	botan_x509_crl_load (botan_x509_crl_t *crl_obj, const uint8_t crl_bits[], size_t crl_bits_len)
int	botan_x509_crl_load_file (botan_x509_crl_t *crl_obj, const char *crl_path)
int	botan_x509_is_revoked (botan_x509_crl_t crl, botan_x509_cert_t cert)

Function Documentation

botan_x509_cert_allowed_usage()

int botan_x509_cert_allowed_usage	(	botan_x509_cert_t	cert,
		unsigned int	key_usage
	)

Definition at line 145 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) -> int {
      const Botan::Key_Constraints k = static_cast<Botan::Key_Constraints>(key_usage);
      if(c.allowed_usage(k))
         return BOTAN_FFI_SUCCESS;
      return 1;
      });
#else
   BOTAN_UNUSED(cert, key_usage);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

botan_x509_cert_destroy()

int botan_x509_cert_destroy

(

botan_x509_cert_t

cert

)

Returns

0 if success, error if invalid object handle

Definition at line 160 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_CHECKED_DELETE(cert);
#else
   BOTAN_UNUSED(cert);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_CHECKED_DELETE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, and BOTAN_UNUSED.

botan_x509_cert_dup()

int botan_x509_cert_dup	(	botan_x509_cert_t *	cert_obj,
		botan_x509_cert_t	cert
	)

Definition at line 47 of file ffi_cert.cpp.

   {
   if(!cert_obj)
      return BOTAN_FFI_ERROR_NULL_POINTER;
 
#if defined(BOTAN_HAS_X509_CERTIFICATES) && defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
 
   return ffi_guard_thunk(__func__, [=]() -> int {
      auto c = std::make_unique<Botan::X509_Certificate>(safe_get(cert));
      *cert_obj = new botan_x509_cert_struct(std::move(c));
      return BOTAN_FFI_SUCCESS;
      });
 
#else
   BOTAN_UNUSED(cert);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), and Botan_FFI::safe_get().

botan_x509_cert_get_authority_key_id()

int botan_x509_cert_get_authority_key_id	(	botan_x509_cert_t	cert,
		uint8_t	out[],
		size_t *	out_len
	)

Definition at line 234 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return write_vec_output(out, out_len, c.authority_key_id()); });
#else
   BOTAN_UNUSED(cert, out, out_len);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_vec_output().

botan_x509_cert_get_fingerprint()

int botan_x509_cert_get_fingerprint	(	botan_x509_cert_t	cert,
		const char *	hash,
		uint8_t	out[],
		size_t *	out_len
	)

Definition at line 224 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return write_str_output(out, out_len, c.fingerprint(hash)); });
#else
   BOTAN_UNUSED(cert, hash, out, out_len);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_str_output().

botan_x509_cert_get_issuer_dn()

int botan_x509_cert_get_issuer_dn	(	botan_x509_cert_t	cert,
		const char *	key,
		size_t	index,
		uint8_t	out[],
		size_t *	out_len
	)

Definition at line 103 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return write_str_output(out, out_len, c.issuer_info(key).at(index)); });
#else
   BOTAN_UNUSED(cert, key, index, out, out_len);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_str_output().

botan_x509_cert_get_public_key()

int botan_x509_cert_get_public_key	(	botan_x509_cert_t	cert,
		botan_pubkey_t *	key
	)

Definition at line 84 of file ffi_cert.cpp.

   {
   if(key == nullptr)
      return BOTAN_FFI_ERROR_NULL_POINTER;
 
   *key = nullptr;
 
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return ffi_guard_thunk(__func__, [=]() -> int {
      auto public_key = safe_get(cert).subject_public_key();
      *key = new botan_pubkey_struct(std::move(public_key));
      return BOTAN_FFI_SUCCESS;
      });
#else
   BOTAN_UNUSED(cert);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), and Botan_FFI::safe_get().

botan_x509_cert_get_public_key_bits()

int botan_x509_cert_get_public_key_bits	(	botan_x509_cert_t	cert,
		uint8_t	out[],
		size_t *	out_len
	)

Definition at line 254 of file ffi_cert.cpp.

   {
   return copy_view_bin(out, out_len, botan_x509_cert_view_public_key_bits, cert);
   }

References botan_x509_cert_view_public_key_bits(), and Botan_FFI::copy_view_bin().

botan_x509_cert_get_serial_number()

int botan_x509_cert_get_serial_number	(	botan_x509_cert_t	cert,
		uint8_t	out[],
		size_t *	out_len
	)

Definition at line 214 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return write_vec_output(out, out_len, c.serial_number()); });
#else
   BOTAN_UNUSED(cert, out, out_len);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_vec_output().

botan_x509_cert_get_subject_dn()

int botan_x509_cert_get_subject_dn	(	botan_x509_cert_t	cert,
		const char *	key,
		size_t	index,
		uint8_t	out[],
		size_t *	out_len
	)

Definition at line 115 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return write_str_output(out, out_len, c.subject_info(key).at(index)); });
#else
   BOTAN_UNUSED(cert, key, index, out, out_len);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_str_output().

botan_x509_cert_get_subject_key_id()

int botan_x509_cert_get_subject_key_id	(	botan_x509_cert_t	cert,
		uint8_t	out[],
		size_t *	out_len
	)

Definition at line 244 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return write_vec_output(out, out_len, c.subject_key_id()); });
#else
   BOTAN_UNUSED(cert, out, out_len);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_vec_output().

botan_x509_cert_get_time_expires()

int botan_x509_cert_get_time_expires	(	botan_x509_cert_t	cert,
		char	out[],
		size_t *	out_len
	)

Definition at line 180 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return write_str_output(out, out_len, c.not_after().to_string()); });
#else
   BOTAN_UNUSED(cert, out, out_len);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_str_output().

botan_x509_cert_get_time_starts()

int botan_x509_cert_get_time_starts	(	botan_x509_cert_t	cert,
		char	out[],
		size_t *	out_len
	)

Definition at line 170 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return write_str_output(out, out_len, c.not_before().to_string()); });
#else
   BOTAN_UNUSED(cert, out, out_len);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_str_output().

botan_x509_cert_hostname_match()

int botan_x509_cert_hostname_match	(	botan_x509_cert_t	cert,
		const char *	hostname
	)

Check if the certificate matches the specified hostname via alternative name or CN match. RFC 5280 wildcards also supported.

Definition at line 272 of file ffi_cert.cpp.

   {
   if(hostname == nullptr)
      return BOTAN_FFI_ERROR_NULL_POINTER;
 
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return c.matches_dns_name(hostname) ? 0 : -1; });
#else
   BOTAN_UNUSED(cert);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

botan_x509_cert_load()

int botan_x509_cert_load	(	botan_x509_cert_t *	cert_obj,
		const uint8_t	cert_bits[],
		size_t	cert_bits_len
	)

Definition at line 66 of file ffi_cert.cpp.

   {
   if(!cert_obj || !cert_bits)
      return BOTAN_FFI_ERROR_NULL_POINTER;
 
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return ffi_guard_thunk(__func__, [=]() -> int {
      Botan::DataSource_Memory bits(cert_bits, cert_bits_len);
      auto c = std::make_unique<Botan::X509_Certificate>(bits);
      *cert_obj = new botan_x509_cert_struct(std::move(c));
      return BOTAN_FFI_SUCCESS;
      });
#else
   BOTAN_UNUSED(cert_bits_len);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_UNUSED, and Botan_FFI::ffi_guard_thunk().

botan_x509_cert_load_file()

int botan_x509_cert_load_file	(	botan_x509_cert_t *	cert_obj,
		const char *	cert_path
	)

Definition at line 29 of file ffi_cert.cpp.

   {
   if(!cert_obj || !cert_path)
      return BOTAN_FFI_ERROR_NULL_POINTER;
 
#if defined(BOTAN_HAS_X509_CERTIFICATES) && defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
 
   return ffi_guard_thunk(__func__, [=]() -> int {
      auto c = std::make_unique<Botan::X509_Certificate>(cert_path);
      *cert_obj = new botan_x509_cert_struct(std::move(c));
      return BOTAN_FFI_SUCCESS;
      });
 
#else
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, and Botan_FFI::ffi_guard_thunk().

botan_x509_cert_not_after()

int botan_x509_cert_not_after	(	botan_x509_cert_t	cert,
		uint64_t *	time_since_epoch
	)

Definition at line 202 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) {
      *time_since_epoch = c.not_after().time_since_epoch();
      });
#else
   BOTAN_UNUSED(cert, time_since_epoch);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

botan_x509_cert_not_before()

int botan_x509_cert_not_before	(	botan_x509_cert_t	cert,
		uint64_t *	time_since_epoch
	)

Definition at line 190 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c) {
      *time_since_epoch = c.not_before().time_since_epoch();
      });
#else
   BOTAN_UNUSED(cert, time_since_epoch);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

botan_x509_cert_to_string()

int botan_x509_cert_to_string	(	botan_x509_cert_t	cert,
		char	out[],
		size_t *	out_len
	)

Definition at line 127 of file ffi_cert.cpp.

   {
   return copy_view_str(reinterpret_cast<uint8_t*>(out), out_len, botan_x509_cert_view_as_string, cert);
   }

References botan_x509_cert_view_as_string(), and Botan_FFI::copy_view_str().

botan_x509_cert_validation_status()

const char * botan_x509_cert_validation_status

(

int

code

)

Returns a pointer to a static character string explaining the status code, or else NULL if unknown.

Definition at line 356 of file ffi_cert.cpp.

   {
   if(code < 0)
      return nullptr;
 
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   Botan::Certificate_Status_Code sc = static_cast<Botan::Certificate_Status_Code>(code);
   return Botan::to_string(sc);
#else
   return nullptr;
#endif
   }

References Botan::to_string().

botan_x509_cert_verify()

int botan_x509_cert_verify	(	int *	validation_result,
		botan_x509_cert_t	cert,
		const botan_x509_cert_t *	intermediates,
		size_t	intermediates_len,
		const botan_x509_cert_t *	trusted,
		size_t	trusted_len,
		const char *	trusted_path,
		size_t	required_strength,
		const char *	hostname,
		uint64_t	reference_time
	)

Returns 0 if the validation was successful, 1 if validation failed, and negative on error. A status code with details is written to *validation_result

Intermediates or trusted lists can be null Trusted path can be null

Definition at line 285 of file ffi_cert.cpp.

   {
   if(required_strength == 0)
      required_strength = 110;
 
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return ffi_guard_thunk(__func__, [=]() -> int {
      const std::string hostname((hostname_cstr == nullptr) ? "" : hostname_cstr);
      const Botan::Usage_Type usage = Botan::Usage_Type::UNSPECIFIED;
      const auto validation_time = reference_time == 0 ?
         std::chrono::system_clock::now() :
         std::chrono::system_clock::from_time_t(static_cast<time_t>(reference_time));
 
      std::vector<Botan::X509_Certificate> end_certs;
      end_certs.push_back(safe_get(cert));
      for(size_t i = 0; i != intermediates_len; ++i)
         end_certs.push_back(safe_get(intermediates[i]));
 
      std::unique_ptr<Botan::Certificate_Store> trusted_from_path;
      std::unique_ptr<Botan::Certificate_Store_In_Memory> trusted_extra;
      std::vector<Botan::Certificate_Store*> trusted_roots;
 
      if(trusted_path && *trusted_path)
         {
         trusted_from_path = std::make_unique<Botan::Certificate_Store_In_Memory>(trusted_path);
         trusted_roots.push_back(trusted_from_path.get());
         }
 
      if(trusted_len > 0)
         {
         trusted_extra = std::make_unique<Botan::Certificate_Store_In_Memory>();
         for(size_t i = 0; i != trusted_len; ++i)
            {
            trusted_extra->add_certificate(safe_get(trusted[i]));
            }
         trusted_roots.push_back(trusted_extra.get());
         }
 
      Botan::Path_Validation_Restrictions restrictions(false, required_strength);
 
      auto validation_result = Botan::x509_path_validate(end_certs,
                                                         restrictions,
                                                         trusted_roots,
                                                         hostname,
                                                         usage,
                                                         validation_time);
 
      if(result_code)
         *result_code = static_cast<int>(validation_result.result());
 
      if(validation_result.successful_validation())
         return 0;
      else
         return 1;
      });
#else
   BOTAN_UNUSED(result_code, cert, intermediates, intermediates_len, trusted);
   BOTAN_UNUSED(trusted_len, trusted_path, hostname_cstr, reference_time);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), Botan_FFI::safe_get(), Botan::UNSPECIFIED, and Botan::x509_path_validate().

botan_x509_cert_verify_with_crl()

int botan_x509_cert_verify_with_crl	(	int *	validation_result,
		botan_x509_cert_t	cert,
		const botan_x509_cert_t *	intermediates,
		size_t	intermediates_len,
		const botan_x509_cert_t *	trusted,
		size_t	trusted_len,
		const botan_x509_crl_t *	crls,
		size_t	crls_len,
		const char *	trusted_path,
		size_t	required_strength,
		const char *	hostname,
		uint64_t	reference_time
	)

Different flavor of botan_x509_cert_verify, supports revocation lists. CRLs are passed as an array, same as intermediates and trusted CAs

Definition at line 435 of file ffi_cert.cpp.

   {
   if(required_strength == 0)
      required_strength = 110;
 
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return ffi_guard_thunk(__func__, [=]() -> int {
      const std::string hostname((hostname_cstr == nullptr) ? "" : hostname_cstr);
      const Botan::Usage_Type usage = Botan::Usage_Type::UNSPECIFIED;
      const auto validation_time = reference_time == 0 ?
         std::chrono::system_clock::now() :
         std::chrono::system_clock::from_time_t(static_cast<time_t>(reference_time));
 
      std::vector<Botan::X509_Certificate> end_certs;
      end_certs.push_back(safe_get(cert));
      for(size_t i = 0; i != intermediates_len; ++i)
         end_certs.push_back(safe_get(intermediates[i]));
 
      std::unique_ptr<Botan::Certificate_Store> trusted_from_path;
      std::unique_ptr<Botan::Certificate_Store_In_Memory> trusted_extra;
      std::unique_ptr<Botan::Certificate_Store_In_Memory> trusted_crls;
      std::vector<Botan::Certificate_Store*> trusted_roots;
 
      if(trusted_path && *trusted_path)
         {
         trusted_from_path = std::make_unique<Botan::Certificate_Store_In_Memory>(trusted_path);
         trusted_roots.push_back(trusted_from_path.get());
         }
 
      if(trusted_len > 0)
         {
         trusted_extra = std::make_unique<Botan::Certificate_Store_In_Memory>();
         for(size_t i = 0; i != trusted_len; ++i)
            {
            trusted_extra->add_certificate(safe_get(trusted[i]));
            }
         trusted_roots.push_back(trusted_extra.get());
         }
 
      if(crls_len > 0)
         {
         trusted_crls = std::make_unique<Botan::Certificate_Store_In_Memory>();
         for(size_t i = 0; i != crls_len; ++i)
            {
            trusted_crls->add_crl(safe_get(crls[i]));
            }
         trusted_roots.push_back(trusted_crls.get());
         }
 
      Botan::Path_Validation_Restrictions restrictions(false, required_strength);
 
      auto validation_result = Botan::x509_path_validate(end_certs,
                                                         restrictions,
                                                         trusted_roots,
                                                         hostname,
                                                         usage,
                                                         validation_time);
 
      if(result_code)
         *result_code = static_cast<int>(validation_result.result());
 
      if(validation_result.successful_validation())
         return 0;
      else
         return 1;
      });
#else
   BOTAN_UNUSED(result_code, cert, intermediates, intermediates_len, trusted);
   BOTAN_UNUSED(trusted_len, trusted_path, hostname_cstr, reference_time, crls, crls_len);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), Botan_FFI::safe_get(), Botan::UNSPECIFIED, and Botan::x509_path_validate().

botan_x509_cert_view_as_string()

int botan_x509_cert_view_as_string	(	botan_x509_cert_t	cert,
		botan_view_ctx	ctx,
		botan_view_str_fn	view
	)

Definition at line 132 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c)
      {
      return invoke_view_callback(view, ctx, c.to_string());
      });
#else
   BOTAN_UNUSED(cert, ctx, view);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::invoke_view_callback().

Referenced by botan_x509_cert_to_string().

botan_x509_cert_view_public_key_bits()

int botan_x509_cert_view_public_key_bits	(	botan_x509_cert_t	cert,
		botan_view_ctx	ctx,
		botan_view_bin_fn	view
	)

Definition at line 259 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(cert, [=](const auto& c)
      {
      return invoke_view_callback(view, ctx, c.subject_public_key_bits());
      });
#else
   BOTAN_UNUSED(cert, ctx, view);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::invoke_view_callback().

Referenced by botan_x509_cert_get_public_key_bits().

botan_x509_crl_destroy()

int botan_x509_crl_destroy

(

botan_x509_crl_t

crl

)

Definition at line 411 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_CHECKED_DELETE(crl);
#else
   BOTAN_UNUSED(crl);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_CHECKED_DELETE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, and BOTAN_UNUSED.

botan_x509_crl_load()

int botan_x509_crl_load	(	botan_x509_crl_t *	crl_obj,
		const uint8_t	crl_bits[],
		size_t	crl_bits_len
	)

Definition at line 393 of file ffi_cert.cpp.

   {
   if(!crl_obj || !crl_bits)
      return BOTAN_FFI_ERROR_NULL_POINTER;
 
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return ffi_guard_thunk(__func__, [=]() -> int {
      Botan::DataSource_Memory bits(crl_bits, crl_bits_len);
      auto c = std::make_unique<Botan::X509_CRL>(bits);
      *crl_obj = new botan_x509_crl_struct(std::move(c));
      return BOTAN_FFI_SUCCESS;
      });
#else
   BOTAN_UNUSED(crl_bits_len);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_UNUSED, and Botan_FFI::ffi_guard_thunk().

botan_x509_crl_load_file()

int botan_x509_crl_load_file	(	botan_x509_crl_t *	crl_obj,
		const char *	crl_path
	)

Definition at line 375 of file ffi_cert.cpp.

   {
   if(!crl_obj || !crl_path)
      return BOTAN_FFI_ERROR_NULL_POINTER;
 
#if defined(BOTAN_HAS_X509_CERTIFICATES) && defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
 
   return ffi_guard_thunk(__func__, [=]() -> int {
      auto c = std::make_unique<Botan::X509_CRL>(crl_path);
      *crl_obj = new botan_x509_crl_struct(std::move(c));
      return BOTAN_FFI_SUCCESS;
      });
 
#else
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, and Botan_FFI::ffi_guard_thunk().

botan_x509_is_revoked()

int botan_x509_is_revoked	(	botan_x509_crl_t	crl,
		botan_x509_cert_t	cert
	)

Given a CRL and a certificate, check if the certificate is revoked on that particular CRL

Definition at line 421 of file ffi_cert.cpp.

   {
#if defined(BOTAN_HAS_X509_CERTIFICATES)
   return BOTAN_FFI_VISIT(crl, [=] (const auto& c)
      {
      return c.is_revoked(safe_get(cert)) ? 0 : -1;
      });
#else
   BOTAN_UNUSED(cert);
   BOTAN_UNUSED(crl);
   return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
#endif
   }

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::safe_get().