Botan
1.10.9
Main Page
Related Pages
Namespaces
Classes
Files
File List
File Members
src
cert
x509ca
x509_ca.h
Go to the documentation of this file.
1
/*
2
* X.509 Certificate Authority
3
* (C) 1999-2008 Jack Lloyd
4
*
5
* Distributed under the terms of the Botan license
6
*/
7
8
#ifndef BOTAN_X509_CA_H__
9
#define BOTAN_X509_CA_H__
10
11
#include <botan/x509cert.h>
12
#include <botan/x509_crl.h>
13
#include <botan/x509_ext.h>
14
#include <botan/pkcs8.h>
15
#include <botan/pkcs10.h>
16
#include <botan/pubkey.h>
17
18
namespace
Botan
{
19
20
/**
21
* This class represents X.509 Certificate Authorities (CAs).
22
*/
23
class
BOTAN_DLL
X509_CA
24
{
25
public
:
26
27
/**
28
* Sign a PKCS#10 Request.
29
* @param req the request to sign
30
* @param rng the rng to use
31
* @param not_before the starting time for the certificate
32
* @param not_after the expiration time for the certificate
33
* @return resulting certificate
34
*/
35
X509_Certificate
sign_request
(
const
PKCS10_Request
& req,
36
RandomNumberGenerator
&
rng
,
37
const
X509_Time
& not_before,
38
const
X509_Time
& not_after);
39
40
/**
41
* Get the certificate of this CA.
42
* @return CA certificate
43
*/
44
X509_Certificate
ca_certificate()
const
;
45
46
/**
47
* Create a new and empty CRL for this CA.
48
* @param rng the random number generator to use
49
* @param next_update the time to set in next update in seconds
50
* as the offset from the current time
51
* @return new CRL
52
*/
53
X509_CRL
new_crl(
RandomNumberGenerator
& rng,
54
u32bit
next_update = 0)
const
;
55
56
/**
57
* Create a new CRL by with additional entries.
58
* @param last_crl the last CRL of this CA to add the new entries to
59
* @param new_entries contains the new CRL entries to be added to the CRL
60
* @param rng the random number generator to use
61
* @param next_update the time to set in next update in seconds
62
* as the offset from the current time
63
*/
64
X509_CRL
update_crl(
const
X509_CRL
& last_crl,
65
const
std::vector<CRL_Entry>& new_entries,
66
RandomNumberGenerator
& rng,
67
u32bit
next_update = 0)
const
;
68
69
/**
70
* Interface for creating new certificates
71
* @param signer a signing object
72
* @param rng a random number generator
73
* @param sig_algo the signature algorithm identifier
74
* @param pub_key the serialized public key
75
* @param not_before the start time of the certificate
76
* @param not_after the end time of the certificate
77
* @param issuer_dn the DN of the issuer
78
* @param subject_dn the DN of the subject
79
* @param extensions an optional list of certificate extensions
80
* @returns newly minted certificate
81
*/
82
static
X509_Certificate
make_cert(
PK_Signer
* signer,
83
RandomNumberGenerator
& rng,
84
const
AlgorithmIdentifier
& sig_algo,
85
const
MemoryRegion<byte>
& pub_key,
86
const
X509_Time
& not_before,
87
const
X509_Time
& not_after,
88
const
X509_DN
& issuer_dn,
89
const
X509_DN
& subject_dn,
90
const
Extensions
& extensions);
91
92
/**
93
* Create a new CA object.
94
* @param ca_certificate the certificate of the CA
95
* @param key the private key of the CA
96
* @param hash_fn name of a hash function to use for signing
97
*/
98
X509_CA
(
const
X509_Certificate
& ca_certificate,
99
const
Private_Key
& key,
100
const
std::string& hash_fn);
101
102
~
X509_CA
();
103
private
:
104
X509_CA
(
const
X509_CA
&) {}
105
X509_CA
& operator=(
const
X509_CA
&) {
return
(*
this
); }
106
107
X509_CRL
make_crl(
const
std::vector<CRL_Entry>& entries,
108
u32bit
crl_number,
u32bit
next_update,
109
RandomNumberGenerator
& rng)
const
;
110
111
AlgorithmIdentifier
ca_sig_algo;
112
X509_Certificate
cert;
113
PK_Signer
* signer;
114
};
115
116
/**
117
* Choose the default signature format for a certain public key signature
118
* scheme.
119
* @param key will be the key to choose a padding scheme for
120
* @param hash_fn is the desired hash function
121
* @param alg_id will be set to the chosen scheme
122
* @return A PK_Signer object for generating signatures
123
*/
124
BOTAN_DLL
PK_Signer
*
choose_sig_format
(
const
Private_Key
& key,
125
const
std::string& hash_fn,
126
AlgorithmIdentifier
& alg_id);
127
128
}
129
130
#endif
Botan::RandomNumberGenerator
Definition:
rng.h:20
Botan::Private_Key
Definition:
pk_keys.h:86
Botan::Extensions
Definition:
x509_ext.h:66
Botan::DE_EAC::sign_request
EAC1_1_CVC sign_request(EAC1_1_CVC const &signer_cert, Private_Key const &key, EAC1_1_Req const &signee, u32bit seqnr, u32bit seqnr_len, bool domestic, u32bit dvca_validity_months, u32bit ca_is_validity_months, RandomNumberGenerator &rng)
Definition:
cvc_self.cpp:249
Botan::X509_CA
Definition:
x509_ca.h:23
Botan::X509_Certificate
Definition:
x509cert.h:23
rng
RandomNumberGenerator * rng
Definition:
global_rng.cpp:165
Botan::X509_DN
Definition:
x509_dn.h:21
Botan::PKCS10_Request
Definition:
pkcs10.h:22
Botan::MemoryRegion< byte >
Botan
Definition:
algo_base.h:14
Botan::AlgorithmIdentifier
Definition:
alg_id.h:20
Botan::X509_CRL
Definition:
x509_crl.h:20
Botan::PK_Signer
Definition:
pubkey.h:123
Botan::X509_Time
Definition:
asn1_obj.h:41
Botan::u32bit
unsigned int u32bit
Definition:
types.h:32
Botan::choose_sig_format
PK_Signer * choose_sig_format(const Private_Key &key, const std::string &hash_fn, AlgorithmIdentifier &sig_algo)
Definition:
x509_ca.cpp:218
Generated on Sat Aug 20 2016 08:18:46 for Botan by
1.8.9.1