Botan  1.10.9
x509self.h
Go to the documentation of this file.
1 /*
2 * X.509 Self-Signed Certificate
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Distributed under the terms of the Botan license
6 */
7 
8 #ifndef BOTAN_X509_SELF_H__
9 #define BOTAN_X509_SELF_H__
10 
11 #include <botan/x509cert.h>
12 #include <botan/pkcs8.h>
13 #include <botan/pkcs10.h>
14 
15 namespace Botan {
16 
17 /**
18 * Options for X.509 certificates.
19 */
20 class BOTAN_DLL X509_Cert_Options
21  {
22  public:
23  /**
24  * the subject common name
25  */
26  std::string common_name;
27 
28  /**
29  * the subject counry
30  */
31  std::string country;
32 
33  /**
34  * the subject organization
35  */
36  std::string organization;
37 
38  /**
39  * the subject organizational unit
40  */
41  std::string org_unit;
42 
43  /**
44  * the subject locality
45  */
46  std::string locality;
47 
48  /**
49  * the subject state
50  */
51  std::string state;
52 
53  /**
54  * the subject serial number
55  */
56  std::string serial_number;
57 
58  /**
59  * the subject email adress
60  */
61  std::string email;
62 
63  /**
64  * the subject URI
65  */
66  std::string uri;
67 
68  /**
69  * the subject IPv4 address
70  */
71  std::string ip;
72 
73  /**
74  * the subject DNS
75  */
76  std::string dns;
77 
78  /**
79  * the subject XMPP
80  */
81  std::string xmpp;
82 
83  /**
84  * the subject challenge password
85  */
86  std::string challenge;
87 
88  /**
89  * the subject notBefore
90  */
92  /**
93  * the subject notAfter
94  */
96 
97  /**
98  * Indicates whether the certificate request
99  */
100  bool is_CA;
101 
102  /**
103  * Indicates the BasicConstraints path limit
104  */
105  size_t path_limit;
106 
107  /**
108  * The key constraints for the subject public key
109  */
111 
112  /**
113  * The key extended constraints for the subject public key
114  */
115  std::vector<OID> ex_constraints;
116 
117  /**
118  * Check the options set in this object for validity.
119  */
120  void sanity_check() const;
121 
122  /**
123  * Mark the certificate as a CA certificate and set the path limit.
124  * @param limit the path limit to be set in the BasicConstraints extension.
125  */
126  void CA_key(size_t limit = 1);
127 
128  /**
129  * Set the notBefore of the certificate.
130  * @param time the notBefore value of the certificate
131  */
132  void not_before(const std::string& time);
133 
134  /**
135  * Set the notAfter of the certificate.
136  * @param time the notAfter value of the certificate
137  */
138  void not_after(const std::string& time);
139 
140  /**
141  * Add the key constraints of the KeyUsage extension.
142  * @param constr the constraints to set
143  */
144  void add_constraints(Key_Constraints constr);
145 
146  /**
147  * Add constraints to the ExtendedKeyUsage extension.
148  * @param oid the oid to add
149  */
150  void add_ex_constraint(const OID& oid);
151 
152  /**
153  * Add constraints to the ExtendedKeyUsage extension.
154  * @param name the name to look up the oid to add
155  */
156  void add_ex_constraint(const std::string& name);
157 
158  /**
159  * Construct a new options object
160  * @param opts define the common name of this object. An example for this
161  * parameter would be "common_name/country/organization/organizational_unit".
162  * @param expire_time the expiration time (from the current clock in seconds)
163  */
164  X509_Cert_Options(const std::string& opts = "",
165  u32bit expire_time = 365 * 24 * 60 * 60);
166  };
167 
168 namespace X509 {
169 
170 /**
171 * Create a self-signed X.509 certificate.
172 * @param opts the options defining the certificate to create
173 * @param key the private key used for signing, i.e. the key
174 * associated with this self-signed certificate
175 * @param hash_fn the hash function to use
176 * @param rng the rng to use
177 * @return newly created self-signed certificate
178 */
179 BOTAN_DLL X509_Certificate
181  const Private_Key& key,
182  const std::string& hash_fn,
184 
185 /**
186 * Create a PKCS#10 certificate request.
187 * @param opts the options defining the request to create
188 * @param key the key used to sign this request
189 * @param rng the rng to use
190 * @param hash_fn the hash function to use
191 * @return newly created PKCS#10 request
192 */
193 BOTAN_DLL PKCS10_Request create_cert_req(const X509_Cert_Options& opts,
194  const Private_Key& key,
195  const std::string& hash_fn,
197 
198 }
199 
200 }
201 
202 #endif
PKCS10_Request create_cert_req(const X509_Cert_Options &opts, const Private_Key &key, const std::string &hash_fn, RandomNumberGenerator &rng)
Definition: x509self.cpp:91
std::string org_unit
Definition: x509self.h:41
std::string country
Definition: x509self.h:31
std::string locality
Definition: x509self.h:46
std::string common_name
Definition: x509self.h:26
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
Key_Constraints constraints
Definition: x509self.h:110
std::string serial_number
Definition: x509self.h:56
Key_Constraints
Definition: pubkey_enums.h:18
std::vector< OID > ex_constraints
Definition: x509self.h:115
unsigned int u32bit
Definition: types.h:32
std::string challenge
Definition: x509self.h:86
OID oid
Definition: x509_ext.cpp:446
std::string organization
Definition: x509self.h:36
X509_Certificate create_self_signed_cert(const X509_Cert_Options &opts, const Private_Key &key, const std::string &hash_fn, RandomNumberGenerator &rng)
Definition: x509self.cpp:45