8#include <botan/x509self.h>
9#include <botan/x509_key.h>
10#include <botan/x509_ext.h>
11#include <botan/x509_ca.h>
12#include <botan/der_enc.h>
13#include <botan/pubkey.h>
14#include <botan/hash.h>
23void load_info(
const X509_Cert_Options& opts, X509_DN& subject_dn,
24 AlternativeName& subject_alt)
26 subject_dn.add_attribute(
"X520.CommonName", opts.common_name);
27 subject_dn.add_attribute(
"X520.Country", opts.country);
28 subject_dn.add_attribute(
"X520.State", opts.state);
29 subject_dn.add_attribute(
"X520.Locality", opts.locality);
30 subject_dn.add_attribute(
"X520.Organization", opts.organization);
31 subject_dn.add_attribute(
"X520.OrganizationalUnit", opts.org_unit);
32 for(
auto extra_ou : opts.more_org_units) {
33 subject_dn.add_attribute(
"X520.OrganizationalUnit", extra_ou);
36 subject_dn.add_attribute(
"X520.SerialNumber", opts.serial_number);
37 subject_alt = AlternativeName(opts.email, opts.uri, opts.dns, opts.ip);
41 for(
auto dns : opts.more_dns)
42 subject_alt.add_attribute(
"DNS", dns);
53 const std::string& hash_fn,
61 std::map<std::string,std::string> sig_opts = { {
"padding",opts.
padding_scheme} };
64 std::unique_ptr<PK_Signer> signer(
choose_sig_format(key, sig_opts, rng, hash_fn, sig_algo));
66 load_info(opts, subject_dn, subject_alt);
93 extensions.
add_new(skid.release());
103 subject_dn, subject_dn,
112 const std::string& hash_fn,
117 load_info(opts, subject_dn, subject_alt);
#define BOTAN_ASSERT_NOMSG(expr)
const OID & get_oid() const
bool add_new(Certificate_Extension *extn, bool critical=false)
static OID from_string(const std::string &str)
static PKCS10_Request create(const Private_Key &key, const X509_DN &subject_dn, const Extensions &extensions, const std::string &hash_fn, RandomNumberGenerator &rng, const std::string &padding_scheme="", const std::string &challenge="")
static X509_Certificate make_cert(PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &sig_algo, const std::vector< uint8_t > &pub_key, const X509_Time ¬_before, const X509_Time ¬_after, const X509_DN &issuer_dn, const X509_DN &subject_dn, const Extensions &extensions)
std::vector< OID > ex_constraints
Key_Constraints constraints
std::string padding_scheme
PKCS10_Request create_cert_req(const X509_Cert_Options &opts, const Private_Key &key, const std::string &hash_fn, RandomNumberGenerator &rng)
std::vector< uint8_t > BER_encode(const Public_Key &key)
X509_Certificate create_self_signed_cert(const X509_Cert_Options &opts, const Private_Key &key, const std::string &hash_fn, RandomNumberGenerator &rng)
PK_Signer * choose_sig_format(const Private_Key &key, RandomNumberGenerator &rng, const std::string &hash_fn, AlgorithmIdentifier &sig_algo)
void verify_cert_constraints_valid_for_key_type(const Public_Key &pub_key, Key_Constraints constraints)