Botan  1.10.9
x509_ext.h
Go to the documentation of this file.
1 /*
2 * X.509 Certificate Extensions
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Distributed under the terms of the Botan license
6 */
7 
8 #ifndef BOTAN_X509_EXTENSIONS_H__
9 #define BOTAN_X509_EXTENSIONS_H__
10 
11 #include <botan/asn1_int.h>
12 #include <botan/asn1_oid.h>
13 #include <botan/asn1_obj.h>
14 #include <botan/datastor.h>
15 #include <botan/pubkey_enums.h>
16 
17 namespace Botan {
18 
19 /**
20 * X.509 Certificate Extension
21 */
22 class BOTAN_DLL Certificate_Extension
23  {
24  public:
25  /**
26  * @return OID representing this extension
27  */
28  OID oid_of() const;
29 
30  /**
31  * Make a copy of this extension
32  * @return copy of this
33  */
34  virtual Certificate_Extension* copy() const = 0;
35 
36  /*
37  * Add the contents of this extension into the information
38  * for the subject and/or issuer, as necessary.
39  * @param subject the subject info
40  * @param issuer the issuer info
41  */
42  virtual void contents_to(Data_Store& subject,
43  Data_Store& issuer) const = 0;
44 
45  /*
46  * @return short readable name
47  */
48  virtual std::string config_id() const = 0;
49 
50  /*
51  * @return specific OID name
52  */
53  virtual std::string oid_name() const = 0;
54 
56  protected:
57  friend class Extensions;
58  virtual bool should_encode() const { return true; }
59  virtual MemoryVector<byte> encode_inner() const = 0;
60  virtual void decode_inner(const MemoryRegion<byte>&) = 0;
61  };
62 
63 /**
64 * X.509 Certificate Extension List
65 */
66 class BOTAN_DLL Extensions : public ASN1_Object
67  {
68  public:
69  void encode_into(class DER_Encoder&) const;
70  void decode_from(class BER_Decoder&);
71 
72  void contents_to(Data_Store&, Data_Store&) const;
73 
74  void add(Certificate_Extension* extn, bool critical = false);
75 
76  Extensions& operator=(const Extensions&);
77 
78  Extensions(const Extensions&);
79  Extensions(bool st = true) : should_throw(st) {}
80  ~Extensions();
81  private:
82  static Certificate_Extension* get_extension(const OID&);
83 
84  std::vector<std::pair<Certificate_Extension*, bool> > extensions;
85  bool should_throw;
86  };
87 
88 namespace Cert_Extension {
89 
90 static const size_t NO_CERT_PATH_LIMIT = 0xFFFFFFF0;
91 
92 /**
93 * Basic Constraints Extension
94 */
95 class BOTAN_DLL Basic_Constraints : public Certificate_Extension
96  {
97  public:
99  { return new Basic_Constraints(is_ca, path_limit); }
100 
101  Basic_Constraints(bool ca = false, size_t limit = 0) :
102  is_ca(ca), path_limit(limit) {}
103 
104  bool get_is_ca() const { return is_ca; }
105  size_t get_path_limit() const;
106  private:
107  std::string config_id() const { return "basic_constraints"; }
108  std::string oid_name() const { return "X509v3.BasicConstraints"; }
109 
110  MemoryVector<byte> encode_inner() const;
111  void decode_inner(const MemoryRegion<byte>&);
112  void contents_to(Data_Store&, Data_Store&) const;
113 
114  bool is_ca;
115  size_t path_limit;
116  };
117 
118 /**
119 * Key Usage Constraints Extension
120 */
121 class BOTAN_DLL Key_Usage : public Certificate_Extension
122  {
123  public:
124  Key_Usage* copy() const { return new Key_Usage(constraints); }
125 
126  Key_Usage(Key_Constraints c = NO_CONSTRAINTS) : constraints(c) {}
127 
128  Key_Constraints get_constraints() const { return constraints; }
129  private:
130  std::string config_id() const { return "key_usage"; }
131  std::string oid_name() const { return "X509v3.KeyUsage"; }
132 
133  bool should_encode() const { return (constraints != NO_CONSTRAINTS); }
134  MemoryVector<byte> encode_inner() const;
135  void decode_inner(const MemoryRegion<byte>&);
136  void contents_to(Data_Store&, Data_Store&) const;
137 
138  Key_Constraints constraints;
139  };
140 
141 /**
142 * Subject Key Identifier Extension
143 */
144 class BOTAN_DLL Subject_Key_ID : public Certificate_Extension
145  {
146  public:
147  Subject_Key_ID* copy() const { return new Subject_Key_ID(key_id); }
148 
151 
152  MemoryVector<byte> get_key_id() const { return key_id; }
153  private:
154  std::string config_id() const { return "subject_key_id"; }
155  std::string oid_name() const { return "X509v3.SubjectKeyIdentifier"; }
156 
157  bool should_encode() const { return (key_id.size() > 0); }
158  MemoryVector<byte> encode_inner() const;
159  void decode_inner(const MemoryRegion<byte>&);
160  void contents_to(Data_Store&, Data_Store&) const;
161 
162  MemoryVector<byte> key_id;
163  };
164 
165 /**
166 * Authority Key Identifier Extension
167 */
168 class BOTAN_DLL Authority_Key_ID : public Certificate_Extension
169  {
170  public:
171  Authority_Key_ID* copy() const { return new Authority_Key_ID(key_id); }
172 
174  Authority_Key_ID(const MemoryRegion<byte>& k) : key_id(k) {}
175 
176  MemoryVector<byte> get_key_id() const { return key_id; }
177  private:
178  std::string config_id() const { return "authority_key_id"; }
179  std::string oid_name() const { return "X509v3.AuthorityKeyIdentifier"; }
180 
181  bool should_encode() const { return (key_id.size() > 0); }
182  MemoryVector<byte> encode_inner() const;
183  void decode_inner(const MemoryRegion<byte>&);
184  void contents_to(Data_Store&, Data_Store&) const;
185 
186  MemoryVector<byte> key_id;
187  };
188 
189 /**
190 * Alternative Name Extension Base Class
191 */
192 class BOTAN_DLL Alternative_Name : public Certificate_Extension
193  {
194  public:
195  AlternativeName get_alt_name() const { return alt_name; }
196 
197  protected:
199  const std::string&, const std::string&);
200 
201  Alternative_Name(const std::string&, const std::string&);
202  private:
203  std::string config_id() const { return config_name_str; }
204  std::string oid_name() const { return oid_name_str; }
205 
206  bool should_encode() const { return alt_name.has_items(); }
207  MemoryVector<byte> encode_inner() const;
208  void decode_inner(const MemoryRegion<byte>&);
209  void contents_to(Data_Store&, Data_Store&) const;
210 
211  std::string config_name_str, oid_name_str;
212  AlternativeName alt_name;
213  };
214 
215 /**
216 * Subject Alternative Name Extension
217 */
219  {
220  public:
222  { return new Subject_Alternative_Name(get_alt_name()); }
223 
225  };
226 
227 /**
228 * Issuer Alternative Name Extension
229 */
231  {
232  public:
234  { return new Issuer_Alternative_Name(get_alt_name()); }
235 
237  };
238 
239 /**
240 * Extended Key Usage Extension
241 */
243  {
244  public:
245  Extended_Key_Usage* copy() const { return new Extended_Key_Usage(oids); }
246 
248  Extended_Key_Usage(const std::vector<OID>& o) : oids(o) {}
249 
250  std::vector<OID> get_oids() const { return oids; }
251  private:
252  std::string config_id() const { return "extended_key_usage"; }
253  std::string oid_name() const { return "X509v3.ExtendedKeyUsage"; }
254 
255  bool should_encode() const { return (oids.size() > 0); }
256  MemoryVector<byte> encode_inner() const;
257  void decode_inner(const MemoryRegion<byte>&);
258  void contents_to(Data_Store&, Data_Store&) const;
259 
260  std::vector<OID> oids;
261  };
262 
263 /**
264 * Certificate Policies Extension
265 */
267  {
268  public:
270  { return new Certificate_Policies(oids); }
271 
273  Certificate_Policies(const std::vector<OID>& o) : oids(o) {}
274 
275  std::vector<OID> get_oids() const { return oids; }
276  private:
277  std::string config_id() const { return "policy_info"; }
278  std::string oid_name() const { return "X509v3.CertificatePolicies"; }
279 
280  bool should_encode() const { return (oids.size() > 0); }
281  MemoryVector<byte> encode_inner() const;
282  void decode_inner(const MemoryRegion<byte>&);
283  void contents_to(Data_Store&, Data_Store&) const;
284 
285  std::vector<OID> oids;
286  };
287 
288 /**
289 * CRL Number Extension
290 */
291 class BOTAN_DLL CRL_Number : public Certificate_Extension
292  {
293  public:
294  CRL_Number* copy() const;
295 
296  CRL_Number() : has_value(false), crl_number(0) {}
297  CRL_Number(size_t n) : has_value(true), crl_number(n) {}
298 
299  size_t get_crl_number() const;
300  private:
301  std::string config_id() const { return "crl_number"; }
302  std::string oid_name() const { return "X509v3.CRLNumber"; }
303 
304  bool should_encode() const { return has_value; }
305  MemoryVector<byte> encode_inner() const;
306  void decode_inner(const MemoryRegion<byte>&);
307  void contents_to(Data_Store&, Data_Store&) const;
308 
309  bool has_value;
310  size_t crl_number;
311  };
312 
313 /**
314 * CRL Entry Reason Code Extension
315 */
316 class BOTAN_DLL CRL_ReasonCode : public Certificate_Extension
317  {
318  public:
319  CRL_ReasonCode* copy() const { return new CRL_ReasonCode(reason); }
320 
322 
323  CRL_Code get_reason() const { return reason; }
324  private:
325  std::string config_id() const { return "crl_reason"; }
326  std::string oid_name() const { return "X509v3.ReasonCode"; }
327 
328  bool should_encode() const { return (reason != UNSPECIFIED); }
329  MemoryVector<byte> encode_inner() const;
330  void decode_inner(const MemoryRegion<byte>&);
331  void contents_to(Data_Store&, Data_Store&) const;
332 
333  CRL_Code reason;
334  };
335 
336 }
337 
338 }
339 
340 #endif
BigInt n
Definition: numthry.cpp:26
Certificate_Policies * copy() const
Definition: x509_ext.h:269
Subject_Key_ID * copy() const
Definition: x509_ext.h:147
Subject_Alternative_Name * copy() const
Definition: x509_ext.h:221
virtual ~Certificate_Extension()
Definition: x509_ext.h:55
Key_Constraints get_constraints() const
Definition: x509_ext.h:128
MemoryVector< byte > get_key_id() const
Definition: x509_ext.h:176
Certificate_Policies(const std::vector< OID > &o)
Definition: x509_ext.h:273
Basic_Constraints(bool ca=false, size_t limit=0)
Definition: x509_ext.h:101
std::vector< OID > get_oids() const
Definition: x509_ext.h:275
CRL_ReasonCode * copy() const
Definition: x509_ext.h:319
Key_Usage * copy() const
Definition: x509_ext.h:124
virtual bool should_encode() const
Definition: x509_ext.h:58
Authority_Key_ID(const MemoryRegion< byte > &k)
Definition: x509_ext.h:174
Issuer_Alternative_Name * copy() const
Definition: x509_ext.h:233
std::vector< OID > get_oids() const
Definition: x509_ext.h:250
Extended_Key_Usage(const std::vector< OID > &o)
Definition: x509_ext.h:248
Extended_Key_Usage * copy() const
Definition: x509_ext.h:245
Basic_Constraints * copy() const
Definition: x509_ext.h:98
Extensions(bool st=true)
Definition: x509_ext.h:79
AlternativeName get_alt_name() const
Definition: x509_ext.h:195
BigInt r
Definition: numthry.cpp:26
Key_Usage(Key_Constraints c=NO_CONSTRAINTS)
Definition: x509_ext.h:126
MemoryVector< byte > get_key_id() const
Definition: x509_ext.h:152
Authority_Key_ID * copy() const
Definition: x509_ext.h:171
CRL_ReasonCode(CRL_Code r=UNSPECIFIED)
Definition: x509_ext.h:321
Key_Constraints
Definition: pubkey_enums.h:18