8 #include <botan/pkcs10.h>
9 #include <botan/x509_ext.h>
10 #include <botan/x509cert.h>
11 #include <botan/der_enc.h>
12 #include <botan/ber_dec.h>
13 #include <botan/parsing.h>
14 #include <botan/oids.h>
15 #include <botan/pem.h>
23 X509_Object(in,
"CERTIFICATE REQUEST/NEW CERTIFICATE REQUEST")
28 #if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
33 X509_Object(fsname,
"CERTIFICATE REQUEST/NEW CERTIFICATE REQUEST")
43 X509_Object(in,
"CERTIFICATE REQUEST/NEW CERTIFICATE REQUEST")
51 void PKCS10_Request::force_decode()
56 cert_req_info.decode(version);
58 throw Decoding_Error(
"Unknown version code in PKCS #10 request: " +
62 cert_req_info.decode(dn_subject);
66 BER_Object public_key = cert_req_info.get_next_object();
68 throw BER_Bad_Tag(
"PKCS10_Request: Unexpected tag for public key",
71 m_info.
add(
"X509.Certificate.public_key",
78 BER_Object attr_bits = cert_req_info.get_next_object();
84 while(attributes.more_items())
87 attributes.decode(attr);
88 handle_attribute(attr);
90 attributes.verify_end();
93 throw BER_Bad_Tag(
"PKCS10_Request: Unexpected tag for attributes",
96 cert_req_info.verify_end();
99 throw Decoding_Error(
"PKCS #10 request: Bad signature detected");
105 void PKCS10_Request::handle_attribute(
const Attribute& attr)
107 BER_Decoder value(attr.parameters);
113 m_info.
add(
"RFC822", email.value());
115 else if(attr.oid ==
OIDS::lookup(
"PKCS9.ChallengePassword"))
118 value.decode(challenge_password);
119 m_info.
add(
"PKCS9.ChallengePassword", challenge_password.value());
121 else if(attr.oid ==
OIDS::lookup(
"PKCS9.ExtensionRequest"))
123 value.decode(m_extensions).verify_end();
132 return m_info.
get1(
"PKCS9.ChallengePassword");
187 if(
auto ext = m_extensions.
get(
OIDS::lookup(
"X509v3.ExtendedKeyUsage")))
200 if(
auto ext = m_extensions.
get(
OIDS::lookup(
"X509v3.BasicConstraints")))
213 if(
auto ext = m_extensions.
get(
OIDS::lookup(
"X509v3.BasicConstraints")))
Extensions extensions() const
size_t path_limit() const
std::vector< OID > ex_constraints() const
size_t get_path_limit() const
Public_Key * subject_public_key() const
std::string encode(const uint8_t der[], size_t length, const std::string &label, size_t width)
Public_Key * load_key(DataSource &source)
std::string to_string(const BER_Object &obj)
std::string get1(const std::string &key) const
Key_Constraints get_constraints() const
std::vector< uint8_t > m_tbs_bits
secure_vector< uint8_t > value
X509_DN create_dn(const Data_Store &info)
AlternativeName subject_alt_name() const
AlternativeName create_alt_name(const Data_Store &info)
std::string lookup(const OID &oid)
std::unique_ptr< Certificate_Extension > get(const OID &oid) const
X509_DN subject_dn() const
std::vector< OID > get_oids() const
Key_Constraints constraints() const
std::vector< uint8_t > put_in_sequence(const std::vector< uint8_t > &contents)
std::vector< uint8_t > raw_public_key() const
std::vector< T > unlock(const secure_vector< T > &in)
std::string challenge_password() const
bool check_signature(const Public_Key &key) const
secure_vector< uint8_t > decode_check_label(DataSource &source, const std::string &label_want)
PKCS10_Request(DataSource &source)
std::multimap< std::string, std::string > contents() const
void add(const std::multimap< std::string, std::string > &)