Botan 3.11.0
Crypto and TLS for C&
Functions
ffi_cert.cpp File Reference
Foreign Function Interface
#include <botan/ffi.h>
#include <botan/assert.h>
#include <botan/internal/ffi_cert.h>
#include <botan/internal/ffi_pkey.h>
#include <botan/internal/ffi_rng.h>
#include <botan/internal/ffi_util.h>
#include <memory>

Go to the source code of this file.

Functions

int botan_x509_cert_allowed_extended_usage_oid (botan_x509_cert_t cert, botan_asn1_oid_t oid)
int botan_x509_cert_allowed_extended_usage_str (botan_x509_cert_t cert, const char *oid)
int botan_x509_cert_allowed_usage (botan_x509_cert_t cert, unsigned int key_usage)
int botan_x509_cert_destroy (botan_x509_cert_t cert)
int botan_x509_cert_dup (botan_x509_cert_t *cert_obj, botan_x509_cert_t cert)
int botan_x509_cert_excluded_name_constraints (botan_x509_cert_t cert, size_t index, botan_x509_general_name_t *constraint)
int botan_x509_cert_excluded_name_constraints_count (botan_x509_cert_t cert, size_t *count)
int botan_x509_cert_get_authority_key_id (botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
int botan_x509_cert_get_fingerprint (botan_x509_cert_t cert, const char *hash, uint8_t out[], size_t *out_len)
int botan_x509_cert_get_issuer_dn (botan_x509_cert_t cert, const char *key, size_t index, uint8_t out[], size_t *out_len)
int botan_x509_cert_get_issuer_dn_count (botan_x509_cert_t cert, const char *key, size_t *count)
int botan_x509_cert_get_path_length_constraint (botan_x509_cert_t cert, size_t *path_limit)
int botan_x509_cert_get_public_key (botan_x509_cert_t cert, botan_pubkey_t *key)
int botan_x509_cert_get_public_key_bits (botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
int botan_x509_cert_get_serial_number (botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
int botan_x509_cert_get_subject_dn (botan_x509_cert_t cert, const char *key, size_t index, uint8_t out[], size_t *out_len)
int botan_x509_cert_get_subject_dn_count (botan_x509_cert_t cert, const char *key, size_t *count)
int botan_x509_cert_get_subject_key_id (botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
int botan_x509_cert_get_time_expires (botan_x509_cert_t cert, char out[], size_t *out_len)
int botan_x509_cert_get_time_starts (botan_x509_cert_t cert, char out[], size_t *out_len)
int botan_x509_cert_hostname_match (botan_x509_cert_t cert, const char *hostname)
int botan_x509_cert_is_ca (botan_x509_cert_t cert)
int botan_x509_cert_issuer_alternative_names (botan_x509_cert_t cert, size_t index, botan_x509_general_name_t *alt_name)
int botan_x509_cert_issuer_alternative_names_count (botan_x509_cert_t cert, size_t *count)
int botan_x509_cert_load (botan_x509_cert_t *cert_obj, const uint8_t cert_bits[], size_t cert_bits_len)
int botan_x509_cert_load_file (botan_x509_cert_t *cert_obj, const char *cert_path)
int botan_x509_cert_not_after (botan_x509_cert_t cert, uint64_t *time_since_epoch)
int botan_x509_cert_not_before (botan_x509_cert_t cert, uint64_t *time_since_epoch)
int botan_x509_cert_permitted_name_constraints (botan_x509_cert_t cert, size_t index, botan_x509_general_name_t *constraint)
int botan_x509_cert_permitted_name_constraints_count (botan_x509_cert_t cert, size_t *count)
int botan_x509_cert_serial_number (botan_x509_cert_t cert, botan_mp_t *serial_number)
int botan_x509_cert_subject_alternative_names (botan_x509_cert_t cert, size_t index, botan_x509_general_name_t *alt_name)
int botan_x509_cert_subject_alternative_names_count (botan_x509_cert_t cert, size_t *count)
int botan_x509_cert_to_string (botan_x509_cert_t cert, char out[], size_t *out_len)
const char * botan_x509_cert_validation_status (int code)
int botan_x509_cert_verify (int *result_code, botan_x509_cert_t cert, const botan_x509_cert_t *intermediates, size_t intermediates_len, const botan_x509_cert_t *trusted, size_t trusted_len, const char *trusted_path, size_t required_strength, const char *hostname_cstr, uint64_t reference_time)
int botan_x509_cert_verify_with_crl (int *result_code, botan_x509_cert_t cert, const botan_x509_cert_t *intermediates, size_t intermediates_len, const botan_x509_cert_t *trusted, size_t trusted_len, const botan_x509_crl_t *crls, size_t crls_len, const char *trusted_path, size_t required_strength, const char *hostname_cstr, uint64_t reference_time)
int botan_x509_cert_view_as_string (botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_str_fn view)
int botan_x509_cert_view_binary_values (botan_x509_cert_t cert, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_bin_fn view_fn)
int botan_x509_cert_view_binary_values_count (botan_x509_cert_t cert, botan_x509_value_type value_type, size_t *count)
int botan_x509_cert_view_public_key_bits (botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_bin_fn view)
int botan_x509_cert_view_string_values (botan_x509_cert_t cert, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_str_fn view_fn)
int botan_x509_cert_view_string_values_count (botan_x509_cert_t cert, botan_x509_value_type value_type, size_t *count)
int botan_x509_crl_create (botan_x509_crl_t *crl_obj, botan_rng_t rng, botan_x509_cert_t ca_cert, botan_privkey_t ca_key, uint64_t issue_time, uint32_t next_update, const char *hash_fn, const char *padding)
int botan_x509_crl_destroy (botan_x509_crl_t crl)
int botan_x509_crl_entries (botan_x509_crl_t crl, size_t index, botan_x509_crl_entry_t *entry)
int botan_x509_crl_entries_count (botan_x509_crl_t crl, size_t *count)
int botan_x509_crl_entry_create (botan_x509_crl_entry_t *entry, botan_x509_cert_t cert, int reason_code)
int botan_x509_crl_entry_destroy (botan_x509_crl_entry_t entry)
int botan_x509_crl_entry_reason (botan_x509_crl_entry_t entry, int *reason_code)
int botan_x509_crl_entry_revocation_date (botan_x509_crl_entry_t entry, uint64_t *time_since_epoch)
int botan_x509_crl_entry_serial_number (botan_x509_crl_entry_t entry, botan_mp_t *serial_number)
int botan_x509_crl_entry_view_serial_number (botan_x509_crl_entry_t entry, botan_view_ctx ctx, botan_view_bin_fn view)
int botan_x509_crl_load (botan_x509_crl_t *crl_obj, const uint8_t crl_bits[], size_t crl_bits_len)
int botan_x509_crl_load_file (botan_x509_crl_t *crl_obj, const char *crl_path)
int botan_x509_crl_next_update (botan_x509_crl_t crl, uint64_t *time_since_epoch)
int botan_x509_crl_this_update (botan_x509_crl_t crl, uint64_t *time_since_epoch)
int botan_x509_crl_update (botan_x509_crl_t *crl_obj, botan_x509_crl_t last_crl, botan_rng_t rng, botan_x509_cert_t ca_cert, botan_privkey_t ca_key, uint64_t issue_time, uint32_t next_update, const botan_x509_crl_entry_t *new_entries, size_t new_entries_len, const char *hash_fn, const char *padding)
int botan_x509_crl_verify_signature (botan_x509_crl_t crl, botan_pubkey_t key)
int botan_x509_crl_view_binary_values (botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_bin_fn view_fn)
int botan_x509_crl_view_binary_values_count (botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t *count)
int botan_x509_crl_view_string_values (botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_str_fn view)
int botan_x509_crl_view_string_values_count (botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t *count)
int botan_x509_general_name_destroy (botan_x509_general_name_t name)
int botan_x509_general_name_get_type (botan_x509_general_name_t name, unsigned int *type)
int botan_x509_general_name_view_binary_value (botan_x509_general_name_t name, botan_view_ctx ctx, botan_view_bin_fn view)
int botan_x509_general_name_view_string_value (botan_x509_general_name_t name, botan_view_ctx ctx, botan_view_str_fn view)
int botan_x509_is_revoked (botan_x509_crl_t crl, botan_x509_cert_t cert)

Function Documentation

◆ botan_x509_cert_allowed_extended_usage_oid()

int botan_x509_cert_allowed_extended_usage_oid ( botan_x509_cert_t cert,
botan_asn1_oid_t oid )

Check if the certificate allows the specified extended usage OID. See RFC 5280 Section 4.2.1.12 for OIDs to query for this. If no extended key usage extension is found in the certificate, this always returns "not success".

This is similar to botan_x509_cert_allowed_extended_usage_str but takes an OID object instead of a string describing the OID.

Definition at line 584 of file ffi_cert.cpp.

584 {
585#if defined(BOTAN_HAS_X509_CERTIFICATES)
586 return BOTAN_FFI_VISIT(cert, [=](const auto& c) -> int { return c.has_ex_constraint(safe_get(oid)) ? 1 : 0; });
587#else
588 BOTAN_UNUSED(cert, oid);
589 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
590#endif
591}
BOTAN_UNUSED
#define BOTAN_UNUSED
Definition assert.h:144
BOTAN_FFI_ERROR_NOT_IMPLEMENTED
@ BOTAN_FFI_ERROR_NOT_IMPLEMENTED
Definition ffi.h:140
BOTAN_FFI_VISIT
#define BOTAN_FFI_VISIT(obj, lambda)
Definition ffi_util.h:158
Botan_FFI::safe_get
T & safe_get(botan_struct< T, M > *p)
Definition ffi_util.h:79

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::safe_get().

◆ botan_x509_cert_allowed_extended_usage_str()

int botan_x509_cert_allowed_extended_usage_str ( botan_x509_cert_t cert,
const char * oid )

Check if the certificate allows the specified extended usage OID. See RFC 5280 Section 4.2.1.12 for OIDs to query for this. If no extended key usage extension is found in the certificate, this always returns "not success".

Typical OIDs to check for:

  • "PKIX.ServerAuth"
  • "PKIX.ClientAuth"
  • "PKIX.CodeSigning"
  • "PKIX.OCSPSigning"

The oid parameter can be either a canonical OID string or identifiers as indicated in the examples above.

Definition at line 569 of file ffi_cert.cpp.

569 {
570#if defined(BOTAN_HAS_X509_CERTIFICATES)
571 return BOTAN_FFI_VISIT(cert, [=](const auto& c) -> int {
572 if(Botan::any_null_pointers(oid)) {
573 return BOTAN_FFI_ERROR_NULL_POINTER;
574 }
575
576 return c.has_ex_constraint(oid) ? 1 : 0;
577 });
578#else
579 BOTAN_UNUSED(cert, oid);
580 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
581#endif
582}
BOTAN_FFI_ERROR_NULL_POINTER
@ BOTAN_FFI_ERROR_NULL_POINTER
Definition ffi.h:133
Botan::any_null_pointers
bool any_null_pointers(Ptrs... ptr)
Definition mem_utils.h:54

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_cert_allowed_usage()

int botan_x509_cert_allowed_usage ( botan_x509_cert_t cert,
unsigned int key_usage )

Definition at line 554 of file ffi_cert.cpp.

554 {
555#if defined(BOTAN_HAS_X509_CERTIFICATES)
556 return BOTAN_FFI_VISIT(cert, [=](const auto& c) -> int {
557 const Botan::Key_Constraints k = static_cast<Botan::Key_Constraints>(key_usage);
558 if(c.allowed_usage(k)) {
559 return BOTAN_FFI_SUCCESS;
560 }
561 return 1;
562 });
563#else
564 BOTAN_UNUSED(cert, key_usage);
565 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
566#endif
567}
Botan::Key_Constraints
Definition pkix_enums.h:112
BOTAN_FFI_SUCCESS
@ BOTAN_FFI_SUCCESS
Definition ffi.h:116

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_cert_destroy()

int botan_x509_cert_destroy ( botan_x509_cert_t cert)
Returns
0 if success, error if invalid object handle

Definition at line 593 of file ffi_cert.cpp.

593 {
594#if defined(BOTAN_HAS_X509_CERTIFICATES)
595 return BOTAN_FFI_CHECKED_DELETE(cert);
596#else
597 BOTAN_UNUSED(cert);
598 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
599#endif
600}
BOTAN_FFI_CHECKED_DELETE
#define BOTAN_FFI_CHECKED_DELETE(o)
Definition ffi_util.h:185

References BOTAN_FFI_CHECKED_DELETE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, and BOTAN_UNUSED.

◆ botan_x509_cert_dup()

int botan_x509_cert_dup ( botan_x509_cert_t * cert_obj,
botan_x509_cert_t cert )

Definition at line 186 of file ffi_cert.cpp.

186 {
187 if(cert_obj == nullptr) {
188 return BOTAN_FFI_ERROR_NULL_POINTER;
189 }
190
191#if defined(BOTAN_HAS_X509_CERTIFICATES) && defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
192
193 return ffi_guard_thunk(__func__, [=]() -> int {
194 auto c = std::make_unique<Botan::X509_Certificate>(safe_get(cert));
195 return ffi_new_object(cert_obj, std::move(c));
196 });
197
198#else
199 BOTAN_UNUSED(cert);
200 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
201#endif
202}
Botan_FFI::ffi_new_object
BOTAN_FFI_ERROR ffi_new_object(T *obj, Args &&... args)
Definition ffi_util.h:178
Botan_FFI::ffi_guard_thunk
int ffi_guard_thunk(const char *func_name, T thunk)
Definition ffi_util.h:95

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), Botan_FFI::ffi_new_object(), and Botan_FFI::safe_get().

◆ botan_x509_cert_excluded_name_constraints()

int botan_x509_cert_excluded_name_constraints ( botan_x509_cert_t cert,
size_t index,
botan_x509_general_name_t * constraint )

Extracts "excluded" name constraints from a given cert one-by-one. Returns BOTAN_FFI_ERROR_OUT_OF_RANGE if the given index is larger than the available number of "excluded" name constraints.

Definition at line 824 of file ffi_cert.cpp.

826 {
827#if defined(BOTAN_HAS_X509_CERTIFICATES)
828 return BOTAN_FFI_VISIT(cert, [=](const Botan::X509_Certificate& c) {
829 if(Botan::any_null_pointers(constraint)) {
830 return BOTAN_FFI_ERROR_NULL_POINTER;
831 }
832
833 const auto& constraints = c.name_constraints().excluded();
834 if(index >= constraints.size()) {
835 return BOTAN_FFI_ERROR_OUT_OF_RANGE;
836 }
837
838 return ffi_new_object(constraint, std::make_unique<Botan::GeneralName>(constraints[index].base()));
839 });
840#else
841 BOTAN_UNUSED(cert, index, constraint);
842 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
843#endif
844}
Botan::NameConstraints::excluded
const std::vector< GeneralSubtree > & excluded() const
Definition pkix_types.h:433
Botan::X509_Certificate
Definition x509cert.h:27
Botan::X509_Certificate::name_constraints
const NameConstraints & name_constraints() const
Definition x509cert.cpp:458
BOTAN_FFI_ERROR_OUT_OF_RANGE
@ BOTAN_FFI_ERROR_OUT_OF_RANGE
Definition ffi.h:138

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_ERROR_OUT_OF_RANGE, BOTAN_FFI_VISIT, BOTAN_UNUSED, Botan::NameConstraints::excluded(), Botan_FFI::ffi_new_object(), and Botan::X509_Certificate::name_constraints().

◆ botan_x509_cert_excluded_name_constraints_count()

int botan_x509_cert_excluded_name_constraints_count ( botan_x509_cert_t cert,
size_t * count )

Definition at line 846 of file ffi_cert.cpp.

846 {
847#if defined(BOTAN_HAS_X509_CERTIFICATES)
848 if(Botan::any_null_pointers(count)) {
849 return BOTAN_FFI_ERROR_NULL_POINTER;
850 }
851
852 return BOTAN_FFI_VISIT(cert, [=](const auto& c) { *count = c.name_constraints().excluded().size(); });
853#else
854 BOTAN_UNUSED(cert, count);
855 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
856#endif
857}

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_cert_get_authority_key_id()

int botan_x509_cert_get_authority_key_id ( botan_x509_cert_t cert,
uint8_t out[],
size_t * out_len )

Definition at line 678 of file ffi_cert.cpp.

678 {
679#if defined(BOTAN_HAS_X509_CERTIFICATES)
680 return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return write_vec_output(out, out_len, c.authority_key_id()); });
681#else
682 BOTAN_UNUSED(cert, out, out_len);
683 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
684#endif
685}
Botan_FFI::write_vec_output
int write_vec_output(uint8_t out[], size_t *out_len, std::span< const uint8_t > buf)
Definition ffi_util.h:261

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_vec_output().

◆ botan_x509_cert_get_fingerprint()

int botan_x509_cert_get_fingerprint ( botan_x509_cert_t cert,
const char * hash,
uint8_t out[],
size_t * out_len )

Definition at line 665 of file ffi_cert.cpp.

665 {
666#if defined(BOTAN_HAS_X509_CERTIFICATES)
667 // TODO(Botan4) change the type of out and remove this cast
668
669 return BOTAN_FFI_VISIT(cert, [=](const auto& c) {
670 return write_str_output(reinterpret_cast<char*>(out), out_len, c.fingerprint(hash));
671 });
672#else
673 BOTAN_UNUSED(cert, hash, out, out_len);
674 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
675#endif
676}
Botan_FFI::write_str_output
int write_str_output(char out[], size_t *out_len, const std::string &str)
Definition ffi_util.h:265

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_str_output().

◆ botan_x509_cert_get_issuer_dn()

int botan_x509_cert_get_issuer_dn ( botan_x509_cert_t cert,
const char * key,
size_t index,
uint8_t out[],
size_t * out_len )

Enumerates the names of the given key in the issuer DN. If index is out of bounds, BOTAN_FFI_ERROR_BAD_PARAMETER is returned.

TODO(Botan4) use BOTAN_FFI_ERROR_OUT_OF_RANGE instead of BAD_PARAMETER TODO(Botan4) this should use char for the out param

Definition at line 473 of file ffi_cert.cpp.

474 {
475#if defined(BOTAN_HAS_X509_CERTIFICATES)
476 return BOTAN_FFI_VISIT(cert, [=](const auto& c) -> int {
477 auto issuer_info = c.issuer_info(key);
478 if(index < issuer_info.size()) {
479 // TODO(Botan4) change the type of out and remove this cast
480 return write_str_output(reinterpret_cast<char*>(out), out_len, c.issuer_info(key).at(index));
481 } else {
482 return BOTAN_FFI_ERROR_BAD_PARAMETER; // TODO(Botan4): use BOTAN_FFI_ERROR_OUT_OF_RANGE
483 }
484 });
485#else
486 BOTAN_UNUSED(cert, key, index, out, out_len);
487 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
488#endif
489}
BOTAN_FFI_ERROR_BAD_PARAMETER
@ BOTAN_FFI_ERROR_BAD_PARAMETER
Definition ffi.h:134

References BOTAN_FFI_ERROR_BAD_PARAMETER, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_str_output().

◆ botan_x509_cert_get_issuer_dn_count()

int botan_x509_cert_get_issuer_dn_count ( botan_x509_cert_t cert,
const char * key,
size_t * count )

Definition at line 491 of file ffi_cert.cpp.

491 {
492#if defined(BOTAN_HAS_X509_CERTIFICATES)
493 return BOTAN_FFI_VISIT(cert, [=](const auto& c) -> int {
494 if(Botan::any_null_pointers(count)) {
495 return BOTAN_FFI_ERROR_NULL_POINTER;
496 }
497
498 *count = c.issuer_info(key).size();
499 return BOTAN_FFI_SUCCESS;
500 });
501#else
502 BOTAN_UNUSED(cert, key, count);
503 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
504#endif
505}

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_cert_get_path_length_constraint()

int botan_x509_cert_get_path_length_constraint ( botan_x509_cert_t cert,
size_t * path_limit )

Retrieves the path length constraint from the certificate. If no such constraint is present, BOTAN_FFI_ERROR_NO_VALUE is returned.

Definition at line 435 of file ffi_cert.cpp.

435 {
436#if defined(BOTAN_HAS_X509_CERTIFICATES)
437 return BOTAN_FFI_VISIT(cert, [=](const auto& c) -> int {
438 if(Botan::any_null_pointers(path_limit)) {
439 return BOTAN_FFI_ERROR_NULL_POINTER;
440 }
441
442 if(const auto path_len = c.path_length_constraint()) {
443 *path_limit = path_len.value();
444 return BOTAN_FFI_SUCCESS;
445 } else {
446 return BOTAN_FFI_ERROR_NO_VALUE;
447 }
448 });
449#else
450 BOTAN_UNUSED(cert, path_limit);
451 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
452#endif
453}
BOTAN_FFI_ERROR_NO_VALUE
@ BOTAN_FFI_ERROR_NO_VALUE
Definition ffi.h:122

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NO_VALUE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_cert_get_public_key()

int botan_x509_cert_get_public_key ( botan_x509_cert_t cert,
botan_pubkey_t * key )

Definition at line 455 of file ffi_cert.cpp.

455 {
456 if(key == nullptr) {
457 return BOTAN_FFI_ERROR_NULL_POINTER;
458 }
459
460 *key = nullptr;
461
462#if defined(BOTAN_HAS_X509_CERTIFICATES)
463 return ffi_guard_thunk(__func__, [=]() -> int {
464 auto public_key = safe_get(cert).subject_public_key();
465 return ffi_new_object(key, std::move(public_key));
466 });
467#else
468 BOTAN_UNUSED(cert);
469 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
470#endif
471}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), Botan_FFI::ffi_new_object(), and Botan_FFI::safe_get().

◆ botan_x509_cert_get_public_key_bits()

int botan_x509_cert_get_public_key_bits ( botan_x509_cert_t cert,
uint8_t out[],
size_t * out_len )

Definition at line 696 of file ffi_cert.cpp.

696 {
697 return copy_view_bin(out, out_len, botan_x509_cert_view_public_key_bits, cert);
698}
botan_x509_cert_view_public_key_bits
int botan_x509_cert_view_public_key_bits(botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_cert.cpp:700
Botan_FFI::copy_view_bin
int copy_view_bin(uint8_t out[], size_t *out_len, Fn fn, Args... args)
Definition ffi_util.h:211

References botan_x509_cert_view_public_key_bits(), and Botan_FFI::copy_view_bin().

◆ botan_x509_cert_get_serial_number()

int botan_x509_cert_get_serial_number ( botan_x509_cert_t cert,
uint8_t out[],
size_t * out_len )

Definition at line 640 of file ffi_cert.cpp.

640 {
641#if defined(BOTAN_HAS_X509_CERTIFICATES)
642 return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return write_vec_output(out, out_len, c.serial_number()); });
643#else
644 BOTAN_UNUSED(cert, out, out_len);
645 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
646#endif
647}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_vec_output().

◆ botan_x509_cert_get_subject_dn()

int botan_x509_cert_get_subject_dn ( botan_x509_cert_t cert,
const char * key,
size_t index,
uint8_t out[],
size_t * out_len )

Enumerates the names of the given key in the subject DN. If index is out of bounds, BOTAN_FFI_ERROR_BAD_PARAMETER is returned.

TODO(Botan4) use BOTAN_FFI_ERROR_OUT_OF_RANGE instead of BAD_PARAMETER TODO(Botan4) this should use char for the out param

Definition at line 507 of file ffi_cert.cpp.

508 {
509#if defined(BOTAN_HAS_X509_CERTIFICATES)
510 return BOTAN_FFI_VISIT(cert, [=](const auto& c) -> int {
511 auto subject_info = c.subject_info(key);
512 if(index < subject_info.size()) {
513 // TODO(Botan4) change the type of out and remove this cast
514 return write_str_output(reinterpret_cast<char*>(out), out_len, c.subject_info(key).at(index));
515 } else {
516 return BOTAN_FFI_ERROR_BAD_PARAMETER; // TODO(Botan4): use BOTAN_FFI_ERROR_OUT_OF_RANGE
517 }
518 });
519#else
520 BOTAN_UNUSED(cert, key, index, out, out_len);
521 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
522#endif
523}

References BOTAN_FFI_ERROR_BAD_PARAMETER, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_str_output().

◆ botan_x509_cert_get_subject_dn_count()

int botan_x509_cert_get_subject_dn_count ( botan_x509_cert_t cert,
const char * key,
size_t * count )

Definition at line 525 of file ffi_cert.cpp.

525 {
526#if defined(BOTAN_HAS_X509_CERTIFICATES)
527 return BOTAN_FFI_VISIT(cert, [=](const auto& c) -> int {
528 if(Botan::any_null_pointers(count)) {
529 return BOTAN_FFI_ERROR_NULL_POINTER;
530 }
531
532 *count = c.subject_info(key).size();
533 return BOTAN_FFI_SUCCESS;
534 });
535#else
536 BOTAN_UNUSED(cert, key, count);
537 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
538#endif
539}

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_cert_get_subject_key_id()

int botan_x509_cert_get_subject_key_id ( botan_x509_cert_t cert,
uint8_t out[],
size_t * out_len )

Definition at line 687 of file ffi_cert.cpp.

687 {
688#if defined(BOTAN_HAS_X509_CERTIFICATES)
689 return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return write_vec_output(out, out_len, c.subject_key_id()); });
690#else
691 BOTAN_UNUSED(cert, out, out_len);
692 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
693#endif
694}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_vec_output().

◆ botan_x509_cert_get_time_expires()

int botan_x509_cert_get_time_expires ( botan_x509_cert_t cert,
char out[],
size_t * out_len )

Definition at line 612 of file ffi_cert.cpp.

612 {
613#if defined(BOTAN_HAS_X509_CERTIFICATES)
614 return BOTAN_FFI_VISIT(cert,
615 [=](const auto& c) { return write_str_output(out, out_len, c.not_after().to_string()); });
616#else
617 BOTAN_UNUSED(cert, out, out_len);
618 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
619#endif
620}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_str_output().

◆ botan_x509_cert_get_time_starts()

int botan_x509_cert_get_time_starts ( botan_x509_cert_t cert,
char out[],
size_t * out_len )

Definition at line 602 of file ffi_cert.cpp.

602 {
603#if defined(BOTAN_HAS_X509_CERTIFICATES)
604 return BOTAN_FFI_VISIT(cert,
605 [=](const auto& c) { return write_str_output(out, out_len, c.not_before().to_string()); });
606#else
607 BOTAN_UNUSED(cert, out, out_len);
608 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
609#endif
610}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::write_str_output().

◆ botan_x509_cert_hostname_match()

int botan_x509_cert_hostname_match ( botan_x509_cert_t cert,
const char * hostname )

Check if the certificate matches the specified hostname via alternative name or CN match. RFC 5280 wildcards also supported.

Definition at line 937 of file ffi_cert.cpp.

937 {
938 if(hostname == nullptr) {
939 return BOTAN_FFI_ERROR_NULL_POINTER;
940 }
941
942#if defined(BOTAN_HAS_X509_CERTIFICATES)
943 return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return c.matches_dns_name(hostname) ? 0 : -1; });
944#else
945 BOTAN_UNUSED(cert);
946 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
947#endif
948}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_cert_is_ca()

int botan_x509_cert_is_ca ( botan_x509_cert_t cert)

Returns 1 iff the cert is a CA certificate

Definition at line 426 of file ffi_cert.cpp.

426 {
427#if defined(BOTAN_HAS_X509_CERTIFICATES)
428 return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return c.is_CA_cert() ? 1 : 0; });
429#else
430 BOTAN_UNUSED(cert);
431 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
432#endif
433}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_cert_issuer_alternative_names()

int botan_x509_cert_issuer_alternative_names ( botan_x509_cert_t cert,
size_t index,
botan_x509_general_name_t * alt_name )

Provides access to all "issuer alternative names", where each entry is returned as a botan_x509_general_name_t. If the given index is not within range of the available entries, BOTAN_FFI_ERROR_OUT_OF_RANGE is returned. If cert does not contain an IssuerAlternativeNames extension, BOTAN_FFI_ERROR_NO_VALUE is returned.

Definition at line 898 of file ffi_cert.cpp.

900 {
901#if defined(BOTAN_HAS_X509_CERTIFICATES)
902 return BOTAN_FFI_VISIT(cert, [=](const Botan::X509_Certificate& c) {
903 if(Botan::any_null_pointers(alt_name)) {
904 return BOTAN_FFI_ERROR_NULL_POINTER;
905 }
906
907 if(!c.v3_extensions().extension_set(Botan::OID::from_string("X509v3.IssuerAlternativeName"))) {
908 return BOTAN_FFI_ERROR_NO_VALUE;
909 }
910
911 if(auto name = extract_general_name_at(c.issuer_alt_name(), index)) {
912 return ffi_new_object(alt_name, std::make_unique<Botan::GeneralName>(std::move(name).value()));
913 }
914
915 return BOTAN_FFI_ERROR_OUT_OF_RANGE;
916 });
917#else
918 BOTAN_UNUSED(cert, index, alt_name);
919 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
920#endif
921}
Botan::Extensions::extension_set
bool extension_set(const OID &oid) const
Definition x509_ext.cpp:188
Botan::OID::from_string
static OID from_string(std::string_view str)
Definition asn1_oid.cpp:86
Botan::X509_Certificate::issuer_alt_name
const AlternativeName & issuer_alt_name() const
Definition x509cert.cpp:575
Botan::X509_Certificate::v3_extensions
const Extensions & v3_extensions() const
Definition x509cert.cpp:462

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NO_VALUE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_ERROR_OUT_OF_RANGE, BOTAN_FFI_VISIT, BOTAN_UNUSED, Botan::Extensions::extension_set(), Botan_FFI::ffi_new_object(), Botan::OID::from_string(), Botan::X509_Certificate::issuer_alt_name(), and Botan::X509_Certificate::v3_extensions().

◆ botan_x509_cert_issuer_alternative_names_count()

int botan_x509_cert_issuer_alternative_names_count ( botan_x509_cert_t cert,
size_t * count )

Definition at line 923 of file ffi_cert.cpp.

923 {
924#if defined(BOTAN_HAS_X509_CERTIFICATES)
925 if(Botan::any_null_pointers(count)) {
926 return BOTAN_FFI_ERROR_NULL_POINTER;
927 }
928
929 return BOTAN_FFI_VISIT(
930 cert, [=](const Botan::X509_Certificate& c) { *count = count_general_names_in(c.issuer_alt_name()); });
931#else
932 BOTAN_UNUSED(cert, count);
933 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
934#endif
935}

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan::X509_Certificate::issuer_alt_name().

◆ botan_x509_cert_load()

int botan_x509_cert_load ( botan_x509_cert_t * cert_obj,
const uint8_t cert_bits[],
size_t cert_bits_len )

Definition at line 204 of file ffi_cert.cpp.

204 {
205 if(cert_obj == nullptr || cert_bits == nullptr) {
206 return BOTAN_FFI_ERROR_NULL_POINTER;
207 }
208
209#if defined(BOTAN_HAS_X509_CERTIFICATES)
210 return ffi_guard_thunk(__func__, [=]() -> int {
211 Botan::DataSource_Memory bits(cert_bits, cert_bits_len);
212 auto c = std::make_unique<Botan::X509_Certificate>(bits);
213 return ffi_new_object(cert_obj, std::move(c));
214 });
215#else
216 BOTAN_UNUSED(cert_bits_len);
217 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
218#endif
219}
Botan::DataSource_Memory
Definition data_src.h:111

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), and Botan_FFI::ffi_new_object().

◆ botan_x509_cert_load_file()

int botan_x509_cert_load_file ( botan_x509_cert_t * cert_obj,
const char * cert_path )

Definition at line 169 of file ffi_cert.cpp.

169 {
170 if(cert_obj == nullptr || cert_path == nullptr) {
171 return BOTAN_FFI_ERROR_NULL_POINTER;
172 }
173
174#if defined(BOTAN_HAS_X509_CERTIFICATES) && defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
175
176 return ffi_guard_thunk(__func__, [=]() -> int {
177 auto c = std::make_unique<Botan::X509_Certificate>(cert_path);
178 return ffi_new_object(cert_obj, std::move(c));
179 });
180
181#else
182 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
183#endif
184}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, Botan_FFI::ffi_guard_thunk(), and Botan_FFI::ffi_new_object().

◆ botan_x509_cert_not_after()

int botan_x509_cert_not_after ( botan_x509_cert_t cert,
uint64_t * time_since_epoch )

Definition at line 631 of file ffi_cert.cpp.

631 {
632#if defined(BOTAN_HAS_X509_CERTIFICATES)
633 return BOTAN_FFI_VISIT(cert, [=](const auto& c) { *time_since_epoch = c.not_after().time_since_epoch(); });
634#else
635 BOTAN_UNUSED(cert, time_since_epoch);
636 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
637#endif
638}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_cert_not_before()

int botan_x509_cert_not_before ( botan_x509_cert_t cert,
uint64_t * time_since_epoch )

Definition at line 622 of file ffi_cert.cpp.

622 {
623#if defined(BOTAN_HAS_X509_CERTIFICATES)
624 return BOTAN_FFI_VISIT(cert, [=](const auto& c) { *time_since_epoch = c.not_before().time_since_epoch(); });
625#else
626 BOTAN_UNUSED(cert, time_since_epoch);
627 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
628#endif
629}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_cert_permitted_name_constraints()

int botan_x509_cert_permitted_name_constraints ( botan_x509_cert_t cert,
size_t index,
botan_x509_general_name_t * constraint )

Extracts "permitted" name constraints from a given cert one-by-one. Returns BOTAN_FFI_ERROR_OUT_OF_RANGE if the given index is larger than the available number of "permitted" name constraints.

Definition at line 789 of file ffi_cert.cpp.

791 {
792#if defined(BOTAN_HAS_X509_CERTIFICATES)
793 return BOTAN_FFI_VISIT(cert, [=](const Botan::X509_Certificate& c) {
794 if(Botan::any_null_pointers(constraint)) {
795 return BOTAN_FFI_ERROR_NULL_POINTER;
796 }
797
798 const auto& constraints = c.name_constraints().permitted();
799 if(index >= constraints.size()) {
800 return BOTAN_FFI_ERROR_OUT_OF_RANGE;
801 }
802
803 return ffi_new_object(constraint, std::make_unique<Botan::GeneralName>(constraints[index].base()));
804 });
805#else
806 BOTAN_UNUSED(cert, index, constraint);
807 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
808#endif
809}
Botan::NameConstraints::permitted
const std::vector< GeneralSubtree > & permitted() const
Definition pkix_types.h:426

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_ERROR_OUT_OF_RANGE, BOTAN_FFI_VISIT, BOTAN_UNUSED, Botan_FFI::ffi_new_object(), Botan::X509_Certificate::name_constraints(), and Botan::NameConstraints::permitted().

◆ botan_x509_cert_permitted_name_constraints_count()

int botan_x509_cert_permitted_name_constraints_count ( botan_x509_cert_t cert,
size_t * count )

Definition at line 811 of file ffi_cert.cpp.

811 {
812#if defined(BOTAN_HAS_X509_CERTIFICATES)
813 if(Botan::any_null_pointers(count)) {
814 return BOTAN_FFI_ERROR_NULL_POINTER;
815 }
816
817 return BOTAN_FFI_VISIT(cert, [=](const auto& c) { *count = c.name_constraints().permitted().size(); });
818#else
819 BOTAN_UNUSED(cert, count);
820 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
821#endif
822}

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_cert_serial_number()

int botan_x509_cert_serial_number ( botan_x509_cert_t cert,
botan_mp_t * serial_number )

Definition at line 649 of file ffi_cert.cpp.

649 {
650#if defined(BOTAN_HAS_X509_CERTIFICATES)
651 return BOTAN_FFI_VISIT(cert, [=](const Botan::X509_Certificate& c) {
652 if(Botan::any_null_pointers(serial_number)) {
653 return BOTAN_FFI_ERROR_NULL_POINTER;
654 }
655
656 auto serial_bn = Botan::BigInt::from_bytes(c.serial_number());
657 return ffi_new_object(serial_number, std::make_unique<Botan::BigInt>(std::move(serial_bn)));
658 });
659#else
660 BOTAN_UNUSED(cert, serial_number);
661 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
662#endif
663}
Botan::BigInt::from_bytes
static BigInt from_bytes(std::span< const uint8_t > bytes)
Definition bigint.cpp:83
Botan::X509_Certificate::serial_number
const std::vector< uint8_t > & serial_number() const
Definition x509cert.cpp:402

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, BOTAN_UNUSED, Botan_FFI::ffi_new_object(), Botan::BigInt::from_bytes(), and Botan::X509_Certificate::serial_number().

◆ botan_x509_cert_subject_alternative_names()

int botan_x509_cert_subject_alternative_names ( botan_x509_cert_t cert,
size_t index,
botan_x509_general_name_t * alt_name )

Provides access to all "subject alternative names", where each entry is returned as a botan_x509_general_name_t. If the given index is not within range of the available entries, BOTAN_FFI_ERROR_OUT_OF_RANGE is returned. If cert does not contain a SubjectAlternativeNames extension, BOTAN_FFI_ERROR_NO_VALUE is returned.

Definition at line 859 of file ffi_cert.cpp.

861 {
862#if defined(BOTAN_HAS_X509_CERTIFICATES)
863 return BOTAN_FFI_VISIT(cert, [=](const Botan::X509_Certificate& c) {
864 if(Botan::any_null_pointers(alt_name)) {
865 return BOTAN_FFI_ERROR_NULL_POINTER;
866 }
867
868 if(!c.v3_extensions().extension_set(Botan::OID::from_string("X509v3.SubjectAlternativeName"))) {
869 return BOTAN_FFI_ERROR_NO_VALUE;
870 }
871
872 if(auto name = extract_general_name_at(c.subject_alt_name(), index)) {
873 return ffi_new_object(alt_name, std::make_unique<Botan::GeneralName>(std::move(name).value()));
874 }
875
876 return BOTAN_FFI_ERROR_OUT_OF_RANGE;
877 });
878#else
879 BOTAN_UNUSED(cert, index, alt_name);
880 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
881#endif
882}
Botan::X509_Certificate::subject_alt_name
const AlternativeName & subject_alt_name() const
Definition x509cert.cpp:571

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NO_VALUE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_ERROR_OUT_OF_RANGE, BOTAN_FFI_VISIT, BOTAN_UNUSED, Botan::Extensions::extension_set(), Botan_FFI::ffi_new_object(), Botan::OID::from_string(), Botan::X509_Certificate::subject_alt_name(), and Botan::X509_Certificate::v3_extensions().

◆ botan_x509_cert_subject_alternative_names_count()

int botan_x509_cert_subject_alternative_names_count ( botan_x509_cert_t cert,
size_t * count )

Definition at line 884 of file ffi_cert.cpp.

884 {
885#if defined(BOTAN_HAS_X509_CERTIFICATES)
886 if(Botan::any_null_pointers(count)) {
887 return BOTAN_FFI_ERROR_NULL_POINTER;
888 }
889
890 return BOTAN_FFI_VISIT(
891 cert, [=](const Botan::X509_Certificate& c) { *count = count_general_names_in(c.subject_alt_name()); });
892#else
893 BOTAN_UNUSED(cert, count);
894 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
895#endif
896}

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan::X509_Certificate::subject_alt_name().

◆ botan_x509_cert_to_string()

int botan_x509_cert_to_string ( botan_x509_cert_t cert,
char out[],
size_t * out_len )

Definition at line 541 of file ffi_cert.cpp.

541 {
542 return copy_view_str(reinterpret_cast<uint8_t*>(out), out_len, botan_x509_cert_view_as_string, cert);
543}
botan_x509_cert_view_as_string
int botan_x509_cert_view_as_string(botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_cert.cpp:545
Botan_FFI::copy_view_str
int copy_view_str(uint8_t out[], size_t *out_len, Fn fn, Args... args)
Definition ffi_util.h:217

References botan_x509_cert_view_as_string(), and Botan_FFI::copy_view_str().

◆ botan_x509_cert_validation_status()

const char * botan_x509_cert_validation_status ( int code)

Returns a pointer to a static character string explaining the status code, or else NULL if unknown.

Definition at line 1017 of file ffi_cert.cpp.

1017 {
1018 if(code < 0) {
1019 return nullptr;
1020 }
1021
1022#if defined(BOTAN_HAS_X509_CERTIFICATES)
1023 const Botan::Certificate_Status_Code sc = static_cast<Botan::Certificate_Status_Code>(code);
1024 return Botan::to_string(sc);
1025#else
1026 return nullptr;
1027#endif
1028}
Botan::Certificate_Status_Code
Certificate_Status_Code
Definition pkix_enums.h:20
Botan::to_string
std::string to_string(ErrorType type)
Convert an ErrorType to string.
Definition exceptn.cpp:13

References Botan::to_string().

◆ botan_x509_cert_verify()

int botan_x509_cert_verify ( int * validation_result,
botan_x509_cert_t cert,
const botan_x509_cert_t * intermediates,
size_t intermediates_len,
const botan_x509_cert_t * trusted,
size_t trusted_len,
const char * trusted_path,
size_t required_strength,
const char * hostname,
uint64_t reference_time )

Returns 0 if the validation was successful, 1 if validation failed, and negative on error. A status code with details is written to *validation_result

Intermediates or trusted lists can be null Trusted path can be null

Definition at line 950 of file ffi_cert.cpp.

959 {
960 if(required_strength == 0) {
961 required_strength = 110;
962 }
963
964#if defined(BOTAN_HAS_X509_CERTIFICATES)
965 return ffi_guard_thunk(__func__, [=]() -> int {
966 const std::string hostname((hostname_cstr == nullptr) ? "" : hostname_cstr);
967 const Botan::Usage_Type usage = Botan::Usage_Type::UNSPECIFIED;
968 const auto validation_time = reference_time == 0
969 ? std::chrono::system_clock::now()
970 : std::chrono::system_clock::from_time_t(static_cast<time_t>(reference_time));
971
972 std::vector<Botan::X509_Certificate> end_certs;
973 end_certs.push_back(safe_get(cert));
974 for(size_t i = 0; i != intermediates_len; ++i) {
975 end_certs.push_back(safe_get(intermediates[i]));
976 }
977
978 std::unique_ptr<Botan::Certificate_Store> trusted_from_path;
979 std::unique_ptr<Botan::Certificate_Store_In_Memory> trusted_extra;
980 std::vector<Botan::Certificate_Store*> trusted_roots;
981
982 if(trusted_path != nullptr && *trusted_path != 0) {
983 trusted_from_path = std::make_unique<Botan::Certificate_Store_In_Memory>(trusted_path);
984 trusted_roots.push_back(trusted_from_path.get());
985 }
986
987 if(trusted_len > 0) {
988 trusted_extra = std::make_unique<Botan::Certificate_Store_In_Memory>();
989 for(size_t i = 0; i != trusted_len; ++i) {
990 trusted_extra->add_certificate(safe_get(trusted[i]));
991 }
992 trusted_roots.push_back(trusted_extra.get());
993 }
994
995 const Botan::Path_Validation_Restrictions restrictions(false, required_strength);
996
997 auto validation_result =
998 Botan::x509_path_validate(end_certs, restrictions, trusted_roots, hostname, usage, validation_time);
999
1000 if(result_code != nullptr) {
1001 *result_code = static_cast<int>(validation_result.result());
1002 }
1003
1004 if(validation_result.successful_validation()) {
1005 return 0;
1006 } else {
1007 return 1;
1008 }
1009 });
1010#else
1011 BOTAN_UNUSED(result_code, cert, intermediates, intermediates_len, trusted);
1012 BOTAN_UNUSED(trusted_len, trusted_path, hostname_cstr, reference_time);
1013 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1014#endif
1015}
Botan::Path_Validation_Restrictions
Definition x509path.h:33
Botan::x509_path_validate
Path_Validation_Result x509_path_validate(const std::vector< X509_Certificate > &end_certs, const Path_Validation_Restrictions &restrictions, const std::vector< Certificate_Store * > &trusted_roots, std::string_view hostname, Usage_Type usage, std::chrono::system_clock::time_point ref_time, std::chrono::milliseconds ocsp_timeout, const std::vector< std::optional< OCSP::Response > > &ocsp_resp)
Definition x509path.cpp:868

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), Botan_FFI::safe_get(), Botan::UNSPECIFIED, and Botan::x509_path_validate().

◆ botan_x509_cert_verify_with_crl()

int botan_x509_cert_verify_with_crl ( int * validation_result,
botan_x509_cert_t cert,
const botan_x509_cert_t * intermediates,
size_t intermediates_len,
const botan_x509_cert_t * trusted,
size_t trusted_len,
const botan_x509_crl_t * crls,
size_t crls_len,
const char * trusted_path,
size_t required_strength,
const char * hostname,
uint64_t reference_time )

Different flavor of botan_x509_cert_verify, supports revocation lists. CRLs are passed as an array, same as intermediates and trusted CAs

Definition at line 1420 of file ffi_cert.cpp.

1431 {
1432 if(required_strength == 0) {
1433 required_strength = 110;
1434 }
1435
1436#if defined(BOTAN_HAS_X509_CERTIFICATES)
1437 return ffi_guard_thunk(__func__, [=]() -> int {
1438 const std::string hostname((hostname_cstr == nullptr) ? "" : hostname_cstr);
1439 const Botan::Usage_Type usage = Botan::Usage_Type::UNSPECIFIED;
1440 const auto validation_time = reference_time == 0
1441 ? std::chrono::system_clock::now()
1442 : std::chrono::system_clock::from_time_t(static_cast<time_t>(reference_time));
1443
1444 std::vector<Botan::X509_Certificate> end_certs;
1445 end_certs.push_back(safe_get(cert));
1446 for(size_t i = 0; i != intermediates_len; ++i) {
1447 end_certs.push_back(safe_get(intermediates[i]));
1448 }
1449
1450 std::unique_ptr<Botan::Certificate_Store> trusted_from_path;
1451 std::unique_ptr<Botan::Certificate_Store_In_Memory> trusted_extra;
1452 std::unique_ptr<Botan::Certificate_Store_In_Memory> trusted_crls;
1453 std::vector<Botan::Certificate_Store*> trusted_roots;
1454
1455 if(trusted_path != nullptr && *trusted_path != 0) {
1456 trusted_from_path = std::make_unique<Botan::Certificate_Store_In_Memory>(trusted_path);
1457 trusted_roots.push_back(trusted_from_path.get());
1458 }
1459
1460 if(trusted_len > 0) {
1461 trusted_extra = std::make_unique<Botan::Certificate_Store_In_Memory>();
1462 for(size_t i = 0; i != trusted_len; ++i) {
1463 trusted_extra->add_certificate(safe_get(trusted[i]));
1464 }
1465 trusted_roots.push_back(trusted_extra.get());
1466 }
1467
1468 if(crls_len > 0) {
1469 trusted_crls = std::make_unique<Botan::Certificate_Store_In_Memory>();
1470 for(size_t i = 0; i != crls_len; ++i) {
1471 trusted_crls->add_crl(safe_get(crls[i]));
1472 }
1473 trusted_roots.push_back(trusted_crls.get());
1474 }
1475
1476 const Botan::Path_Validation_Restrictions restrictions(false, required_strength);
1477
1478 auto validation_result =
1479 Botan::x509_path_validate(end_certs, restrictions, trusted_roots, hostname, usage, validation_time);
1480
1481 if(result_code != nullptr) {
1482 *result_code = static_cast<int>(validation_result.result());
1483 }
1484
1485 if(validation_result.successful_validation()) {
1486 return 0;
1487 } else {
1488 return 1;
1489 }
1490 });
1491#else
1492 BOTAN_UNUSED(result_code, cert, intermediates, intermediates_len, trusted);
1493 BOTAN_UNUSED(trusted_len, trusted_path, hostname_cstr, reference_time, crls, crls_len);
1494 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1495#endif
1496}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), Botan_FFI::safe_get(), Botan::UNSPECIFIED, and Botan::x509_path_validate().

◆ botan_x509_cert_view_as_string()

int botan_x509_cert_view_as_string ( botan_x509_cert_t cert,
botan_view_ctx ctx,
botan_view_str_fn view )

Definition at line 545 of file ffi_cert.cpp.

545 {
546#if defined(BOTAN_HAS_X509_CERTIFICATES)
547 return BOTAN_FFI_VISIT(cert, [=](const auto& c) { return invoke_view_callback(view, ctx, c.to_string()); });
548#else
549 BOTAN_UNUSED(cert, ctx, view);
550 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
551#endif
552}
Botan_FFI::invoke_view_callback
int invoke_view_callback(botan_view_bin_fn view, botan_view_ctx ctx, std::span< const uint8_t > buf)
Definition ffi_util.h:187

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::invoke_view_callback().

Referenced by botan_x509_cert_to_string().

◆ botan_x509_cert_view_binary_values()

int botan_x509_cert_view_binary_values ( botan_x509_cert_t cert,
botan_x509_value_type value_type,
size_t index,
botan_view_ctx ctx,
botan_view_bin_fn view )

Retrieve a specific binary value from an X.509 certificate.

For multi-values index allows enumerating the available entries, until BOTAN_FFI_ERROR_OUT_OF_RANGE is returned. For singleton values, an index of value "0" is expected.

Returns
BOTAN_FFI_ERROR_NO_VALUE if the provided cert does not provide the requested value_type at all or not in binary format.

Definition at line 278 of file ffi_cert.cpp.

282 {
283#if defined(BOTAN_HAS_X509_CERTIFICATES)
284 if(index != 0) {
285 // As of now there are no multi-value binary entries.
286 return BOTAN_FFI_ERROR_OUT_OF_RANGE;
287 }
288
289 auto view = [=](std::span<const uint8_t> value) -> int {
290 if(value.empty()) {
291 return BOTAN_FFI_ERROR_NO_VALUE;
292 } else {
293 return invoke_view_callback(view_fn, ctx, value);
294 }
295 };
296
297 return BOTAN_FFI_VISIT(cert, [=](const Botan::X509_Certificate& c) -> int {
298 switch(value_type) {
299 case BOTAN_X509_SERIAL_NUMBER:
300 return view(c.serial_number());
301 case BOTAN_X509_SUBJECT_DN_BITS:
302 return view(c.raw_subject_dn());
303 case BOTAN_X509_ISSUER_DN_BITS:
304 return view(c.raw_issuer_dn());
305 case BOTAN_X509_SUBJECT_KEY_IDENTIFIER:
306 return view(c.subject_key_id());
307 case BOTAN_X509_AUTHORITY_KEY_IDENTIFIER:
308 return view(c.authority_key_id());
309 case BOTAN_X509_PUBLIC_KEY_PKCS8_BITS:
310 return view(c.subject_public_key_info());
311
312 case BOTAN_X509_TBS_DATA_BITS:
313 case BOTAN_X509_SIGNATURE_SCHEME_BITS:
314 case BOTAN_X509_SIGNATURE_BITS:
315 case BOTAN_X509_DER_ENCODING:
316 return botan_x509_object_view_value(c, value_type, index, ctx, view_fn);
317
318 case BOTAN_X509_PEM_ENCODING:
319 case BOTAN_X509_CRL_DISTRIBUTION_URLS:
320 case BOTAN_X509_OCSP_RESPONDER_URLS:
321 case BOTAN_X509_CA_ISSUERS_URLS:
322 return BOTAN_FFI_ERROR_NO_VALUE;
323 }
324
325 return BOTAN_FFI_ERROR_BAD_PARAMETER;
326 });
327#else
328 BOTAN_UNUSED(cert, value_type, index, ctx, view_fn);
329 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
330#endif
331}
Botan::X509_Certificate::authority_key_id
const std::vector< uint8_t > & authority_key_id() const
Definition x509cert.cpp:394
Botan::X509_Certificate::raw_subject_dn
const std::vector< uint8_t > & raw_subject_dn() const
Definition x509cert.cpp:422
Botan::X509_Certificate::subject_key_id
const std::vector< uint8_t > & subject_key_id() const
Definition x509cert.cpp:398
Botan::X509_Certificate::raw_issuer_dn
const std::vector< uint8_t > & raw_issuer_dn() const
Definition x509cert.cpp:418
Botan::X509_Certificate::subject_public_key_info
const std::vector< uint8_t > & subject_public_key_info() const
Definition x509cert.cpp:378
BOTAN_X509_AUTHORITY_KEY_IDENTIFIER
@ BOTAN_X509_AUTHORITY_KEY_IDENTIFIER
Definition ffi.h:2251
BOTAN_X509_SUBJECT_KEY_IDENTIFIER
@ BOTAN_X509_SUBJECT_KEY_IDENTIFIER
Definition ffi.h:2250
BOTAN_X509_TBS_DATA_BITS
@ BOTAN_X509_TBS_DATA_BITS
Definition ffi.h:2254
BOTAN_X509_SIGNATURE_BITS
@ BOTAN_X509_SIGNATURE_BITS
Definition ffi.h:2256
BOTAN_X509_PUBLIC_KEY_PKCS8_BITS
@ BOTAN_X509_PUBLIC_KEY_PKCS8_BITS
Definition ffi.h:2253
BOTAN_X509_DER_ENCODING
@ BOTAN_X509_DER_ENCODING
Definition ffi.h:2258
BOTAN_X509_PEM_ENCODING
@ BOTAN_X509_PEM_ENCODING
Definition ffi.h:2259
BOTAN_X509_OCSP_RESPONDER_URLS
@ BOTAN_X509_OCSP_RESPONDER_URLS
Definition ffi.h:2262
BOTAN_X509_SIGNATURE_SCHEME_BITS
@ BOTAN_X509_SIGNATURE_SCHEME_BITS
Definition ffi.h:2255
BOTAN_X509_SUBJECT_DN_BITS
@ BOTAN_X509_SUBJECT_DN_BITS
Definition ffi.h:2248
BOTAN_X509_CRL_DISTRIBUTION_URLS
@ BOTAN_X509_CRL_DISTRIBUTION_URLS
Definition ffi.h:2261
BOTAN_X509_SERIAL_NUMBER
@ BOTAN_X509_SERIAL_NUMBER
Definition ffi.h:2247
BOTAN_X509_ISSUER_DN_BITS
@ BOTAN_X509_ISSUER_DN_BITS
Definition ffi.h:2249
BOTAN_X509_CA_ISSUERS_URLS
@ BOTAN_X509_CA_ISSUERS_URLS
Definition ffi.h:2263

References Botan::X509_Certificate::authority_key_id(), BOTAN_FFI_ERROR_BAD_PARAMETER, BOTAN_FFI_ERROR_NO_VALUE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_OUT_OF_RANGE, BOTAN_FFI_VISIT, BOTAN_UNUSED, BOTAN_X509_AUTHORITY_KEY_IDENTIFIER, BOTAN_X509_CA_ISSUERS_URLS, BOTAN_X509_CRL_DISTRIBUTION_URLS, BOTAN_X509_DER_ENCODING, BOTAN_X509_ISSUER_DN_BITS, BOTAN_X509_OCSP_RESPONDER_URLS, BOTAN_X509_PEM_ENCODING, BOTAN_X509_PUBLIC_KEY_PKCS8_BITS, BOTAN_X509_SERIAL_NUMBER, BOTAN_X509_SIGNATURE_BITS, BOTAN_X509_SIGNATURE_SCHEME_BITS, BOTAN_X509_SUBJECT_DN_BITS, BOTAN_X509_SUBJECT_KEY_IDENTIFIER, BOTAN_X509_TBS_DATA_BITS, Botan_FFI::invoke_view_callback(), Botan::X509_Certificate::raw_issuer_dn(), Botan::X509_Certificate::raw_subject_dn(), Botan::X509_Certificate::serial_number(), Botan::X509_Certificate::subject_key_id(), and Botan::X509_Certificate::subject_public_key_info().

Referenced by botan_x509_cert_view_binary_values_count().

◆ botan_x509_cert_view_binary_values_count()

int botan_x509_cert_view_binary_values_count ( botan_x509_cert_t cert,
botan_x509_value_type value_type,
size_t * count )

Definition at line 333 of file ffi_cert.cpp.

333 {
334#if defined(BOTAN_HAS_X509_CERTIFICATES)
335 return enumerator_count_values(count, [=](size_t index) {
336 return botan_x509_cert_view_binary_values(
337 cert, value_type, index, nullptr, [](auto, auto, auto) -> int { return BOTAN_FFI_SUCCESS; });
338 });
339#else
340 BOTAN_UNUSED(cert, value_type, count);
341 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
342#endif
343}
botan_x509_cert_view_binary_values
int botan_x509_cert_view_binary_values(botan_x509_cert_t cert, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_bin_fn view_fn)
Definition ffi_cert.cpp:278

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_SUCCESS, BOTAN_UNUSED, and botan_x509_cert_view_binary_values().

◆ botan_x509_cert_view_public_key_bits()

int botan_x509_cert_view_public_key_bits ( botan_x509_cert_t cert,
botan_view_ctx ctx,
botan_view_bin_fn view )

Definition at line 700 of file ffi_cert.cpp.

700 {
701#if defined(BOTAN_HAS_X509_CERTIFICATES)
702 return BOTAN_FFI_VISIT(cert,
703 [=](const auto& c) { return invoke_view_callback(view, ctx, c.subject_public_key_bits()); });
704#else
705 BOTAN_UNUSED(cert, ctx, view);
706 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
707#endif
708}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::invoke_view_callback().

Referenced by botan_x509_cert_get_public_key_bits().

◆ botan_x509_cert_view_string_values()

int botan_x509_cert_view_string_values ( botan_x509_cert_t cert,
botan_x509_value_type value_type,
size_t index,
botan_view_ctx ctx,
botan_view_str_fn view )

Retrieve a specific string value from an X.509 certificate.

For multi-values index allows enumerating the available entries, until BOTAN_FFI_ERROR_OUT_OF_RANGE is returned. For singleton values, an index of value "0" is expected.

Returns
BOTAN_FFI_ERROR_NO_VALUE if the provided cert does not provide the requested value_type at all or not in string format.

Definition at line 345 of file ffi_cert.cpp.

349 {
350#if defined(BOTAN_HAS_X509_CERTIFICATES)
351 auto enumerate = [view_fn, ctx](auto values, size_t idx) -> int {
352 if(idx >= values.size()) {
353 return BOTAN_FFI_ERROR_OUT_OF_RANGE;
354 } else {
355 return invoke_view_callback(view_fn, ctx, values[idx]);
356 }
357 };
358
359 auto enumerate_crl_distribution_points = [view_fn, ctx](const Botan::X509_Certificate& c, size_t idx) -> int {
360 const auto* crl_dp_ext =
361 c.v3_extensions().get_extension_object_as<Botan::Cert_Extension::CRL_Distribution_Points>();
362 if(crl_dp_ext == nullptr) {
363 return BOTAN_FFI_ERROR_OUT_OF_RANGE; // essentially an empty list
364 }
365
366 const auto& dps = crl_dp_ext->distribution_points();
367 for(size_t i = idx; const auto& dp : dps) {
368 const auto& uris = dp.point().uris();
369 if(i >= uris.size()) {
370 i -= uris.size();
371 continue;
372 }
373
374 auto itr = uris.begin();
375 std::advance(itr, i);
376 return invoke_view_callback(view_fn, ctx, *itr);
377 }
378
379 return BOTAN_FFI_ERROR_OUT_OF_RANGE;
380 };
381
382 return BOTAN_FFI_VISIT(cert, [=](const Botan::X509_Certificate& c) -> int {
383 switch(value_type) {
384 case BOTAN_X509_CRL_DISTRIBUTION_URLS:
385 return enumerate_crl_distribution_points(c, index);
386 case BOTAN_X509_OCSP_RESPONDER_URLS:
387 return enumerate(c.ocsp_responders(), index);
388 case BOTAN_X509_CA_ISSUERS_URLS:
389 return enumerate(c.ca_issuers(), index);
390 case BOTAN_X509_PEM_ENCODING:
391 return botan_x509_object_view_value(c, value_type, index, ctx, view_fn);
392
393 case BOTAN_X509_SERIAL_NUMBER:
394 case BOTAN_X509_SUBJECT_DN_BITS:
395 case BOTAN_X509_ISSUER_DN_BITS:
396 case BOTAN_X509_SUBJECT_KEY_IDENTIFIER:
397 case BOTAN_X509_AUTHORITY_KEY_IDENTIFIER:
398 case BOTAN_X509_PUBLIC_KEY_PKCS8_BITS:
399 case BOTAN_X509_TBS_DATA_BITS:
400 case BOTAN_X509_SIGNATURE_SCHEME_BITS:
401 case BOTAN_X509_SIGNATURE_BITS:
402 case BOTAN_X509_DER_ENCODING:
403 return BOTAN_FFI_ERROR_NO_VALUE;
404 }
405
406 return BOTAN_FFI_ERROR_BAD_PARAMETER;
407 });
408#else
409 BOTAN_UNUSED(cert, value_type, index, ctx, view_fn);
410 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
411#endif
412}
Botan::Cert_Extension::CRL_Distribution_Points
Definition x509_ext.h:427
Botan::Cert_Extension::CRL_Distribution_Points::distribution_points
const std::vector< Distribution_Point > & distribution_points() const
Definition x509_ext.h:450
Botan::X509_Certificate::ocsp_responders
const std::vector< std::string > & ocsp_responders() const
Definition x509cert.cpp:551
Botan::X509_Certificate::ca_issuers
std::vector< std::string > ca_issuers() const
Definition x509cert.cpp:555

References BOTAN_FFI_ERROR_BAD_PARAMETER, BOTAN_FFI_ERROR_NO_VALUE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_OUT_OF_RANGE, BOTAN_FFI_VISIT, BOTAN_UNUSED, BOTAN_X509_AUTHORITY_KEY_IDENTIFIER, BOTAN_X509_CA_ISSUERS_URLS, BOTAN_X509_CRL_DISTRIBUTION_URLS, BOTAN_X509_DER_ENCODING, BOTAN_X509_ISSUER_DN_BITS, BOTAN_X509_OCSP_RESPONDER_URLS, BOTAN_X509_PEM_ENCODING, BOTAN_X509_PUBLIC_KEY_PKCS8_BITS, BOTAN_X509_SERIAL_NUMBER, BOTAN_X509_SIGNATURE_BITS, BOTAN_X509_SIGNATURE_SCHEME_BITS, BOTAN_X509_SUBJECT_DN_BITS, BOTAN_X509_SUBJECT_KEY_IDENTIFIER, BOTAN_X509_TBS_DATA_BITS, Botan::Cert_Extension::CRL_Distribution_Points::distribution_points(), and Botan_FFI::invoke_view_callback().

Referenced by botan_x509_cert_view_string_values_count().

◆ botan_x509_cert_view_string_values_count()

int botan_x509_cert_view_string_values_count ( botan_x509_cert_t cert,
botan_x509_value_type value_type,
size_t * count )

Definition at line 414 of file ffi_cert.cpp.

414 {
415#if defined(BOTAN_HAS_X509_CERTIFICATES)
416 return enumerator_count_values(count, [=](size_t index) {
417 return botan_x509_cert_view_string_values(
418 cert, value_type, index, nullptr, [](auto, auto, auto) -> int { return BOTAN_FFI_SUCCESS; });
419 });
420#else
421 BOTAN_UNUSED(cert, value_type, count);
422 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
423#endif
424}
botan_x509_cert_view_string_values
int botan_x509_cert_view_string_values(botan_x509_cert_t cert, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_str_fn view_fn)
Definition ffi_cert.cpp:345

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_SUCCESS, BOTAN_UNUSED, and botan_x509_cert_view_string_values().

◆ botan_x509_crl_create()

int botan_x509_crl_create ( botan_x509_crl_t * crl_obj,
botan_rng_t rng,
botan_x509_cert_t ca_cert,
botan_privkey_t ca_key,
uint64_t issue_time,
uint32_t next_update,
const char * hash_fn,
const char * padding )

Create a new CRL

Parameters
crl_objThe newly created CRL
rnga random number generator object
ca_certThe CA Certificate the CRL belongs to
ca_keyThe private key of that CA
issue_timeThe time when the CRL becomes valid
next_updateThe number of seconds after issue_time until the CRL expires
hash_fnThe hash function to use, may be null
paddingThe padding to use, may be null

Definition at line 1100 of file ffi_cert.cpp.

1107 {
1108 if(Botan::any_null_pointers(crl_obj)) {
1109 return BOTAN_FFI_ERROR_NULL_POINTER;
1110 }
1111#if defined(BOTAN_HAS_X509_CERTIFICATES)
1112 return ffi_guard_thunk(__func__, [=]() -> int {
1113 auto& rng_ = safe_get(rng);
1114 auto ca = Botan::X509_CA(
1115 safe_get(ca_cert), safe_get(ca_key), default_from_ptr(hash_fn), default_from_ptr(padding), rng_);
1116 auto crl = std::make_unique<Botan::X509_CRL>(
1117 ca.new_crl(rng_, timepoint_from_timestamp(issue_time), std::chrono::seconds(next_update)));
1118 return ffi_new_object(crl_obj, std::move(crl));
1119 });
1120#else
1121 BOTAN_UNUSED(rng, ca_cert, ca_key, hash_fn, padding, issue_time, next_update);
1122 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1123#endif
1124}
Botan::X509_CA
Definition x509_ca.h:27

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), Botan_FFI::ffi_new_object(), and Botan_FFI::safe_get().

◆ botan_x509_crl_destroy()

int botan_x509_crl_destroy ( botan_x509_crl_t crl)

Definition at line 1190 of file ffi_cert.cpp.

1190 {
1191#if defined(BOTAN_HAS_X509_CERTIFICATES)
1192 return BOTAN_FFI_CHECKED_DELETE(crl);
1193#else
1194 BOTAN_UNUSED(crl);
1195 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1196#endif
1197}

References BOTAN_FFI_CHECKED_DELETE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, and BOTAN_UNUSED.

◆ botan_x509_crl_entries()

int botan_x509_crl_entries ( botan_x509_crl_t crl,
size_t index,
botan_x509_crl_entry_t * entry )

Allows iterating all entries of the CRL.

Parameters
crlthe CRL whose entries should be listed
indexthe index of the CRL entry to return
entryan object handle containing the CRL entry data
Returns
BOTAN_FFI_ERROR_OUT_OF_RANGE if the given index is out of range of the CRL entry list.

Definition at line 1320 of file ffi_cert.cpp.

1320 {
1321#if defined(BOTAN_HAS_X509_CERTIFICATES)
1322 return BOTAN_FFI_VISIT(crl, [=](const Botan::X509_CRL& c) -> int {
1323 const auto& entries = c.get_revoked();
1324 if(index >= entries.size()) {
1325 return BOTAN_FFI_ERROR_OUT_OF_RANGE;
1326 }
1327
1328 if(Botan::any_null_pointers(entry)) {
1329 return BOTAN_FFI_ERROR_NULL_POINTER;
1330 }
1331
1332 return ffi_new_object(entry, std::make_unique<Botan::CRL_Entry>(entries[index]));
1333 });
1334#else
1335 BOTAN_UNUSED(crl, index, entry);
1336 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1337#endif
1338}
Botan::X509_CRL
Definition x509_crl.h:90
Botan::X509_CRL::get_revoked
const std::vector< CRL_Entry > & get_revoked() const
Definition x509_crl.cpp:203

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_ERROR_OUT_OF_RANGE, BOTAN_FFI_VISIT, BOTAN_UNUSED, Botan_FFI::ffi_new_object(), and Botan::X509_CRL::get_revoked().

◆ botan_x509_crl_entries_count()

int botan_x509_crl_entries_count ( botan_x509_crl_t crl,
size_t * count )

Definition at line 1340 of file ffi_cert.cpp.

1340 {
1341#if defined(BOTAN_HAS_X509_CERTIFICATES)
1342 if(Botan::any_null_pointers(count)) {
1343 return BOTAN_FFI_ERROR_NULL_POINTER;
1344 }
1345
1346 return BOTAN_FFI_VISIT(crl, [=](const Botan::X509_CRL& c) { *count = c.get_revoked().size(); });
1347#else
1348 BOTAN_UNUSED(crl, count);
1349 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1350#endif
1351}

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan::X509_CRL::get_revoked().

◆ botan_x509_crl_entry_create()

int botan_x509_crl_entry_create ( botan_x509_crl_entry_t * entry,
botan_x509_cert_t cert,
int reason_code )

Create a new CRL entry that marks cert as revoked

Parameters
entryThe newly created CRL entry
certThe certificate to mark as revoked
reason_codeThe reason code for revocation

Definition at line 1126 of file ffi_cert.cpp.

1126 {
1127 if(Botan::any_null_pointers(entry)) {
1128 return BOTAN_FFI_ERROR_NULL_POINTER;
1129 }
1130#if defined(BOTAN_HAS_X509_CERTIFICATES)
1131 return ffi_guard_thunk(__func__, [=]() -> int {
1132 return ffi_new_object(
1133 entry, std::make_unique<Botan::CRL_Entry>(safe_get(cert), static_cast<Botan::CRL_Code>(reason_code)));
1134 });
1135#else
1136 BOTAN_UNUSED(cert, reason_code);
1137 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1138#endif
1139}

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), Botan_FFI::ffi_new_object(), and Botan_FFI::safe_get().

◆ botan_x509_crl_entry_destroy()

int botan_x509_crl_entry_destroy ( botan_x509_crl_entry_t entry)

Definition at line 1353 of file ffi_cert.cpp.

1353 {
1354#if defined(BOTAN_HAS_X509_CERTIFICATES)
1355 return BOTAN_FFI_CHECKED_DELETE(entry);
1356#else
1357 BOTAN_UNUSED(entry);
1358 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1359#endif
1360}

References BOTAN_FFI_CHECKED_DELETE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, and BOTAN_UNUSED.

◆ botan_x509_crl_entry_reason()

int botan_x509_crl_entry_reason ( botan_x509_crl_entry_t entry,
int * reason_code )

Return the revocation reason code for the given CRL entry. See botan_x509_crl_reason_code and RFC 5280 - 5.3.1 for possible reason codes.

Definition at line 1362 of file ffi_cert.cpp.

1362 {
1363#if defined(BOTAN_HAS_X509_CERTIFICATES)
1364 return BOTAN_FFI_VISIT(entry, [=](const Botan::CRL_Entry& e) {
1365 if(Botan::any_null_pointers(reason_code)) {
1366 return BOTAN_FFI_ERROR_NULL_POINTER;
1367 }
1368
1369 *reason_code = static_cast<int>(e.reason_code());
1370 return BOTAN_FFI_SUCCESS;
1371 });
1372#else
1373 BOTAN_UNUSED(entry, reason_code);
1374 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1375#endif
1376}
Botan::CRL_Entry
Definition x509_crl.h:29
Botan::CRL_Entry::reason_code
CRL_Code reason_code() const
Definition crl_ent.cpp:147

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan::CRL_Entry::reason_code().

◆ botan_x509_crl_entry_revocation_date()

int botan_x509_crl_entry_revocation_date ( botan_x509_crl_entry_t entry,
uint64_t * time_since_epoch )

Return the revocation date for the given CRL entry as time since epoch in seconds.

Definition at line 1404 of file ffi_cert.cpp.

1404 {
1405#if defined(BOTAN_HAS_X509_CERTIFICATES)
1406 return BOTAN_FFI_VISIT(entry, [=](const Botan::CRL_Entry& e) {
1407 if(Botan::any_null_pointers(time_since_epoch)) {
1408 return BOTAN_FFI_ERROR_NULL_POINTER;
1409 }
1410
1411 *time_since_epoch = e.expire_time().time_since_epoch();
1412 return BOTAN_FFI_SUCCESS;
1413 });
1414#else
1415 BOTAN_UNUSED(entry, time_since_epoch);
1416 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1417#endif
1418}
Botan::ASN1_Time::time_since_epoch
uint64_t time_since_epoch() const
Return time since epoch.
Definition asn1_time.cpp:260
Botan::CRL_Entry::expire_time
const X509_Time & expire_time() const
Definition crl_ent.cpp:143

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, BOTAN_UNUSED, Botan::CRL_Entry::expire_time(), and Botan::ASN1_Time::time_since_epoch().

◆ botan_x509_crl_entry_serial_number()

int botan_x509_crl_entry_serial_number ( botan_x509_crl_entry_t entry,
botan_mp_t * serial_number )

Return the serial number associated with the given CRL entry.

Definition at line 1378 of file ffi_cert.cpp.

1378 {
1379#if defined(BOTAN_HAS_X509_CERTIFICATES)
1380 return BOTAN_FFI_VISIT(entry, [=](const Botan::CRL_Entry& e) {
1381 if(Botan::any_null_pointers(serial_number)) {
1382 return BOTAN_FFI_ERROR_NULL_POINTER;
1383 }
1384
1385 auto serial_bn = Botan::BigInt::from_bytes(e.serial_number());
1386 return ffi_new_object(serial_number, std::make_unique<Botan::BigInt>(std::move(serial_bn)));
1387 });
1388#else
1389 BOTAN_UNUSED(entry, serial_number);
1390 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1391#endif
1392}
Botan::CRL_Entry::serial_number
const std::vector< uint8_t > & serial_number() const
Definition crl_ent.cpp:139

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, BOTAN_UNUSED, Botan_FFI::ffi_new_object(), Botan::BigInt::from_bytes(), and Botan::CRL_Entry::serial_number().

◆ botan_x509_crl_entry_view_serial_number()

int botan_x509_crl_entry_view_serial_number ( botan_x509_crl_entry_t entry,
botan_view_ctx ctx,
botan_view_bin_fn view )

View the serial number associated with the given CRL entry.

Definition at line 1394 of file ffi_cert.cpp.

1394 {
1395#if defined(BOTAN_HAS_X509_CERTIFICATES)
1396 return BOTAN_FFI_VISIT(
1397 entry, [=](const Botan::CRL_Entry& e) { return invoke_view_callback(view, ctx, e.serial_number()); });
1398#else
1399 BOTAN_UNUSED(entry, ctx, view);
1400 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1401#endif
1402}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, Botan_FFI::invoke_view_callback(), and Botan::CRL_Entry::serial_number().

◆ botan_x509_crl_load()

int botan_x509_crl_load ( botan_x509_crl_t * crl_obj,
const uint8_t crl_bits[],
size_t crl_bits_len )

Definition at line 1047 of file ffi_cert.cpp.

1047 {
1048 if(crl_obj == nullptr || crl_bits == nullptr) {
1049 return BOTAN_FFI_ERROR_NULL_POINTER;
1050 }
1051
1052#if defined(BOTAN_HAS_X509_CERTIFICATES)
1053 return ffi_guard_thunk(__func__, [=]() -> int {
1054 Botan::DataSource_Memory bits(crl_bits, crl_bits_len);
1055 auto c = std::make_unique<Botan::X509_CRL>(bits);
1056 return ffi_new_object(crl_obj, std::move(c));
1057 });
1058#else
1059 BOTAN_UNUSED(crl_bits_len);
1060 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1061#endif
1062}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), and Botan_FFI::ffi_new_object().

◆ botan_x509_crl_load_file()

int botan_x509_crl_load_file ( botan_x509_crl_t * crl_obj,
const char * crl_path )

Definition at line 1030 of file ffi_cert.cpp.

1030 {
1031 if(crl_obj == nullptr || crl_path == nullptr) {
1032 return BOTAN_FFI_ERROR_NULL_POINTER;
1033 }
1034
1035#if defined(BOTAN_HAS_X509_CERTIFICATES) && defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
1036
1037 return ffi_guard_thunk(__func__, [=]() -> int {
1038 auto c = std::make_unique<Botan::X509_CRL>(crl_path);
1039 return ffi_new_object(crl_obj, std::move(c));
1040 });
1041
1042#else
1043 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1044#endif
1045}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, Botan_FFI::ffi_guard_thunk(), and Botan_FFI::ffi_new_object().

◆ botan_x509_crl_next_update()

int botan_x509_crl_next_update ( botan_x509_crl_t crl,
uint64_t * time_since_epoch )

Definition at line 1079 of file ffi_cert.cpp.

1079 {
1080#if defined(BOTAN_HAS_X509_CERTIFICATES)
1081 return BOTAN_FFI_VISIT(crl, [=](const auto& c) {
1082 const auto& time = c.next_update();
1083 if(!time.time_is_set()) {
1084 return BOTAN_FFI_ERROR_NO_VALUE;
1085 }
1086
1087 if(Botan::any_null_pointers(time_since_epoch)) {
1088 return BOTAN_FFI_ERROR_NULL_POINTER;
1089 }
1090
1091 *time_since_epoch = c.next_update().time_since_epoch();
1092 return BOTAN_FFI_SUCCESS;
1093 });
1094#else
1095 BOTAN_UNUSED(crl, time_since_epoch);
1096 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1097#endif
1098}

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NO_VALUE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_crl_this_update()

int botan_x509_crl_this_update ( botan_x509_crl_t crl,
uint64_t * time_since_epoch )

Definition at line 1064 of file ffi_cert.cpp.

1064 {
1065#if defined(BOTAN_HAS_X509_CERTIFICATES)
1066 return BOTAN_FFI_VISIT(crl, [=](const auto& c) {
1067 if(Botan::any_null_pointers(time_since_epoch)) {
1068 return BOTAN_FFI_ERROR_NULL_POINTER;
1069 }
1070 *time_since_epoch = c.this_update().time_since_epoch();
1071 return BOTAN_FFI_SUCCESS;
1072 });
1073#else
1074 BOTAN_UNUSED(crl, time_since_epoch);
1075 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1076#endif
1077}

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, and BOTAN_UNUSED.

◆ botan_x509_crl_update()

int botan_x509_crl_update ( botan_x509_crl_t * crl_obj,
botan_x509_crl_t last_crl,
botan_rng_t rng,
botan_x509_cert_t ca_cert,
botan_privkey_t ca_key,
uint64_t issue_time,
uint32_t next_update,
const botan_x509_crl_entry_t * new_entries,
size_t new_entries_len,
const char * hash_fn,
const char * padding )

Update a CRL with new revoked entries. This does not modify the old crl, and instead creates a new one.

Parameters
crl_objThe newly created CRL
last_crlThe CRL to update
rnga random number generator object
ca_certThe CA Certificate the CRL belongs to
ca_keyThe private key of that CA
issue_timeThe time when the CRL becomes valid
next_updateThe number of seconds after issue_time until the CRL expires
new_entriesThe entries to add to the CRL
new_entries_lenThe number of entries
hash_fnThe hash function to use, may be null
paddingThe padding to use, may be null

Definition at line 1141 of file ffi_cert.cpp.

1151 {
1152 if(Botan::any_null_pointers(crl_obj)) {
1153 return BOTAN_FFI_ERROR_NULL_POINTER;
1154 }
1155 if(new_entries_len > 0 && Botan::any_null_pointers(new_entries)) {
1156 return BOTAN_FFI_ERROR_NULL_POINTER;
1157 }
1158#if defined(BOTAN_HAS_X509_CERTIFICATES)
1159 return ffi_guard_thunk(__func__, [=]() -> int {
1160 auto& rng_ = safe_get(rng);
1161 auto ca = Botan::X509_CA(
1162 safe_get(ca_cert), safe_get(ca_key), default_from_ptr(hash_fn), default_from_ptr(padding), rng_);
1163
1164 std::vector<Botan::CRL_Entry> entries;
1165 entries.reserve(new_entries_len);
1166 for(size_t i = 0; i < new_entries_len; i++) {
1167 entries.push_back(safe_get(new_entries[i]));
1168 }
1169
1170 auto crl = std::make_unique<Botan::X509_CRL>(ca.update_crl(
1171 safe_get(last_crl), entries, rng_, timepoint_from_timestamp(issue_time), std::chrono::seconds(next_update)));
1172 return ffi_new_object(crl_obj, std::move(crl));
1173 });
1174#else
1175 BOTAN_UNUSED(
1176 last_crl, rng, ca_cert, ca_key, hash_fn, padding, issue_time, next_update, new_entries, new_entries_len);
1177 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1178#endif
1179}

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), Botan_FFI::ffi_new_object(), and Botan_FFI::safe_get().

◆ botan_x509_crl_verify_signature()

int botan_x509_crl_verify_signature ( botan_x509_crl_t crl,
botan_pubkey_t key )

Definition at line 1181 of file ffi_cert.cpp.

1181 {
1182#if defined(BOTAN_HAS_X509_CERTIFICATES)
1183 return BOTAN_FFI_VISIT(crl, [=](const auto& c) -> int { return c.check_signature(safe_get(key)) ? 1 : 0; });
1184#else
1185 BOTAN_UNUSED(crl, key);
1186 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1187#endif
1188}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::safe_get().

◆ botan_x509_crl_view_binary_values()

int botan_x509_crl_view_binary_values ( botan_x509_crl_t crl_obj,
botan_x509_value_type value_type,
size_t index,
botan_view_ctx ctx,
botan_view_bin_fn view )

Retrieve a specific binary value from an X.509 certificate revocation list.

For multi-values index allows enumerating the available entries, until BOTAN_FFI_ERROR_OUT_OF_RANGE is returned. For singleton values, an index of value "0" is expected.

Returns
BOTAN_FFI_ERROR_NO_VALUE if the provided crl_obj does not provide the requested value_type at all or not in binary format.

Definition at line 1199 of file ffi_cert.cpp.

1203 {
1204#if defined(BOTAN_HAS_X509_CERTIFICATES)
1205 if(index != 0) {
1206 // As of now there are no multi-value binary entries.
1207 return BOTAN_FFI_ERROR_OUT_OF_RANGE;
1208 }
1209
1210 auto view = [=](std::span<const uint8_t> value) -> int {
1211 if(value.empty()) {
1212 return BOTAN_FFI_ERROR_NO_VALUE;
1213 } else {
1214 return invoke_view_callback(view_fn, ctx, value);
1215 }
1216 };
1217
1218 return BOTAN_FFI_VISIT(crl_obj, [=](const Botan::X509_CRL& crl) -> int {
1219 switch(value_type) {
1220 case BOTAN_X509_SERIAL_NUMBER:
1221 return view(Botan::store_be(crl.crl_number()));
1222 case BOTAN_X509_ISSUER_DN_BITS:
1223 return view(Botan::ASN1::put_in_sequence(crl.issuer_dn().get_bits()));
1224 case BOTAN_X509_AUTHORITY_KEY_IDENTIFIER:
1225 return view(crl.authority_key_id());
1226
1227 case BOTAN_X509_TBS_DATA_BITS:
1228 case BOTAN_X509_SIGNATURE_SCHEME_BITS:
1229 case BOTAN_X509_SIGNATURE_BITS:
1230 case BOTAN_X509_DER_ENCODING:
1231 return botan_x509_object_view_value(crl, value_type, index, ctx, view_fn);
1232
1233 case BOTAN_X509_SUBJECT_DN_BITS:
1234 case BOTAN_X509_SUBJECT_KEY_IDENTIFIER:
1235 case BOTAN_X509_PUBLIC_KEY_PKCS8_BITS:
1236 case BOTAN_X509_PEM_ENCODING:
1237 case BOTAN_X509_CRL_DISTRIBUTION_URLS:
1238 case BOTAN_X509_OCSP_RESPONDER_URLS:
1239 case BOTAN_X509_CA_ISSUERS_URLS:
1240 return BOTAN_FFI_ERROR_NO_VALUE;
1241 }
1242
1243 return BOTAN_FFI_ERROR_BAD_PARAMETER;
1244 });
1245#else
1246 BOTAN_UNUSED(crl_obj, value_type, index, ctx, view_fn);
1247 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1248#endif
1249}
Botan::X509_CRL::authority_key_id
const std::vector< uint8_t > & authority_key_id() const
Definition x509_crl.cpp:221
Botan::X509_CRL::crl_number
uint32_t crl_number() const
Definition x509_crl.cpp:228
Botan::X509_CRL::issuer_dn
const X509_DN & issuer_dn() const
Definition x509_crl.cpp:214
Botan::X509_DN::get_bits
const std::vector< uint8_t > & get_bits() const
Definition pkix_types.h:82
Botan::ASN1::put_in_sequence
std::vector< uint8_t > put_in_sequence(const std::vector< uint8_t > &contents)
Definition asn1_obj.cpp:177
Botan::store_be
constexpr auto store_be(ParamTs &&... params)
Definition loadstor.h:745

References Botan::X509_CRL::authority_key_id(), BOTAN_FFI_ERROR_BAD_PARAMETER, BOTAN_FFI_ERROR_NO_VALUE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_OUT_OF_RANGE, BOTAN_FFI_VISIT, BOTAN_UNUSED, BOTAN_X509_AUTHORITY_KEY_IDENTIFIER, BOTAN_X509_CA_ISSUERS_URLS, BOTAN_X509_CRL_DISTRIBUTION_URLS, BOTAN_X509_DER_ENCODING, BOTAN_X509_ISSUER_DN_BITS, BOTAN_X509_OCSP_RESPONDER_URLS, BOTAN_X509_PEM_ENCODING, BOTAN_X509_PUBLIC_KEY_PKCS8_BITS, BOTAN_X509_SERIAL_NUMBER, BOTAN_X509_SIGNATURE_BITS, BOTAN_X509_SIGNATURE_SCHEME_BITS, BOTAN_X509_SUBJECT_DN_BITS, BOTAN_X509_SUBJECT_KEY_IDENTIFIER, BOTAN_X509_TBS_DATA_BITS, Botan::X509_CRL::crl_number(), Botan::X509_DN::get_bits(), Botan_FFI::invoke_view_callback(), Botan::X509_CRL::issuer_dn(), Botan::ASN1::put_in_sequence(), and Botan::store_be().

Referenced by botan_x509_crl_view_binary_values_count().

◆ botan_x509_crl_view_binary_values_count()

int botan_x509_crl_view_binary_values_count ( botan_x509_crl_t crl_obj,
botan_x509_value_type value_type,
size_t * count )

Definition at line 1251 of file ffi_cert.cpp.

1251 {
1252#if defined(BOTAN_HAS_X509_CERTIFICATES)
1253 return enumerator_count_values(count, [=](size_t index) {
1254 return botan_x509_crl_view_binary_values(
1255 crl_obj, value_type, index, nullptr, [](auto, auto, auto) -> int { return BOTAN_FFI_SUCCESS; });
1256 });
1257#else
1258 BOTAN_UNUSED(crl_obj, value_type, count);
1259 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1260#endif
1261}
botan_x509_crl_view_binary_values
int botan_x509_crl_view_binary_values(botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_bin_fn view_fn)
Definition ffi_cert.cpp:1199

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_SUCCESS, BOTAN_UNUSED, and botan_x509_crl_view_binary_values().

◆ botan_x509_crl_view_string_values()

int botan_x509_crl_view_string_values ( botan_x509_crl_t crl_obj,
botan_x509_value_type value_type,
size_t index,
botan_view_ctx ctx,
botan_view_str_fn view )

Retrieve a specific string value from an X.509 certificate revocation list.

For multi-values index allows enumerating the available entries, until BOTAN_FFI_ERROR_OUT_OF_RANGE is returned. For singleton values, an index of value "0" is expected.

Returns
BOTAN_FFI_ERROR_NO_VALUE if the provided crl_obj does not provide the requested value_type at all or not in string format.

Definition at line 1263 of file ffi_cert.cpp.

1267 {
1268#if defined(BOTAN_HAS_X509_CERTIFICATES)
1269 return BOTAN_FFI_VISIT(crl_obj, [=](const Botan::X509_CRL& crl) -> int {
1270 switch(value_type) {
1271 case BOTAN_X509_PEM_ENCODING:
1272 return botan_x509_object_view_value(crl, value_type, index, ctx, view);
1273
1274 case BOTAN_X509_SERIAL_NUMBER:
1275 case BOTAN_X509_SUBJECT_DN_BITS:
1276 case BOTAN_X509_ISSUER_DN_BITS:
1277 case BOTAN_X509_SUBJECT_KEY_IDENTIFIER:
1278 case BOTAN_X509_AUTHORITY_KEY_IDENTIFIER:
1279 case BOTAN_X509_PUBLIC_KEY_PKCS8_BITS:
1280 case BOTAN_X509_TBS_DATA_BITS:
1281 case BOTAN_X509_SIGNATURE_SCHEME_BITS:
1282 case BOTAN_X509_SIGNATURE_BITS:
1283 case BOTAN_X509_DER_ENCODING:
1284 case BOTAN_X509_CRL_DISTRIBUTION_URLS:
1285 case BOTAN_X509_OCSP_RESPONDER_URLS:
1286 case BOTAN_X509_CA_ISSUERS_URLS:
1287 return BOTAN_FFI_ERROR_NO_VALUE;
1288 }
1289
1290 return BOTAN_FFI_ERROR_BAD_PARAMETER;
1291 });
1292#else
1293 BOTAN_UNUSED(crl_obj, value_type, index, ctx, view);
1294 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1295#endif
1296}

References BOTAN_FFI_ERROR_BAD_PARAMETER, BOTAN_FFI_ERROR_NO_VALUE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, BOTAN_X509_AUTHORITY_KEY_IDENTIFIER, BOTAN_X509_CA_ISSUERS_URLS, BOTAN_X509_CRL_DISTRIBUTION_URLS, BOTAN_X509_DER_ENCODING, BOTAN_X509_ISSUER_DN_BITS, BOTAN_X509_OCSP_RESPONDER_URLS, BOTAN_X509_PEM_ENCODING, BOTAN_X509_PUBLIC_KEY_PKCS8_BITS, BOTAN_X509_SERIAL_NUMBER, BOTAN_X509_SIGNATURE_BITS, BOTAN_X509_SIGNATURE_SCHEME_BITS, BOTAN_X509_SUBJECT_DN_BITS, BOTAN_X509_SUBJECT_KEY_IDENTIFIER, and BOTAN_X509_TBS_DATA_BITS.

Referenced by botan_x509_crl_view_string_values_count().

◆ botan_x509_crl_view_string_values_count()

int botan_x509_crl_view_string_values_count ( botan_x509_crl_t crl_obj,
botan_x509_value_type value_type,
size_t * count )

Definition at line 1298 of file ffi_cert.cpp.

1298 {
1299#if defined(BOTAN_HAS_X509_CERTIFICATES)
1300 return enumerator_count_values(count, [=](size_t index) {
1301 return botan_x509_crl_view_string_values(
1302 crl_obj, value_type, index, nullptr, [](auto, auto, auto) -> int { return BOTAN_FFI_SUCCESS; });
1303 });
1304#else
1305 BOTAN_UNUSED(crl_obj, value_type, count);
1306 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1307#endif
1308}
botan_x509_crl_view_string_values
int botan_x509_crl_view_string_values(botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_cert.cpp:1263

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_SUCCESS, BOTAN_UNUSED, and botan_x509_crl_view_string_values().

◆ botan_x509_general_name_destroy()

int botan_x509_general_name_destroy ( botan_x509_general_name_t name)

Definition at line 780 of file ffi_cert.cpp.

780 {
781#if defined(BOTAN_HAS_X509_CERTIFICATES)
782 return BOTAN_FFI_CHECKED_DELETE(name);
783#else
784 BOTAN_UNUSED(name);
785 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
786#endif
787}

References BOTAN_FFI_CHECKED_DELETE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, and BOTAN_UNUSED.

◆ botan_x509_general_name_get_type()

int botan_x509_general_name_get_type ( botan_x509_general_name_t name,
unsigned int * type )

Provides the contained type of the name and returns BOTAN_FFI_SUCCESS if that type is supported and may be retrieved via the view functions below. Otherwise BOTAN_FFI_ERROR_INVALID_OBJECT_STATE is returned.

Definition at line 710 of file ffi_cert.cpp.

710 {
711#if defined(BOTAN_HAS_X509_CERTIFICATES)
712 return BOTAN_FFI_VISIT(name, [=](const Botan::GeneralName& n) {
713 if(Botan::any_null_pointers(type)) {
714 return BOTAN_FFI_ERROR_NULL_POINTER;
715 }
716
717 const auto mapped_type = to_botan_x509_general_name_types(n.type_code());
718 if(!mapped_type.has_value()) {
719 return BOTAN_FFI_ERROR_INVALID_OBJECT_STATE;
720 }
721
722 *type = mapped_type.value();
723 if(*type == BOTAN_X509_OTHER_NAME /* ... viewing of other-names not supported */) {
724 return BOTAN_FFI_ERROR_INVALID_OBJECT_STATE;
725 }
726
727 return BOTAN_FFI_SUCCESS;
728 });
729#else
730 BOTAN_UNUSED(name, type);
731 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
732#endif
733}
Botan::GeneralName
X.509 GeneralName Type.
Definition pkix_types.h:274
Botan::GeneralName::type_code
NameType type_code() const
Definition pkix_types.h:311
BOTAN_X509_OTHER_NAME
@ BOTAN_X509_OTHER_NAME
Definition ffi.h:2422
BOTAN_FFI_ERROR_INVALID_OBJECT_STATE
@ BOTAN_FFI_ERROR_INVALID_OBJECT_STATE
Definition ffi.h:137

References Botan::any_null_pointers(), BOTAN_FFI_ERROR_INVALID_OBJECT_STATE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, BOTAN_UNUSED, BOTAN_X509_OTHER_NAME, and Botan::GeneralName::type_code().

◆ botan_x509_general_name_view_binary_value()

int botan_x509_general_name_view_binary_value ( botan_x509_general_name_t name,
botan_view_ctx ctx,
botan_view_bin_fn view )

Views the name as a bit string or returns BOTAN_FFI_ERROR_INVALID_OBJECT_STATE if the contained GeneralName value cannot be represented as a binary string.

The types BOTAN_X509_DIRECTORY_NAME, BOTAN_X509_IP_ADDRESS may be viewed as "binary".

Definition at line 758 of file ffi_cert.cpp.

760 {
761#if defined(BOTAN_HAS_X509_CERTIFICATES)
762 return BOTAN_FFI_VISIT(name, [=](const Botan::GeneralName& n) -> int {
763 const auto type = to_botan_x509_general_name_types(n.type_code());
764 if(!type) {
765 return BOTAN_FFI_ERROR_INVALID_OBJECT_STATE;
766 }
767
768 if(type != BOTAN_X509_DIRECTORY_NAME && type != BOTAN_X509_IP_ADDRESS) {
769 return BOTAN_FFI_ERROR_INVALID_OBJECT_STATE;
770 }
771
772 return invoke_view_callback(view, ctx, n.binary_name());
773 });
774#else
775 BOTAN_UNUSED(name, ctx, view);
776 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
777#endif
778}
Botan::GeneralName::binary_name
std::vector< uint8_t > binary_name() const
Definition name_constraint.cpp:109
BOTAN_X509_DIRECTORY_NAME
@ BOTAN_X509_DIRECTORY_NAME
Definition ffi.h:2425
BOTAN_X509_IP_ADDRESS
@ BOTAN_X509_IP_ADDRESS
Definition ffi.h:2427

References Botan::GeneralName::binary_name(), BOTAN_FFI_ERROR_INVALID_OBJECT_STATE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, BOTAN_X509_DIRECTORY_NAME, BOTAN_X509_IP_ADDRESS, Botan_FFI::invoke_view_callback(), and Botan::GeneralName::type_code().

◆ botan_x509_general_name_view_string_value()

int botan_x509_general_name_view_string_value ( botan_x509_general_name_t name,
botan_view_ctx ctx,
botan_view_str_fn view )

Views the name as a string or returns BOTAN_FFI_ERROR_INVALID_OBJECT_STATE if the contained GeneralName value cannot be represented as a string.

The types BOTAN_X509_EMAIL_ADDRESS, BOTAN_X509_DNS_NAME, BOTAN_X509_URI, BOTAN_X509_IP_ADDRESS may be viewed as "string".

Definition at line 735 of file ffi_cert.cpp.

737 {
738#if defined(BOTAN_HAS_X509_CERTIFICATES)
739 return BOTAN_FFI_VISIT(name, [=](const Botan::GeneralName& n) -> int {
740 const auto type = to_botan_x509_general_name_types(n.type_code());
741 if(!type) {
742 return BOTAN_FFI_ERROR_INVALID_OBJECT_STATE;
743 }
744
745 if(type != BOTAN_X509_EMAIL_ADDRESS && type != BOTAN_X509_DNS_NAME && type != BOTAN_X509_URI &&
746 type != BOTAN_X509_IP_ADDRESS) {
747 return BOTAN_FFI_ERROR_INVALID_OBJECT_STATE;
748 }
749
750 return invoke_view_callback(view, ctx, n.name());
751 });
752#else
753 BOTAN_UNUSED(name, ctx, view);
754 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
755#endif
756}
Botan::GeneralName::name
std::string name() const
Definition name_constraint.cpp:86
BOTAN_X509_DNS_NAME
@ BOTAN_X509_DNS_NAME
Definition ffi.h:2424
BOTAN_X509_EMAIL_ADDRESS
@ BOTAN_X509_EMAIL_ADDRESS
Definition ffi.h:2423
BOTAN_X509_URI
@ BOTAN_X509_URI
Definition ffi.h:2426

References BOTAN_FFI_ERROR_INVALID_OBJECT_STATE, BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, BOTAN_X509_DNS_NAME, BOTAN_X509_EMAIL_ADDRESS, BOTAN_X509_IP_ADDRESS, BOTAN_X509_URI, Botan_FFI::invoke_view_callback(), Botan::GeneralName::name(), and Botan::GeneralName::type_code().

◆ botan_x509_is_revoked()

int botan_x509_is_revoked ( botan_x509_crl_t crl,
botan_x509_cert_t cert )

Given a CRL and a certificate, check if the certificate is revoked on that particular CRL

Definition at line 1310 of file ffi_cert.cpp.

1310 {
1311#if defined(BOTAN_HAS_X509_CERTIFICATES)
1312 return BOTAN_FFI_VISIT(crl, [=](const auto& c) { return c.is_revoked(safe_get(cert)) ? 0 : -1; });
1313#else
1314 BOTAN_UNUSED(cert);
1315 BOTAN_UNUSED(crl);
1316 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
1317#endif
1318}

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_VISIT, BOTAN_UNUSED, and Botan_FFI::safe_get().

Generated by doxygen 1.15.0