Botan
3.9.0
Crypto and TLS for C&
src
lib
x509
key_constraint.cpp
Go to the documentation of this file.
1
/*
2
* (C) 1999-2007,2016 Jack Lloyd
3
* (C) 2016 René Korthaus, Rohde & Schwarz Cybersecurity
4
*
5
* Botan is released under the Simplified BSD License (see license.txt)
6
*/
7
8
#include <botan/pkix_enums.h>
9
10
#include <botan/pk_keys.h>
11
#include <botan/internal/parsing.h>
12
#include <vector>
13
14
namespace
Botan
{
15
16
std::string
Key_Constraints::to_string
()
const
{
17
if
(this->m_value ==
Key_Constraints::None
) {
18
return
"no_constraints"
;
19
}
20
21
std::vector<std::string> str;
22
23
auto
usage_set = [
value
= m_value](
const
Key_Constraints::Bits
usage) {
return
((
value
& usage) == usage); };
24
25
if
(usage_set(
Key_Constraints::DigitalSignature
)) {
26
str.push_back(
"digital_signature"
);
27
}
28
29
if
(usage_set(
Key_Constraints::NonRepudiation
)) {
30
str.push_back(
"non_repudiation"
);
31
}
32
33
if
(usage_set(
Key_Constraints::KeyEncipherment
)) {
34
str.push_back(
"key_encipherment"
);
35
}
36
37
if
(usage_set(
Key_Constraints::DataEncipherment
)) {
38
str.push_back(
"data_encipherment"
);
39
}
40
41
if
(usage_set(
Key_Constraints::KeyAgreement
)) {
42
str.push_back(
"key_agreement"
);
43
}
44
45
if
(usage_set(
Key_Constraints::KeyCertSign
)) {
46
str.push_back(
"key_cert_sign"
);
47
}
48
49
if
(usage_set(
Key_Constraints::CrlSign
)) {
50
str.push_back(
"crl_sign"
);
51
}
52
53
if
(usage_set(
Key_Constraints::EncipherOnly
)) {
54
str.push_back(
"encipher_only"
);
55
}
56
57
if
(usage_set(
Key_Constraints::DecipherOnly
)) {
58
str.push_back(
"decipher_only"
);
59
}
60
61
// Not 0 (checked at start) but nothing matched above!
62
if
(str.empty()) {
63
return
"other_unknown_constraints"
;
64
}
65
66
return
string_join
(str,
','
);
67
}
68
69
/*
70
* Make sure the given key constraints are permitted for the given key type
71
*/
72
bool
Key_Constraints::compatible_with
(
const
Public_Key
& pub_key)
const
{
73
uint32_t permitted = 0;
74
75
if
(pub_key.
supports_operation
(
PublicKeyOperation::KeyAgreement
)) {
76
permitted |=
Key_Constraints::KeyAgreement
|
Key_Constraints::EncipherOnly
|
Key_Constraints::DecipherOnly
;
77
}
78
79
if
(pub_key.
supports_operation
(
PublicKeyOperation::Encryption
)) {
80
permitted |=
Key_Constraints::KeyEncipherment
|
Key_Constraints::DataEncipherment
;
81
}
82
83
if
(pub_key.
supports_operation
(
PublicKeyOperation::KeyEncapsulation
)) {
84
permitted |=
Key_Constraints::KeyEncipherment
;
85
}
86
87
if
(pub_key.
supports_operation
(
PublicKeyOperation::Signature
)) {
88
permitted |=
Key_Constraints::DigitalSignature
|
Key_Constraints::NonRepudiation
|
Key_Constraints::KeyCertSign
|
89
Key_Constraints::CrlSign
;
90
}
91
92
if
((m_value & permitted) != m_value) {
93
return
false
;
94
}
95
96
return
true
;
97
}
98
99
}
// namespace Botan
Botan::Asymmetric_Key::supports_operation
virtual bool supports_operation(PublicKeyOperation op) const =0
Botan::Key_Constraints::compatible_with
bool compatible_with(const Public_Key &key) const
Definition
key_constraint.cpp:72
Botan::Key_Constraints::to_string
std::string to_string() const
Definition
key_constraint.cpp:16
Botan::Key_Constraints::value
uint32_t value() const
Definition
pkix_enums.h:180
Botan::Key_Constraints::Bits
Bits
Definition
pkix_enums.h:114
Botan::Key_Constraints::DigitalSignature
@ DigitalSignature
Definition
pkix_enums.h:116
Botan::Key_Constraints::None
@ None
Definition
pkix_enums.h:115
Botan::Key_Constraints::NonRepudiation
@ NonRepudiation
Definition
pkix_enums.h:117
Botan::Key_Constraints::CrlSign
@ CrlSign
Definition
pkix_enums.h:122
Botan::Key_Constraints::KeyCertSign
@ KeyCertSign
Definition
pkix_enums.h:121
Botan::Key_Constraints::DataEncipherment
@ DataEncipherment
Definition
pkix_enums.h:119
Botan::Key_Constraints::DecipherOnly
@ DecipherOnly
Definition
pkix_enums.h:124
Botan::Key_Constraints::KeyEncipherment
@ KeyEncipherment
Definition
pkix_enums.h:118
Botan::Key_Constraints::KeyAgreement
@ KeyAgreement
Definition
pkix_enums.h:120
Botan::Key_Constraints::EncipherOnly
@ EncipherOnly
Definition
pkix_enums.h:123
Botan::Public_Key
Definition
pk_keys.h:148
Botan
Definition
alg_id.cpp:13
Botan::string_join
std::string string_join(const std::vector< std::string > &strs, char delim)
Definition
parsing.cpp:140
Botan::PublicKeyOperation::KeyEncapsulation
@ KeyEncapsulation
Definition
pk_keys.h:49
Botan::PublicKeyOperation::KeyAgreement
@ KeyAgreement
Definition
pk_keys.h:50
Botan::PublicKeyOperation::Signature
@ Signature
Definition
pk_keys.h:48
Botan::PublicKeyOperation::Encryption
@ Encryption
Definition
pk_keys.h:47
Generated by
1.14.0