Botan 2.19.3
Crypto and TLS for C&
|
#include <x509cert.h>
Public Member Functions | |
bool | allowed_extended_usage (const OID &usage) const |
bool | allowed_extended_usage (const std::string &usage) const |
bool | allowed_usage (Key_Constraints usage) const |
bool | allowed_usage (Usage_Type usage) const |
const std::vector< uint8_t > & | authority_key_id () const |
std::vector< uint8_t > | BER_encode () const |
std::vector< std::string > | ca_issuers () const |
const std::vector< OID > & | certificate_policy_oids () const |
bool | check_signature (const Public_Key &key) const |
bool | check_signature (const Public_Key *key) const |
Key_Constraints | constraints () const |
std::string | crl_distribution_point () const |
void | decode_from (class BER_Decoder &from) override |
void | encode_into (class DER_Encoder &to) const override |
std::string | end_time () const |
std::vector< std::string > | ex_constraints () const |
const std::vector< OID > & | extended_key_usage () const |
std::string | fingerprint (const std::string &hash_name="SHA-1") const |
bool | has_constraints (Key_Constraints constraints) const |
bool | has_ex_constraint (const OID &ex_constraint) const |
bool | has_ex_constraint (const std::string &ex_constraint) const |
std::string | hash_used_for_signature () const |
bool | is_CA_cert () const |
bool | is_critical (const std::string &ex_name) const |
bool | is_self_signed () const |
bool | is_serial_negative () const |
const AlternativeName & | issuer_alt_name () const |
const X509_DN & | issuer_dn () const |
std::vector< std::string > | issuer_info (const std::string &name) const |
std::unique_ptr< Public_Key > | load_subject_public_key () const |
bool | matches_dns_name (const std::string &name) const |
const NameConstraints & | name_constraints () const |
const X509_Time & | not_after () const |
const X509_Time & | not_before () const |
std::string | ocsp_responder () const |
bool | operator< (const X509_Certificate &other) const |
X509_Certificate & | operator= (const X509_Certificate &other)=default |
bool | operator== (const X509_Certificate &other) const |
uint32_t | path_limit () const |
std::string | PEM_encode () const |
std::vector< std::string > | policies () const |
const std::vector< uint8_t > & | raw_issuer_dn () const |
std::vector< uint8_t > | raw_issuer_dn_sha256 () const |
const std::vector< uint8_t > & | raw_subject_dn () const |
std::vector< uint8_t > | raw_subject_dn_sha256 () const |
const std::vector< uint8_t > & | serial_number () const |
const std::vector< uint8_t > & | signature () const |
const AlgorithmIdentifier & | signature_algorithm () const |
const std::vector< uint8_t > & | signed_body () const |
std::string | start_time () const |
const AlternativeName & | subject_alt_name () const |
const X509_DN & | subject_dn () const |
std::vector< std::string > | subject_info (const std::string &name) const |
const std::vector< uint8_t > & | subject_key_id () const |
Public_Key * | subject_public_key () const |
const AlgorithmIdentifier & | subject_public_key_algo () const |
const std::vector< uint8_t > & | subject_public_key_bits () const |
const std::vector< uint8_t > & | subject_public_key_bitstring () const |
const std::vector< uint8_t > & | subject_public_key_bitstring_sha1 () const |
const std::vector< uint8_t > & | subject_public_key_info () const |
std::vector< uint8_t > | tbs_data () const |
std::string | to_string () const |
const std::vector< uint8_t > & | v2_issuer_key_id () const |
const std::vector< uint8_t > & | v2_subject_key_id () const |
const Extensions & | v3_extensions () const |
Certificate_Status_Code | verify_signature (const Public_Key &key) const |
X509_Certificate ()=default | |
X509_Certificate (const std::vector< uint8_t > &in) | |
X509_Certificate (const uint8_t data[], size_t length) | |
X509_Certificate (const X509_Certificate &other)=default | |
X509_Certificate (DataSource &source) | |
uint32_t | x509_version () const |
Static Public Member Functions | |
static std::unique_ptr< PK_Signer > | choose_sig_format (AlgorithmIdentifier &sig_algo, const Private_Key &key, RandomNumberGenerator &rng, const std::string &hash_fn, const std::string &padding_algo) |
static std::vector< uint8_t > | make_signed (class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const secure_vector< uint8_t > &tbs) |
Protected Member Functions | |
void | load_data (DataSource &src) |
This class represents an X.509 Certificate
Definition at line 37 of file x509cert.h.
|
explicit |
Create a certificate from a data source providing the DER or PEM encoded certificate.
source | the data source |
Definition at line 85 of file x509cert.cpp.
References Botan::X509_Object::load_data().
|
explicit |
Create a certificate from a buffer
in | the buffer containing the DER-encoded certificate |
Definition at line 90 of file x509cert.cpp.
References Botan::X509_Object::load_data().
Botan::X509_Certificate::X509_Certificate | ( | const uint8_t | data[], |
size_t | length | ||
) |
Create a certificate from a buffer
data | the buffer containing the DER-encoded certificate |
length | length of data in bytes |
Definition at line 96 of file x509cert.cpp.
References Botan::X509_Object::load_data().
|
default |
Create an uninitialized certificate object. Any attempts to access this object will throw an exception.
|
default |
bool Botan::X509_Certificate::allowed_extended_usage | ( | const OID & | usage | ) | const |
Returns true if the specified usage is set in the extended key usage extension, or if no extended key usage constraints are set at all. To check if a certain extended key constraint is set in the certificate use
Definition at line 544 of file x509cert.cpp.
References extended_key_usage().
bool Botan::X509_Certificate::allowed_extended_usage | ( | const std::string & | usage | ) | const |
Returns true if the specified
usage | is set in the extended key usage extension or if no extended key usage constraints are set at all. To check if a certain extended key constraint is set in the certificate use |
Definition at line 539 of file x509cert.cpp.
References allowed_extended_usage(), and Botan::OID::from_string().
Referenced by allowed_extended_usage(), and allowed_usage().
bool Botan::X509_Certificate::allowed_usage | ( | Key_Constraints | usage | ) | const |
Returns true if the specified
usage | is set in the key usage extension or if no key usage constraints are set at all. To check if a certain key constraint is set in the certificate use |
Definition at line 532 of file x509cert.cpp.
References constraints(), and Botan::NO_CONSTRAINTS.
Referenced by allowed_usage().
bool Botan::X509_Certificate::allowed_usage | ( | Usage_Type | usage | ) | const |
Returns true if the required key and extended key constraints are set in the certificate for the specified
usage | or if no key constraints are set in both the key usage and extended key usage extension. |
Definition at line 556 of file x509cert.cpp.
References allowed_extended_usage(), allowed_usage(), Botan::CERTIFICATE_AUTHORITY, Botan::DATA_ENCIPHERMENT, Botan::DIGITAL_SIGNATURE, Botan::ENCRYPTION, is_CA_cert(), Botan::KEY_AGREEMENT, Botan::KEY_ENCIPHERMENT, Botan::NON_REPUDIATION, Botan::OCSP_RESPONDER, Botan::TLS_CLIENT_AUTH, Botan::TLS_SERVER_AUTH, and Botan::UNSPECIFIED.
const std::vector< uint8_t > & Botan::X509_Certificate::authority_key_id | ( | ) | const |
Get the DER encoded AuthorityKeyIdentifier of this certificate.
Definition at line 450 of file x509cert.cpp.
Referenced by Botan::Certificate_Store_In_Memory::find_crl_for(), Botan::X509_CRL::is_revoked(), issuer_info(), and to_string().
|
inherited |
Return the encoding of this object. This is a convenience method when just one object needs to be serialized. Use DER_Encoder for complicated encodings.
Definition at line 16 of file asn1_obj.cpp.
References Botan::ASN1_Object::encode_into().
Referenced by Botan::PSSR::config_for_x509(), Botan::Certificate_Store_In_SQL::find_all_certs(), Botan::Certificate_Store_In_SQL::find_cert(), fingerprint(), Botan::Certificate_Store_In_SQL::insert_cert(), Botan::X509_Object::PEM_encode(), and Botan::Certificate_Store_In_SQL::revoke_cert().
std::vector< std::string > Botan::X509_Certificate::ca_issuers | ( | ) | const |
Return the listed addresses of ca issuers, or empty if not set
Definition at line 618 of file x509cert.cpp.
Referenced by to_string().
const std::vector< OID > & Botan::X509_Certificate::certificate_policy_oids | ( | ) | const |
Definition at line 517 of file x509cert.cpp.
Referenced by policies(), and to_string().
|
inherited |
Check the signature on this data
key | the public key purportedly used to sign this data |
Definition at line 178 of file x509_obj.cpp.
References Botan::VERIFIED, and Botan::X509_Object::verify_signature().
Referenced by Botan::X509_Object::check_signature().
|
inherited |
Check the signature on this data
key | the public key purportedly used to sign this data the object will be deleted after use (this should have been a std::unique_ptr<Public_Key>) |
Definition at line 170 of file x509_obj.cpp.
References Botan::X509_Object::check_signature(), and Botan::X509_Object::PEM_label().
|
staticinherited |
Definition at line 411 of file x509_obj.cpp.
References Botan::Public_Key::default_x509_signature_format().
Referenced by Botan::choose_sig_format(), Botan::choose_sig_format(), and Botan::PKCS10_Request::create().
Key_Constraints Botan::X509_Certificate::constraints | ( | ) | const |
Get the key constraints as defined in the KeyUsage extension of this certificate.
Definition at line 507 of file x509cert.cpp.
Referenced by allowed_usage(), has_constraints(), and to_string().
std::string Botan::X509_Certificate::crl_distribution_point | ( | ) | const |
Return the CRL distribution point, or empty if not set
Definition at line 623 of file x509cert.cpp.
Referenced by to_string().
|
overridevirtualinherited |
Decode a BER encoded X509_Object See ASN1_Object::decode_from()
Implements Botan::ASN1_Object.
Definition at line 106 of file x509_obj.cpp.
References Botan::BIT_STRING, Botan::BER_Decoder::decode(), Botan::BER_Decoder::end_cons(), Botan::BER_Decoder::raw_bytes(), Botan::SEQUENCE, and Botan::BER_Decoder::start_cons().
Referenced by Botan::X509_Object::load_data().
|
overridevirtualinherited |
DER encode an X509_Object See ASN1_Object::encode_into()
Implements Botan::ASN1_Object.
Definition at line 92 of file x509_obj.cpp.
References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::X509_Object::signature(), Botan::X509_Object::signature_algorithm(), Botan::X509_Object::signed_body(), and Botan::DER_Encoder::start_cons().
|
inline |
Get the notAfter of the certificate as a string
Definition at line 163 of file x509cert.h.
std::vector< std::string > Botan::X509_Certificate::ex_constraints | ( | ) | const |
Get the key constraints as defined in the ExtendedKeyUsage extension of this certificate.
Definition at line 754 of file x509cert.cpp.
References extended_key_usage().
Referenced by to_string().
const std::vector< OID > & Botan::X509_Certificate::extended_key_usage | ( | ) | const |
Get the key usage as defined in the ExtendedKeyUsage extension of this certificate, or else an empty vector.
Definition at line 512 of file x509cert.cpp.
Referenced by allowed_extended_usage(), ex_constraints(), has_ex_constraint(), and to_string().
std::string Botan::X509_Certificate::fingerprint | ( | const std::string & | hash_name = "SHA-1" | ) | const |
hash_name | hash function used to calculate the fingerprint |
Definition at line 767 of file x509cert.cpp.
References Botan::ASN1_Object::BER_encode(), and Botan::create_hex_fingerprint().
Referenced by Botan::Certificate_Store_In_SQL::affirm_cert(), Botan::Certificate_Store_In_SQL::find_key(), Botan::Certificate_Store_In_SQL::insert_cert(), Botan::Certificate_Store_In_SQL::insert_key(), Botan::Certificate_Store_In_SQL::remove_cert(), and Botan::Certificate_Store_In_SQL::revoke_cert().
bool Botan::X509_Certificate::has_constraints | ( | Key_Constraints | constraints | ) | const |
Returns true if the specified
constraints | are included in the key usage extension. |
Definition at line 584 of file x509cert.cpp.
References constraints(), and Botan::NO_CONSTRAINTS.
bool Botan::X509_Certificate::has_ex_constraint | ( | const OID & | ex_constraint | ) | const |
Returns true if and only if OID
ex_constraint | is included in the extended key extension. |
Definition at line 599 of file x509cert.cpp.
References extended_key_usage().
bool Botan::X509_Certificate::has_ex_constraint | ( | const std::string & | ex_constraint | ) | const |
Returns true if and only if
ex_constraint | (referring to an extended key constraint, eg "PKIX.ServerAuth") is included in the extended key extension. |
Definition at line 594 of file x509cert.cpp.
References Botan::OID::from_string(), and has_ex_constraint().
Referenced by has_ex_constraint().
|
inherited |
Definition at line 138 of file x509_obj.cpp.
References Botan::AlgorithmIdentifier::get_oid(), Botan::parse_algorithm_name(), Botan::X509_Object::signature_algorithm(), Botan::split_on(), Botan::OID::to_formatted_string(), and Botan::OID::to_string().
bool Botan::X509_Certificate::is_CA_cert | ( | ) | const |
Check whether this certificate is a CA certificate.
Definition at line 491 of file x509cert.cpp.
Referenced by allowed_usage(), Botan::Cert_Extension::Name_Constraints::validate(), Botan::X509_CA::X509_CA(), and Botan::X509_CA::X509_CA().
bool Botan::X509_Certificate::is_critical | ( | const std::string & | ex_name | ) | const |
Check whenever a given X509 Extension is marked critical in this certificate.
Definition at line 608 of file x509cert.cpp.
References Botan::Extensions::critical_extension_set(), Botan::OID::from_string(), and v3_extensions().
Referenced by Botan::Cert_Extension::Name_Constraints::validate().
bool Botan::X509_Certificate::is_self_signed | ( | ) | const |
Check whether this certificate is self signed. If the DN issuer and subject agree,
Definition at line 397 of file x509cert.cpp.
bool Botan::X509_Certificate::is_serial_negative | ( | ) | const |
Get the serial number's sign
Definition at line 465 of file x509cert.cpp.
const AlternativeName & Botan::X509_Certificate::issuer_alt_name | ( | ) | const |
Return the issuer alternative names (DNS, IP, ...)
Definition at line 636 of file x509cert.cpp.
Referenced by issuer_info().
const X509_DN & Botan::X509_Certificate::issuer_dn | ( | ) | const |
Get the certificate's issuer distinguished name (DN).
Definition at line 471 of file x509cert.cpp.
Referenced by Botan::Certificate_Store_In_SQL::find_crl_for(), Botan::Certificate_Store_In_Memory::find_crl_for(), Botan::X509_CRL::is_revoked(), issuer_info(), Botan::OCSP::Request::Request(), and to_string().
std::vector< std::string > Botan::X509_Certificate::issuer_info | ( | const std::string & | name | ) | const |
Get a value for a specific subject_info parameter name.
name | the name of the parameter to look up. Possible names are "X509.Certificate.v2.key_id" or "X509v3.AuthorityKeyIdentifier". |
Definition at line 680 of file x509cert.cpp.
References authority_key_id(), Botan::X509_DN::get_attribute(), Botan::AlternativeName::get_attribute(), Botan::hex_encode(), issuer_alt_name(), issuer_dn(), raw_issuer_dn(), and v2_issuer_key_id().
|
protectedinherited |
Decodes from src as either DER or PEM data, then calls force_decode()
Definition at line 52 of file x509_obj.cpp.
References Botan::X509_Object::alternate_PEM_labels(), Botan::PEM_Code::decode(), Botan::X509_Object::decode_from(), Botan::PEM_Code::matches(), Botan::ASN1::maybe_BER(), and Botan::X509_Object::PEM_label().
Referenced by Botan::PKCS10_Request::PKCS10_Request(), Botan::PKCS10_Request::PKCS10_Request(), X509_Certificate(), X509_Certificate(), X509_Certificate(), Botan::X509_CRL::X509_CRL(), and Botan::X509_CRL::X509_CRL().
std::unique_ptr< Public_Key > Botan::X509_Certificate::load_subject_public_key | ( | ) | const |
Create a public key object associated with the public key bits in this certificate. If the public key bits was valid for X.509 encoding purposes but invalid algorithmically (for example, RSA with an even modulus) that will be detected at this point, and an exception will be thrown.
Definition at line 702 of file x509cert.cpp.
References Botan::X509::load_key(), and subject_public_key_info().
Referenced by subject_public_key().
|
staticinherited |
Create a signed X509 object.
signer | the signer used to sign the object |
rng | the random number generator to use |
alg_id | the algorithm identifier of the signature scheme |
tbs | the tbs bits to be signed |
Definition at line 303 of file x509_obj.cpp.
References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::PK_Signer::sign_message(), Botan::X509_Object::signature(), and Botan::DER_Encoder::start_cons().
Referenced by Botan::PKCS10_Request::create(), and Botan::X509_CA::make_cert().
bool Botan::X509_Certificate::matches_dns_name | ( | const std::string & | name | ) | const |
Check if a certain DNS name matches up with the information in the cert
name | DNS name to match |
Definition at line 786 of file x509cert.cpp.
References Botan::host_wildcard_match(), name, and subject_info().
Referenced by botan_x509_cert_hostname_match().
const NameConstraints & Botan::X509_Certificate::name_constraints | ( | ) | const |
Get the name constraints as defined in the NameConstraints extension of this certificate.
Definition at line 522 of file x509cert.cpp.
Referenced by to_string().
const X509_Time & Botan::X509_Certificate::not_after | ( | ) | const |
Get the notAfter of the certificate as X509_Time
Definition at line 407 of file x509cert.cpp.
Referenced by botan_x509_cert_not_after(), subject_info(), and to_string().
const X509_Time & Botan::X509_Certificate::not_before | ( | ) | const |
Get the notBefore of the certificate as X509_Time
Definition at line 402 of file x509cert.cpp.
Referenced by botan_x509_cert_not_before(), subject_info(), and to_string().
std::string Botan::X509_Certificate::ocsp_responder | ( | ) | const |
Return the listed address of an OCSP responder, or empty if not set
Definition at line 613 of file x509cert.cpp.
Referenced by to_string().
bool Botan::X509_Certificate::operator< | ( | const X509_Certificate & | other | ) | const |
Impose an arbitrary (but consistent) ordering, eg to allow sorting a container of certificate objects.
Definition at line 816 of file x509cert.cpp.
References Botan::X509_Object::signature(), and Botan::X509_Object::signed_body().
|
default |
bool Botan::X509_Certificate::operator== | ( | const X509_Certificate & | other | ) | const |
Check to certificates for equality.
Definition at line 809 of file x509cert.cpp.
References Botan::X509_Object::signature(), Botan::X509_Object::signature_algorithm(), and Botan::X509_Object::signed_body().
uint32_t Botan::X509_Certificate::path_limit | ( | ) | const |
Get the path limit as defined in the BasicConstraints extension of this certificate.
Definition at line 499 of file x509cert.cpp.
|
inherited |
Definition at line 122 of file x509_obj.cpp.
References Botan::ASN1_Object::BER_encode(), Botan::PEM_Code::encode(), and Botan::X509_Object::PEM_label().
std::vector< std::string > Botan::X509_Certificate::policies | ( | ) | const |
Get the policies as defined in the CertificatePolicies extension of this certificate.
Definition at line 762 of file x509cert.cpp.
References certificate_policy_oids().
Referenced by to_string().
const std::vector< uint8_t > & Botan::X509_Certificate::raw_issuer_dn | ( | ) | const |
Raw issuer DN bits
Definition at line 481 of file x509cert.cpp.
Referenced by Botan::OCSP::CertID::is_id_for(), and issuer_info().
std::vector< uint8_t > Botan::X509_Certificate::raw_issuer_dn_sha256 | ( | ) | const |
SHA-256 of Raw issuer DN
Definition at line 719 of file x509cert.cpp.
const std::vector< uint8_t > & Botan::X509_Certificate::raw_subject_dn | ( | ) | const |
Raw subject DN
Definition at line 486 of file x509cert.cpp.
Referenced by Botan::OCSP::CertID::CertID(), and subject_info().
std::vector< uint8_t > Botan::X509_Certificate::raw_subject_dn_sha256 | ( | ) | const |
SHA-256 of Raw subject DN
Definition at line 726 of file x509cert.cpp.
const std::vector< uint8_t > & Botan::X509_Certificate::serial_number | ( | ) | const |
Get the serial number of this certificate.
Definition at line 460 of file x509cert.cpp.
Referenced by Botan::CRL_Entry::CRL_Entry(), Botan::OCSP::CertID::is_id_for(), Botan::X509_CRL::is_revoked(), subject_info(), and to_string().
|
inlineinherited |
Definition at line 37 of file x509_obj.h.
Referenced by Botan::X509_Object::encode_into(), Botan::X509_Object::make_signed(), operator<(), operator==(), and Botan::X509_Object::verify_signature().
|
inlineinherited |
Definition at line 47 of file x509_obj.h.
Referenced by Botan::X509_Object::encode_into(), Botan::X509_Object::hash_used_for_signature(), operator==(), to_string(), Botan::X509_Object::verify_signature(), and Botan::X509_CA::X509_CA().
|
inlineinherited |
Definition at line 42 of file x509_obj.h.
Referenced by Botan::X509_Object::encode_into(), operator<(), and operator==().
|
inline |
Get the notBefore of the certificate as a string
Definition at line 154 of file x509cert.h.
const AlternativeName & Botan::X509_Certificate::subject_alt_name | ( | ) | const |
Return the subject alternative names (DNS, IP, ...)
Definition at line 631 of file x509cert.cpp.
Referenced by Botan::GeneralName::matches(), and subject_info().
const X509_DN & Botan::X509_Certificate::subject_dn | ( | ) | const |
Get the certificate's subject distinguished name (DN).
Definition at line 476 of file x509cert.cpp.
Referenced by Botan::Certificate_Store_Windows::all_subjects(), Botan::Certificate_Store::certificate_known(), Botan::Certificate_Store_In_SQL::insert_cert(), Botan::GeneralName::matches(), Botan::Certificate_Store_In_SQL::remove_cert(), Botan::OCSP::Request::Request(), Botan::X509_CA::sign_request(), Botan::X509_CA::sign_request(), subject_info(), and to_string().
std::vector< std::string > Botan::X509_Certificate::subject_info | ( | const std::string & | name | ) | const |
Get a value for a specific subject_info parameter name.
name | the name of the parameter to look up. Possible names include "X509.Certificate.version", "X509.Certificate.serial", "X509.Certificate.start", "X509.Certificate.end", "X509.Certificate.v2.key_id", "X509.Certificate.public_key", "X509v3.BasicConstraints.path_constraint", "X509v3.BasicConstraints.is_ca", "X509v3.NameConstraints", "X509v3.ExtendedKeyUsage", "X509v3.CertificatePolicies", "X509v3.SubjectKeyIdentifier", "X509.Certificate.serial", "X520.CommonName", "X520.Organization", "X520.Country", "RFC822" (Email in SAN) or "PKCS9.EmailAddress" (Email in DN). |
Definition at line 645 of file x509cert.cpp.
References Botan::X509_DN::get_attribute(), Botan::AlternativeName::get_attribute(), Botan::hex_encode(), not_after(), not_before(), raw_subject_dn(), serial_number(), subject_alt_name(), subject_dn(), subject_info(), subject_key_id(), Botan::ASN1_Time::to_string(), v2_subject_key_id(), and x509_version().
Referenced by matches_dns_name(), and subject_info().
const std::vector< uint8_t > & Botan::X509_Certificate::subject_key_id | ( | ) | const |
Get the DER encoded SubjectKeyIdentifier of this certificate.
Definition at line 455 of file x509cert.cpp.
Referenced by Botan::Certificate_Store::certificate_known(), Botan::Certificate_Store_In_SQL::insert_cert(), Botan::Certificate_Store_In_SQL::remove_cert(), subject_info(), and to_string().
Public_Key * Botan::X509_Certificate::subject_public_key | ( | ) | const |
Return a newly allocated copy of the public key associated with the subject of this certificate. This object is owned by the caller.
Prefer load_subject_public_key in new code
Definition at line 714 of file x509cert.cpp.
References load_subject_public_key().
Referenced by to_string(), Botan::TLS::Certificate_Verify::verify(), and Botan::OCSP::Response::verify_signature().
const AlgorithmIdentifier & Botan::X509_Certificate::subject_public_key_algo | ( | ) | const |
Return the algorithm identifier of the public key
Definition at line 412 of file x509cert.cpp.
Referenced by to_string().
const std::vector< uint8_t > & Botan::X509_Certificate::subject_public_key_bits | ( | ) | const |
Get the public key associated with this certificate. This includes the outer AlgorithmIdentifier
Definition at line 427 of file x509cert.cpp.
const std::vector< uint8_t > & Botan::X509_Certificate::subject_public_key_bitstring | ( | ) | const |
Get the bit string of the public key associated with this certificate
Definition at line 437 of file x509cert.cpp.
Referenced by Botan::OCSP::CertID::CertID(), and Botan::OCSP::CertID::is_id_for().
const std::vector< uint8_t > & Botan::X509_Certificate::subject_public_key_bitstring_sha1 | ( | ) | const |
Get the SHA-1 bit string of the public key associated with this certificate. This is used for OCSP among other protocols. This function will throw if SHA-1 is not available.
Definition at line 442 of file x509cert.cpp.
const std::vector< uint8_t > & Botan::X509_Certificate::subject_public_key_info | ( | ) | const |
Get the SubjectPublicKeyInfo associated with this certificate.
Definition at line 432 of file x509cert.cpp.
Referenced by load_subject_public_key().
|
inherited |
The underlying data that is to be or was signed
Definition at line 130 of file x509_obj.cpp.
References Botan::ASN1::put_in_sequence().
Referenced by Botan::X509_Object::verify_signature().
std::string Botan::X509_Certificate::to_string | ( | ) | const |
Definition at line 836 of file x509cert.cpp.
References authority_key_id(), ca_issuers(), certificate_policy_oids(), constraints(), crl_distribution_point(), Botan::CRL_SIGN, Botan::DATA_ENCIPHERMENT, Botan::DECIPHER_ONLY, Botan::DIGITAL_SIGNATURE, Botan::ENCIPHER_ONLY, ex_constraints(), Botan::NameConstraints::excluded(), extended_key_usage(), Botan::AlgorithmIdentifier::get_oid(), Botan::hex_encode(), issuer_dn(), Botan::KEY_AGREEMENT, Botan::KEY_CERT_SIGN, Botan::KEY_ENCIPHERMENT, name_constraints(), Botan::NO_CONSTRAINTS, Botan::NON_REPUDIATION, not_after(), not_before(), ocsp_responder(), Botan::X509::PEM_encode(), Botan::NameConstraints::permitted(), policies(), Botan::ASN1_Time::readable_string(), serial_number(), Botan::X509_Object::signature_algorithm(), subject_dn(), subject_key_id(), subject_public_key(), subject_public_key_algo(), Botan::OID::to_formatted_string(), Botan::OID::to_string(), and x509_version().
const std::vector< uint8_t > & Botan::X509_Certificate::v2_issuer_key_id | ( | ) | const |
Return the v2 issuer key ID. v2 key IDs are almost never used, instead see v3_subject_key_id.
Definition at line 417 of file x509cert.cpp.
Referenced by issuer_info().
const std::vector< uint8_t > & Botan::X509_Certificate::v2_subject_key_id | ( | ) | const |
Return the v2 subject key ID. v2 key IDs are almost never used, instead see v3_subject_key_id.
Definition at line 422 of file x509cert.cpp.
Referenced by subject_info().
const Extensions & Botan::X509_Certificate::v3_extensions | ( | ) | const |
Get all extensions of this certificate.
Definition at line 527 of file x509cert.cpp.
Referenced by is_critical().
|
inherited |
Check the signature on this data
key | the public key purportedly used to sign this data |
Definition at line 184 of file x509_obj.cpp.
References Botan::Public_Key::algo_name(), Botan::Public_Key::default_x509_signature_format(), Botan::AlgorithmIdentifier::get_oid(), hash_algo, Botan::X509_Object::signature(), Botan::SIGNATURE_ALGO_BAD_PARAMS, Botan::SIGNATURE_ALGO_UNKNOWN, Botan::X509_Object::signature_algorithm(), Botan::SIGNATURE_ERROR, Botan::split_on(), Botan::X509_Object::tbs_data(), Botan::OID::to_formatted_string(), Botan::UNTRUSTED_HASH, Botan::VERIFIED, and Botan::PK_Verifier::verify_message().
Referenced by Botan::X509_Object::check_signature().
uint32_t Botan::X509_Certificate::x509_version | ( | ) | const |
Get the X509 version of this certificate object.
Definition at line 392 of file x509cert.cpp.
Referenced by subject_info(), and to_string().