8#include <botan/x509_crl.h>
9#include <botan/x509_ext.h>
10#include <botan/x509cert.h>
11#include <botan/ber_dec.h>
22 std::vector<CRL_Entry> m_entries;
23 Extensions m_extensions;
26 size_t m_crl_number = 0;
27 std::vector<uint8_t> m_auth_key_id;
28 std::string m_issuing_distribution_point;
31std::string X509_CRL::PEM_label()
const
36std::vector<std::string> X509_CRL::alternate_PEM_labels()
const
52#if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
63 const std::vector<CRL_Entry>& revoked) :
66 m_data = std::make_shared<CRL_Data>();
67 m_data->m_issuer = issuer;
70 m_data->m_entries = revoked;
88 if(!crl_akid.empty() && !cert_akid.empty())
90 if(crl_akid != cert_akid)
94 const std::vector<uint8_t>& cert_serial = cert.
serial_number();
101 if(cert_serial == entry.serial_number())
118std::unique_ptr<CRL_Data> decode_crl_body(
const std::vector<uint8_t>& body,
121 auto data = std::make_unique<CRL_Data>();
128 if(version != 0 && version != 1)
132 tbs_crl.decode(sig_algo_inner);
134 if(sig_algo != sig_algo_inner)
137 tbs_crl.decode(data->m_issuer)
138 .decode(data->m_this_update)
139 .decode(data->m_next_update);
147 while(cert_list.more_items())
150 cert_list.decode(entry);
151 data->m_entries.push_back(entry);
153 next = tbs_crl.get_next_object();
158 BER_Decoder crl_options(std::move(next));
159 crl_options.decode(data->m_extensions).verify_end();
160 next = tbs_crl.get_next_object();
164 throw Decoding_Error(
"Unknown tag following extensions in CRL");
166 tbs_crl.verify_end();
169 if(
auto ext = data->m_extensions.get_extension_object_as<Cert_Extension::CRL_Number>())
171 data->m_crl_number = ext->get_crl_number();
173 if(
auto ext = data->m_extensions.get_extension_object_as<Cert_Extension::Authority_Key_ID>())
175 data->m_auth_key_id = ext->get_key_id();
177 if(
auto ext = data->m_extensions.get_extension_object_as<Cert_Extension::CRL_Issuing_Distribution_Point>())
179 std::stringstream ss;
181 for(
const auto& pair : ext->get_point().contents())
183 ss << pair.first <<
": " << pair.second <<
" ";
185 data->m_issuing_distribution_point = ss.str();
193void X509_CRL::force_decode()
198const CRL_Data& X509_CRL::data()
const
202 throw Invalid_State(
"X509_CRL uninitialized");
204 return *m_data.get();
209 return data().m_extensions;
217 return data().m_entries;
225 return data().m_issuer;
233 return data().m_auth_key_id;
241 return static_cast<uint32_t
>(data().m_crl_number);
249 return data().m_this_update;
257 return data().m_next_update;
265 return data().m_issuing_distribution_point;
bool is_a(ASN1_Type type_tag, ASN1_Class class_tag) const
const std::vector< CRL_Entry > & get_revoked() const
const std::vector< uint8_t > & authority_key_id() const
const X509_Time & this_update() const
const Extensions & extensions() const
uint32_t crl_number() const
const X509_Time & next_update() const
const X509_DN & issuer_dn() const
bool is_revoked(const X509_Certificate &cert) const
std::string crl_issuing_distribution_point() const
const std::vector< uint8_t > & serial_number() const
const std::vector< uint8_t > & authority_key_id() const
const X509_DN & issuer_dn() const
const std::vector< uint8_t > & signed_body() const
const AlgorithmIdentifier & signature_algorithm() const
void load_data(DataSource &src)
std::string to_string(const BER_Object &obj)