Botan 3.0.0
Crypto and TLS for C&
key_constraint.cpp
Go to the documentation of this file.
1/*
2* (C) 1999-2007,2016 Jack Lloyd
3* (C) 2016 René Korthaus, Rohde & Schwarz Cybersecurity
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/pkix_enums.h>
9#include <botan/pk_keys.h>
10#include <botan/internal/parsing.h>
11#include <vector>
12
13namespace Botan {
14
15std::string Key_Constraints::to_string() const
16 {
17 if(this->m_value == Key_Constraints::None)
18 return "no_constraints";
19
20 std::vector<std::string> str;
21
22 if(this->m_value & Key_Constraints::DigitalSignature)
23 str.push_back("digital_signature");
24
25 if(this->m_value & Key_Constraints::NonRepudiation)
26 str.push_back("non_repudiation");
27
28 if(this->m_value & Key_Constraints::KeyEncipherment)
29 str.push_back("key_encipherment");
30
31 if(this->m_value & Key_Constraints::DataEncipherment)
32 str.push_back("data_encipherment");
33
34 if(this->m_value & Key_Constraints::KeyAgreement)
35 str.push_back("key_agreement");
36
37 if(this->m_value & Key_Constraints::KeyCertSign)
38 str.push_back("key_cert_sign");
39
40 if(this->m_value & Key_Constraints::CrlSign)
41 str.push_back("crl_sign");
42
43 if(this->m_value & Key_Constraints::EncipherOnly)
44 str.push_back("encipher_only");
45
46 if(this->m_value & Key_Constraints::DecipherOnly)
47 str.push_back("decipher_only");
48
49 // Not 0 (checked at start) but nothing matched above!
50 if(str.empty())
51 return "other_unknown_constraints";
52
53 return string_join(str, ',');
54 }
55
56/*
57* Make sure the given key constraints are permitted for the given key type
58*/
59bool Key_Constraints::compatible_with(const Public_Key& pub_key) const
60 {
61 uint32_t permitted = 0;
62
63 if(pub_key.supports_operation(PublicKeyOperation::KeyAgreement))
64 {
65 permitted |= Key_Constraints::KeyAgreement |
66 Key_Constraints::EncipherOnly |
67 Key_Constraints::DecipherOnly;
68 }
69
70 if(pub_key.supports_operation(PublicKeyOperation::Encryption) ||
71 pub_key.supports_operation(PublicKeyOperation::KeyEncapsulation))
72 {
73 permitted |= Key_Constraints::KeyEncipherment |
74 Key_Constraints::DataEncipherment;
75 }
76
77 if(pub_key.supports_operation(PublicKeyOperation::Signature))
78 {
79 permitted |= Key_Constraints::DigitalSignature |
80 Key_Constraints::NonRepudiation |
81 Key_Constraints::KeyCertSign |
82 Key_Constraints::CrlSign;
83 }
84
85 if((m_value & permitted) != m_value)
86 {
87 return false;
88 }
89
90 return true;
91 }
92
93}
Botan::Asymmetric_Key::supports_operation
virtual bool supports_operation(PublicKeyOperation op) const =0
Botan::Key_Constraints::DigitalSignature
@ DigitalSignature
Definition: pkix_enums.h:110
Botan::Key_Constraints::None
@ None
Definition: pkix_enums.h:109
Botan::Key_Constraints::NonRepudiation
@ NonRepudiation
Definition: pkix_enums.h:111
Botan::Key_Constraints::CrlSign
@ CrlSign
Definition: pkix_enums.h:116
Botan::Key_Constraints::KeyCertSign
@ KeyCertSign
Definition: pkix_enums.h:115
Botan::Key_Constraints::DataEncipherment
@ DataEncipherment
Definition: pkix_enums.h:113
Botan::Key_Constraints::DecipherOnly
@ DecipherOnly
Definition: pkix_enums.h:118
Botan::Key_Constraints::KeyEncipherment
@ KeyEncipherment
Definition: pkix_enums.h:112
Botan::Key_Constraints::KeyAgreement
@ KeyAgreement
Definition: pkix_enums.h:114
Botan::Key_Constraints::EncipherOnly
@ EncipherOnly
Definition: pkix_enums.h:117
Botan::Key_Constraints::compatible_with
bool compatible_with(const Public_Key &key) const
Definition: key_constraint.cpp:59
Botan::Key_Constraints::to_string
std::string to_string() const
Definition: key_constraint.cpp:15
Botan::Public_Key
Definition: pk_keys.h:109
Botan
Definition: alg_id.cpp:12
Botan::string_join
std::string string_join(const std::vector< std::string > &strs, char delim)
Definition: parsing.cpp:147
Generated by doxygen 1.9.6