Botan  2.19.1
Crypto and TLS for C++11
Public Member Functions | List of all members
Botan::Certificate_Store_Windows Class Referencefinal

#include <certstor_windows.h>

Inheritance diagram for Botan::Certificate_Store_Windows:
Botan::Certificate_Store

Public Member Functions

std::vector< X509_DNall_subjects () const override
 
bool certificate_known (const X509_Certificate &cert) const
 
 Certificate_Store_Windows ()
 
 Certificate_Store_Windows (const Certificate_Store_Windows &)=default
 
 Certificate_Store_Windows (Certificate_Store_Windows &&)=default
 
std::vector< std::shared_ptr< const X509_Certificate > > find_all_certs (const X509_DN &subject_dn, const std::vector< uint8_t > &key_id) const override
 
std::shared_ptr< const X509_Certificatefind_cert (const X509_DN &subject_dn, const std::vector< uint8_t > &key_id) const override
 
std::shared_ptr< const X509_Certificatefind_cert_by_pubkey_sha1 (const std::vector< uint8_t > &key_hash) const override
 
std::shared_ptr< const X509_Certificatefind_cert_by_raw_subject_dn_sha256 (const std::vector< uint8_t > &subject_hash) const override
 
std::shared_ptr< const X509_CRLfind_crl_for (const X509_Certificate &subject) const override
 
Certificate_Store_Windowsoperator= (const Certificate_Store_Windows &)=default
 
Certificate_Store_Windowsoperator= (Certificate_Store_Windows &&)=default
 

Detailed Description

Certificate Store that is backed by the system trust store on Windows.

Definition at line 18 of file certstor_windows.h.

Constructor & Destructor Documentation

Botan::Certificate_Store_Windows::Certificate_Store_Windows ( )

Definition at line 192 of file certstor_windows.cpp.

192 {}
Botan::Certificate_Store_Windows::Certificate_Store_Windows ( const Certificate_Store_Windows )
default
Botan::Certificate_Store_Windows::Certificate_Store_Windows ( Certificate_Store_Windows &&  )
default

Member Function Documentation

std::vector< X509_DN > Botan::Certificate_Store_Windows::all_subjects ( ) const
overridevirtual
Returns
DNs for all certificates managed by the store

Implements Botan::Certificate_Store.

Definition at line 194 of file certstor_windows.cpp.

References Botan::X509_Certificate::subject_dn().

195  {
196  std::vector<X509_DN> subject_dns;
197  for(const auto store_name : cert_store_names)
198  {
199  Handle_Guard<HCERTSTORE> windows_cert_store = open_cert_store(store_name);
200  Handle_Guard<PCCERT_CONTEXT> cert_context = nullptr;
201 
202  // Handle_Guard::assign exchanges the underlying pointer. No RAII is needed here, because the Windows API takes care of
203  // freeing the previous context.
204  while(cert_context.assign(CertEnumCertificatesInStore(windows_cert_store.get(), cert_context.get())))
205  {
206  X509_Certificate cert(cert_context->pbCertEncoded, cert_context->cbCertEncoded);
207  subject_dns.push_back(cert.subject_dn());
208  }
209  }
210 
211  return subject_dns;
212  }
bool Botan::Certificate_Store::certificate_known ( const X509_Certificate cert) const
inlineinherited
Returns
whether the certificate is known
Parameters
certcertififcate to be searched

Definition at line 72 of file certstor.h.

References Botan::X509_Certificate::subject_dn(), and Botan::X509_Certificate::subject_key_id().

73  {
74  return find_cert(cert.subject_dn(), cert.subject_key_id()) != nullptr;
75  }
virtual std::shared_ptr< const X509_Certificate > find_cert(const X509_DN &subject_dn, const std::vector< uint8_t > &key_id) const
Definition: certstor.cpp:20
Cert_Vector Botan::Certificate_Store_Windows::find_all_certs ( const X509_DN subject_dn,
const std::vector< uint8_t > &  key_id 
) const
overridevirtual

Find all certificates with a given Subject DN. Subject DN and even the key identifier might not be unique.

Implements Botan::Certificate_Store.

Definition at line 221 of file certstor_windows.cpp.

224  {
225  return find_cert_by_dn_and_key_id(subject_dn, key_id, false);
226  }
Cert_Pointer Botan::Certificate_Store_Windows::find_cert ( const X509_DN subject_dn,
const std::vector< uint8_t > &  key_id 
) const
overridevirtual

Find a certificate by Subject DN and (optionally) key identifier

Returns
the first certificate that matches

Reimplemented from Botan::Certificate_Store.

Definition at line 214 of file certstor_windows.cpp.

216  {
217  const auto certs = find_cert_by_dn_and_key_id(subject_dn, key_id, true);
218  return certs.empty() ? nullptr : certs.front();
219  }
Cert_Pointer Botan::Certificate_Store_Windows::find_cert_by_pubkey_sha1 ( const std::vector< uint8_t > &  key_hash) const
overridevirtual

Find a certificate by searching for one with a matching SHA-1 hash of public key.

Returns
a matching certificate or nullptr otherwise

Implements Botan::Certificate_Store.

Definition at line 228 of file certstor_windows.cpp.

229  {
230  if(key_hash.size() != 20)
231  {
232  throw Invalid_Argument("Certificate_Store_Windows::find_cert_by_pubkey_sha1 invalid hash");
233  }
234 
235  CRYPT_HASH_BLOB blob;
236  blob.cbData = static_cast<DWORD>(key_hash.size());
237  blob.pbData = const_cast<BYTE*>(key_hash.data());
238 
239  auto filter = [](const Cert_Vector&, Cert_Pointer) { return true; };
240 
241  const auto certs = search_cert_stores(blob, CERT_FIND_KEY_IDENTIFIER, filter, true);
242  return certs.empty() ? nullptr : certs.front();
243  }
Cert_Pointer Botan::Certificate_Store_Windows::find_cert_by_raw_subject_dn_sha256 ( const std::vector< uint8_t > &  subject_hash) const
overridevirtual
Exceptions
Botan::Not_Implemented

Implements Botan::Certificate_Store.

Definition at line 245 of file certstor_windows.cpp.

References BOTAN_UNUSED.

247  {
248  BOTAN_UNUSED(subject_hash);
249  throw Not_Implemented("Certificate_Store_Windows::find_cert_by_raw_subject_dn_sha256");
250  }
#define BOTAN_UNUSED(...)
Definition: assert.h:142
std::shared_ptr< const X509_CRL > Botan::Certificate_Store_Windows::find_crl_for ( const X509_Certificate subject) const
overridevirtual

Not Yet Implemented

Returns
nullptr;

Reimplemented from Botan::Certificate_Store.

Definition at line 252 of file certstor_windows.cpp.

References BOTAN_UNUSED.

253  {
254  // TODO: this could be implemented by using the CertFindCRLInStore function
255  BOTAN_UNUSED(subject);
256  return {};
257  }
#define BOTAN_UNUSED(...)
Definition: assert.h:142
Certificate_Store_Windows& Botan::Certificate_Store_Windows::operator= ( const Certificate_Store_Windows )
default
Certificate_Store_Windows& Botan::Certificate_Store_Windows::operator= ( Certificate_Store_Windows &&  )
default

The documentation for this class was generated from the following files: