Botan  1.10.9
x509opt.cpp
Go to the documentation of this file.
1 /*
2 * X.509 Certificate Options
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Distributed under the terms of the Botan license
6 */
7 
8 #include <botan/x509self.h>
9 #include <botan/oids.h>
10 #include <botan/parsing.h>
11 #include <botan/time.h>
12 
13 namespace Botan {
14 
15 /*
16 * Set when the certificate should become valid
17 */
18 void X509_Cert_Options::not_before(const std::string& time_string)
19  {
20  start = X509_Time(time_string);
21  }
22 
23 /*
24 * Set when the certificate should expire
25 */
26 void X509_Cert_Options::not_after(const std::string& time_string)
27  {
28  end = X509_Time(time_string);
29  }
30 
31 /*
32 * Set key constraint information
33 */
35  {
36  constraints = usage;
37  }
38 
39 /*
40 * Set key constraint information
41 */
43  {
44  ex_constraints.push_back(oid);
45  }
46 
47 /*
48 * Set key constraint information
49 */
50 void X509_Cert_Options::add_ex_constraint(const std::string& oid_str)
51  {
52  ex_constraints.push_back(OIDS::lookup(oid_str));
53  }
54 
55 /*
56 * Mark this certificate for CA usage
57 */
58 void X509_Cert_Options::CA_key(size_t limit)
59  {
60  is_CA = true;
61  path_limit = limit;
62  }
63 
64 /*
65 * Do basic sanity checks
66 */
68  {
69  if(common_name == "" || country == "")
70  throw Encoding_Error("X.509 certificate: name and country MUST be set");
71  if(country.size() != 2)
72  throw Encoding_Error("Invalid ISO country code: " + country);
73  if(start >= end)
74  throw Encoding_Error("X509_Cert_Options: invalid time constraints");
75  }
76 
77 /*
78 * Initialize the certificate options
79 */
80 X509_Cert_Options::X509_Cert_Options(const std::string& initial_opts,
81  u32bit expiration_time_in_seconds)
82  {
83  is_CA = false;
84  path_limit = 0;
86 
87  const u64bit now = system_time();
88 
89  start = X509_Time(now);
90  end = X509_Time(now + expiration_time_in_seconds);
91 
92  if(initial_opts == "")
93  return;
94 
95  std::vector<std::string> parsed = split_on(initial_opts, '/');
96 
97  if(parsed.size() > 4)
98  throw Invalid_Argument("X.509 cert options: Too many names: "
99  + initial_opts);
100 
101  if(parsed.size() >= 1) common_name = parsed[0];
102  if(parsed.size() >= 2) country = parsed[1];
103  if(parsed.size() >= 3) organization = parsed[2];
104  if(parsed.size() == 4) org_unit = parsed[3];
105  }
106 
107 }
void add_constraints(Key_Constraints constr)
Definition: x509opt.cpp:34
std::string org_unit
Definition: x509self.h:41
std::string country
Definition: x509self.h:31
void not_before(const std::string &time)
Definition: x509opt.cpp:18
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:152
void not_after(const std::string &time)
Definition: x509opt.cpp:26
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
void add_ex_constraint(const OID &oid)
Definition: x509opt.cpp:42
void CA_key(size_t limit=1)
Definition: x509opt.cpp:58
std::string common_name
Definition: x509self.h:26
unsigned long long u64bit
Definition: types.h:49
std::string lookup(const OID &oid)
Definition: oids.cpp:31
Key_Constraints constraints
Definition: x509self.h:110
X509_Cert_Options(const std::string &opts="", u32bit expire_time=365 *24 *60 *60)
Definition: x509opt.cpp:80
void sanity_check() const
Definition: x509opt.cpp:67
Key_Constraints
Definition: pubkey_enums.h:18
std::vector< OID > ex_constraints
Definition: x509self.h:115
u64bit system_time()
Definition: time.cpp:73
unsigned int u32bit
Definition: types.h:32
OID oid
Definition: x509_ext.cpp:446
std::string organization
Definition: x509self.h:36