Botan
2.1.0
Crypto and TLS for C++11
|
#include <x509_crl.h>
Classes | |
struct | X509_CRL_Error |
Public Member Functions | |
std::vector< uint8_t > | authority_key_id () const |
std::vector< uint8_t > | BER_encode () const |
bool | check_signature (const Public_Key &key) const |
bool | check_signature (const Public_Key *key) const |
uint32_t | crl_number () const |
void | decode_from (class BER_Decoder &from) override |
void | encode_into (class DER_Encoder &to) const override |
std::vector< CRL_Entry > | get_revoked () const |
std::string | hash_used_for_signature () const |
bool | is_revoked (const X509_Certificate &cert) const |
X509_DN | issuer_dn () const |
X509_Time | next_update () const |
std::string | PEM_encode () const |
std::vector< uint8_t > | signature () const |
AlgorithmIdentifier | signature_algorithm () const |
std::vector< uint8_t > | tbs_data () const |
X509_Time | this_update () const |
X509_CRL (DataSource &source, bool throw_on_unknown_critical=false) | |
X509_CRL (const std::vector< uint8_t > &vec, bool throw_on_unknown_critical=false) | |
X509_CRL (const X509_DN &issuer, const X509_Time &thisUpdate, const X509_Time &nextUpdate, const std::vector< CRL_Entry > &revoked) | |
Static Public Member Functions | |
static std::vector< uint8_t > | make_signed (class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const secure_vector< uint8_t > &tbs) |
Protected Member Functions | |
void | do_decode () |
Protected Attributes | |
std::vector< uint8_t > | m_sig |
AlgorithmIdentifier | m_sig_algo |
std::vector< uint8_t > | m_tbs_bits |
This class represents X.509 Certificate Revocation Lists (CRLs).
Definition at line 24 of file x509_crl.h.
Botan::X509_CRL::X509_CRL | ( | DataSource & | source, |
bool | throw_on_unknown_critical = false |
||
) |
Construct a CRL from a data source.
source | the data source providing the DER or PEM encoded CRL. |
throw_on_unknown_critical | should we throw an exception if an unknown CRL extension marked as critical is encountered. |
Definition at line 21 of file x509_crl.cpp.
References Botan::X509_Object::do_decode().
Botan::X509_CRL::X509_CRL | ( | const std::vector< uint8_t > & | vec, |
bool | throw_on_unknown_critical = false |
||
) |
Construct a CRL from a binary vector
vec | the binary (DER) representation of the CRL |
throw_on_unknown_critical | should we throw an exception if an unknown CRL extension marked as critical is encountered. |
Definition at line 38 of file x509_crl.cpp.
References Botan::X509_Object::do_decode().
Botan::X509_CRL::X509_CRL | ( | const X509_DN & | issuer, |
const X509_Time & | thisUpdate, | ||
const X509_Time & | nextUpdate, | ||
const std::vector< CRL_Entry > & | revoked | ||
) |
Construct a CRL
issuer | issuer of this CRL |
thisUpdate | valid from |
nextUpdate | valid until |
revoked | entries to be included in the CRL |
Definition at line 44 of file x509_crl.cpp.
References Botan::Data_Store::add(), Botan::X509_DN::contents(), and Botan::X509_Time::to_string().
std::vector< uint8_t > Botan::X509_CRL::authority_key_id | ( | ) | const |
Get the AuthorityKeyIdentifier of this CRL.
Definition at line 173 of file x509_crl.cpp.
References Botan::Data_Store::get1_memvec().
Referenced by is_revoked().
|
inherited |
Definition at line 114 of file x509_obj.cpp.
References Botan::X509_Object::encode_into(), and Botan::DER_Encoder::get_contents_unlocked().
Referenced by Botan::X509_Certificate::fingerprint(), and Botan::X509_Object::PEM_encode().
|
inherited |
Check the signature on this data
key | the public key purportedly used to sign this data |
Definition at line 188 of file x509_obj.cpp.
References Botan::Public_Key::algo_name(), Botan::DER_SEQUENCE, Botan::IEEE_1363, Botan::OIDS::lookup(), Botan::X509_Object::m_sig_algo, Botan::Public_Key::message_parts(), Botan::AlgorithmIdentifier::oid, Botan::X509_Object::signature(), Botan::split_on(), Botan::X509_Object::tbs_data(), and Botan::PK_Verifier::verify_message().
Referenced by Botan::X509_Object::check_signature().
|
inherited |
Check the signature on this data
key | the public key purportedly used to sign this data the pointer will be deleted after use |
Definition at line 177 of file x509_obj.cpp.
References Botan::X509_Object::check_signature().
uint32_t Botan::X509_CRL::crl_number | ( | ) | const |
Get the serial number of this CRL.
Definition at line 181 of file x509_crl.cpp.
References Botan::Data_Store::get1_uint32().
Referenced by Botan::X509_CA::update_crl().
|
overridevirtualinherited |
Decode a BER encoded X509_Object See ASN1_Object::decode_from()
Implements Botan::ASN1_Object.
Definition at line 100 of file x509_obj.cpp.
References Botan::BIT_STRING, Botan::BER_Decoder::decode(), Botan::BER_Decoder::end_cons(), Botan::X509_Object::m_sig, Botan::X509_Object::m_sig_algo, Botan::X509_Object::m_tbs_bits, Botan::BER_Decoder::raw_bytes(), Botan::SEQUENCE, and Botan::BER_Decoder::start_cons().
|
protectedinherited |
Definition at line 231 of file x509_obj.cpp.
References Botan::Exception::what().
Referenced by Botan::PKCS10_Request::PKCS10_Request(), Botan::X509_Certificate::X509_Certificate(), and X509_CRL().
|
overridevirtualinherited |
DER encode an X509_Object See ASN1_Object::encode_into()
Implements Botan::ASN1_Object.
Definition at line 86 of file x509_obj.cpp.
References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::X509_Object::m_sig, Botan::X509_Object::m_sig_algo, Botan::X509_Object::m_tbs_bits, Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().
Referenced by Botan::X509_Object::BER_encode(), and Botan::Certificate_Store_In_SQL::insert_cert().
std::vector< CRL_Entry > Botan::X509_CRL::get_revoked | ( | ) | const |
Get the entries of this CRL in the form of a vector.
Definition at line 157 of file x509_crl.cpp.
Referenced by Botan::X509_CA::update_crl().
|
inherited |
Definition at line 156 of file x509_obj.cpp.
References Botan::OID::as_string(), Botan::OIDS::lookup(), Botan::X509_Object::m_sig_algo, Botan::AlgorithmIdentifier::oid, Botan::parse_algorithm_name(), and Botan::split_on().
bool Botan::X509_CRL::is_revoked | ( | const X509_Certificate & | cert | ) | const |
Check if this particular certificate is listed in the CRL
Definition at line 56 of file x509_crl.cpp.
References authority_key_id(), Botan::X509_Certificate::authority_key_id(), issuer_dn(), Botan::X509_Certificate::issuer_dn(), Botan::REMOVE_FROM_CRL, and Botan::X509_Certificate::serial_number().
X509_DN Botan::X509_CRL::issuer_dn | ( | ) | const |
Get the issuer DN of this CRL.
Definition at line 165 of file x509_crl.cpp.
References Botan::create_dn().
Referenced by is_revoked().
|
staticinherited |
Create a signed X509 object.
signer | the signer used to sign the object |
rng | the random number generator to use |
alg_id | the algorithm identifier of the signature scheme |
tbs | the tbs bits to be signed |
Definition at line 214 of file x509_obj.cpp.
References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::get_contents_unlocked(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::PK_Signer::sign_message(), and Botan::DER_Encoder::start_cons().
Referenced by Botan::X509::create_cert_req(), and Botan::X509_CA::make_cert().
X509_Time Botan::X509_CRL::next_update | ( | ) | const |
Get the CRL's nextUpdate value.
Definition at line 197 of file x509_crl.cpp.
References Botan::Data_Store::get1(), and Botan::UTC_OR_GENERALIZED_TIME.
|
inherited |
Definition at line 124 of file x509_obj.cpp.
References Botan::X509_Object::BER_encode(), and Botan::PEM_Code::encode().
|
inherited |
Definition at line 140 of file x509_obj.cpp.
References Botan::X509_Object::m_sig.
Referenced by Botan::X509_Object::check_signature().
|
inherited |
Definition at line 148 of file x509_obj.cpp.
References Botan::X509_Object::m_sig_algo.
Referenced by Botan::X509_Certificate::to_string().
|
inherited |
The underlying data that is to be or was signed
Definition at line 132 of file x509_obj.cpp.
References Botan::X509_Object::m_tbs_bits, and Botan::ASN1::put_in_sequence().
Referenced by Botan::X509_Object::check_signature().
X509_Time Botan::X509_CRL::this_update | ( | ) | const |
Get the CRL's thisUpdate value.
Definition at line 189 of file x509_crl.cpp.
References Botan::Data_Store::get1(), and Botan::UTC_OR_GENERALIZED_TIME.
|
protectedinherited |
Definition at line 110 of file x509_obj.h.
Referenced by Botan::X509_Object::decode_from(), Botan::X509_Object::encode_into(), Botan::X509_Certificate::operator<(), Botan::X509_Certificate::operator==(), and Botan::X509_Object::signature().
|
protectedinherited |
|
protectedinherited |
Definition at line 110 of file x509_obj.h.
Referenced by Botan::X509_Object::decode_from(), Botan::X509_Object::encode_into(), Botan::X509_Certificate::operator<(), and Botan::X509_Object::tbs_data().