8 #include <botan/x509self.h>
9 #include <botan/x509_ext.h>
10 #include <botan/x509_ca.h>
11 #include <botan/der_enc.h>
12 #include <botan/pubkey.h>
13 #include <botan/oids.h>
22 void load_info(
const X509_Cert_Options& opts, X509_DN& subject_dn,
23 AlternativeName& subject_alt)
25 subject_dn.add_attribute(
"X520.CommonName", opts.common_name);
26 subject_dn.add_attribute(
"X520.Country", opts.country);
27 subject_dn.add_attribute(
"X520.State", opts.state);
28 subject_dn.add_attribute(
"X520.Locality", opts.locality);
29 subject_dn.add_attribute(
"X520.Organization", opts.organization);
30 subject_dn.add_attribute(
"X520.OrganizationalUnit", opts.org_unit);
31 subject_dn.add_attribute(
"X520.SerialNumber", opts.serial_number);
32 subject_alt = AlternativeName(opts.email, opts.uri, opts.dns, opts.ip);
46 const std::string& hash_fn,
54 std::unique_ptr<PK_Signer> signer(
choose_sig_format(key, rng, hash_fn, sig_algo));
55 load_info(opts, subject_dn, subject_alt);
89 subject_dn, subject_dn,
98 const std::string& hash_fn,
106 std::unique_ptr<PK_Signer> signer(
choose_sig_format(key, rng, hash_fn, sig_algo));
107 load_info(opts, subject_dn, subject_alt);
109 const size_t PKCS10_VERSION = 0;
162 .get_contents_unlocked()
168 const std::vector<uint8_t> req =
PKCS10_Request create_cert_req(const X509_Cert_Options &opts, const Private_Key &key, const std::string &hash_fn, RandomNumberGenerator &rng)
std::vector< uint8_t > BER_encode(const Public_Key &key)
static X509_Certificate make_cert(PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &sig_algo, const std::vector< uint8_t > &pub_key, const X509_Time ¬_before, const X509_Time ¬_after, const X509_DN &issuer_dn, const X509_DN &subject_dn, const Extensions &extensions)
std::string encode(const uint8_t der[], size_t length, const std::string &label, size_t width)
static std::vector< uint8_t > make_signed(class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const secure_vector< uint8_t > &tbs)
secure_vector< uint8_t > get_contents()
DER_Encoder & end_explicit()
void verify_cert_constraints_valid_for_key_type(const Public_Key &pub_key, Key_Constraints constraints)
DER_Encoder & raw_bytes(const uint8_t val[], size_t len)
void add(Certificate_Extension *extn, bool critical=false)
DER_Encoder & encode(bool b)
std::string lookup(const OID &oid)
Key_Constraints constraints
PK_Signer * choose_sig_format(const Private_Key &key, RandomNumberGenerator &rng, const std::string &hash_fn, AlgorithmIdentifier &sig_algo)
DER_Encoder & start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
std::vector< OID > ex_constraints
DER_Encoder & start_explicit(uint16_t type_tag)
X509_Certificate create_self_signed_cert(const X509_Cert_Options &opts, const Private_Key &key, const std::string &hash_fn, RandomNumberGenerator &rng)