Botan  1.10.9
Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
Botan::PKCS10_Request Class Reference

#include <pkcs10.h>

Inheritance diagram for Botan::PKCS10_Request:
Botan::X509_Object

Public Member Functions

MemoryVector< byteBER_encode () const
 
std::string challenge_password () const
 
bool check_signature (class Public_Key &key) const
 
bool check_signature (class Public_Key *key) const
 
Key_Constraints constraints () const
 
void encode (Pipe &out, X509_Encoding encoding=PEM) const
 
std::vector< OIDex_constraints () const
 
std::string hash_used_for_signature () const
 
bool is_CA () const
 
u32bit path_limit () const
 
std::string PEM_encode () const
 
 PKCS10_Request (DataSource &source)
 
 PKCS10_Request (const std::string &filename)
 
MemoryVector< byteraw_public_key () const
 
MemoryVector< bytesignature () const
 
AlgorithmIdentifier signature_algorithm () const
 
AlternativeName subject_alt_name () const
 
X509_DN subject_dn () const
 
Public_Keysubject_public_key () const
 
MemoryVector< bytetbs_data () const
 

Static Public Member Functions

static MemoryVector< bytemake_signed (class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const MemoryRegion< byte > &tbs)
 

Protected Member Functions

void do_decode ()
 

Protected Attributes

MemoryVector< bytesig
 
AlgorithmIdentifier sig_algo
 
MemoryVector< bytetbs_bits
 

Detailed Description

PKCS #10 Certificate Request.

Definition at line 22 of file pkcs10.h.

Constructor & Destructor Documentation

Botan::PKCS10_Request::PKCS10_Request ( DataSource source)

Create a PKCS#10 Request from a data source.

Parameters
sourcethe data source providing the DER encoded request

Definition at line 22 of file pkcs10.cpp.

References Botan::X509_Object::do_decode().

22  :
23  X509_Object(in, "CERTIFICATE REQUEST/NEW CERTIFICATE REQUEST")
24  {
25  do_decode();
26  }
Botan::PKCS10_Request::PKCS10_Request ( const std::string &  filename)

Create a PKCS#10 Request from a file.

Parameters
filenamethe name of the file containing the DER or PEM encoded request file

Definition at line 31 of file pkcs10.cpp.

References Botan::X509_Object::do_decode().

31  :
32  X509_Object(in, "CERTIFICATE REQUEST/NEW CERTIFICATE REQUEST")
33  {
34  do_decode();
35  }

Member Function Documentation

MemoryVector< byte > Botan::X509_Object::BER_encode ( ) const
inherited
Returns
BER encoding of this

Definition at line 100 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::X509_Object::sig, Botan::X509_Object::sig_algo, Botan::DER_Encoder::start_cons(), and Botan::X509_Object::tbs_bits.

Referenced by Botan::X509_Object::encode(), Botan::X509_Object::PEM_encode(), and Botan::CMS_Encoder::sign().

101  {
102  return DER_Encoder()
103  .start_cons(SEQUENCE)
104  .start_cons(SEQUENCE)
105  .raw_bytes(tbs_bits)
106  .end_cons()
107  .encode(sig_algo)
108  .encode(sig, BIT_STRING)
109  .end_cons()
110  .get_contents();
111  }
MemoryVector< byte > tbs_bits
Definition: x509_obj.h:102
AlgorithmIdentifier sig_algo
Definition: x509_obj.h:101
MemoryVector< byte > sig
Definition: x509_obj.h:102
std::string Botan::PKCS10_Request::challenge_password ( ) const

Get the challenge password for this request

Returns
challenge password for this request

Definition at line 123 of file pkcs10.cpp.

References Botan::Data_Store::get1().

124  {
125  return info.get1("PKCS9.ChallengePassword");
126  }
std::string get1(const std::string &) const
Definition: datastor.cpp:87
bool Botan::X509_Object::check_signature ( class Public_Key key) const
inherited

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data
Returns
true if the signature is valid, otherwise false

Definition at line 178 of file x509_obj.cpp.

References Botan::Public_Key::algo_name(), Botan::DER_SEQUENCE, Botan::IEEE_1363, Botan::OIDS::lookup(), Botan::Public_Key::message_parts(), Botan::AlgorithmIdentifier::oid, Botan::X509_Object::sig_algo, Botan::X509_Object::signature(), Botan::split_on(), Botan::X509_Object::tbs_data(), and Botan::PK_Verifier::verify_message().

Referenced by Botan::X509_Object::check_signature().

179  {
180  try {
181  std::vector<std::string> sig_info =
183 
184  if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name())
185  return false;
186 
187  std::string padding = sig_info[1];
188  Signature_Format format =
189  (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
190 
191  PK_Verifier verifier(pub_key, padding, format);
192 
193  return verifier.verify_message(tbs_data(), signature());
194  }
195  catch(...)
196  {
197  return false;
198  }
199  }
Signature_Format
Definition: pubkey.h:24
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:152
AlgorithmIdentifier sig_algo
Definition: x509_obj.h:101
std::string lookup(const OID &oid)
Definition: oids.cpp:31
MemoryVector< byte > signature() const
Definition: x509_obj.cpp:132
MemoryVector< byte > tbs_data() const
Definition: x509_obj.cpp:124
bool Botan::X509_Object::check_signature ( class Public_Key key) const
inherited

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data the pointer will be deleted after use
Returns
true if the signature is valid, otherwise false

Definition at line 169 of file x509_obj.cpp.

References Botan::X509_Object::check_signature().

170  {
171  std::auto_ptr<Public_Key> key(pub_key);
172  return check_signature(*key);
173  }
bool check_signature(class Public_Key &key) const
Definition: x509_obj.cpp:178
Key_Constraints Botan::PKCS10_Request::constraints ( ) const

Get the key constraints for the key associated with this PKCS#10 object.

Returns
key constraints

Definition at line 165 of file pkcs10.cpp.

References Botan::Data_Store::get1_u32bit(), and Botan::NO_CONSTRAINTS.

Referenced by Botan::X509_CA::sign_request().

166  {
167  return Key_Constraints(info.get1_u32bit("X509v3.KeyUsage", NO_CONSTRAINTS));
168  }
u32bit get1_u32bit(const std::string &, u32bit=0) const
Definition: datastor.cpp:120
Key_Constraints
Definition: pubkey_enums.h:18
void Botan::X509_Object::do_decode ( )
protectedinherited

Definition at line 221 of file x509_obj.cpp.

Referenced by PKCS10_Request(), Botan::X509_Certificate::X509_Certificate(), and Botan::X509_CRL::X509_CRL().

222  {
223  try {
224  force_decode();
225  }
226  catch(Decoding_Error& e)
227  {
228  throw Decoding_Error(PEM_label_pref + " decoding failed (" +
229  e.what() + ")");
230  }
231  catch(Invalid_Argument& e)
232  {
233  throw Decoding_Error(PEM_label_pref + " decoding failed (" +
234  e.what() + ")");
235  }
236  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
void Botan::X509_Object::encode ( Pipe out,
X509_Encoding  encoding = PEM 
) const
inherited

Encode this to a pipe

Deprecated:
use BER_encode or PEM_encode instead
Parameters
outthe pipe to write to
encodingthe encoding to use

Definition at line 89 of file x509_obj.cpp.

References Botan::X509_Object::BER_encode(), Botan::PEM, Botan::X509_Object::PEM_encode(), and Botan::Pipe::write().

90  {
91  if(encoding == PEM)
92  out.write(this->PEM_encode());
93  else
94  out.write(this->BER_encode());
95  }
std::string PEM_encode() const
Definition: x509_obj.cpp:116
MemoryVector< byte > BER_encode() const
Definition: x509_obj.cpp:100
std::vector< OID > Botan::PKCS10_Request::ex_constraints ( ) const

Get the extendend key constraints (if any).

Returns
extended key constraints

Definition at line 173 of file pkcs10.cpp.

References Botan::Data_Store::get().

Referenced by Botan::X509_CA::sign_request().

174  {
175  std::vector<std::string> oids = info.get("X509v3.ExtendedKeyUsage");
176 
177  std::vector<OID> result;
178  for(size_t i = 0; i != oids.size(); ++i)
179  result.push_back(OID(oids[i]));
180  return result;
181  }
std::vector< std::string > get(const std::string &) const
Definition: datastor.cpp:72
std::string Botan::X509_Object::hash_used_for_signature ( ) const
inherited
Returns
hash algorithm that was used to generate signature

Definition at line 148 of file x509_obj.cpp.

References Botan::OID::as_string(), Botan::OIDS::lookup(), Botan::AlgorithmIdentifier::oid, Botan::parse_algorithm_name(), Botan::X509_Object::sig_algo, and Botan::split_on().

149  {
150  std::vector<std::string> sig_info =
152 
153  if(sig_info.size() != 2)
154  throw Internal_Error("Invalid name format found for " +
156 
157  std::vector<std::string> pad_and_hash =
158  parse_algorithm_name(sig_info[1]);
159 
160  if(pad_and_hash.size() != 2)
161  throw Internal_Error("Invalid name format " + sig_info[1]);
162 
163  return pad_and_hash[1];
164  }
std::vector< std::string > parse_algorithm_name(const std::string &namex)
Definition: parsing.cpp:96
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:152
AlgorithmIdentifier sig_algo
Definition: x509_obj.h:101
std::string lookup(const OID &oid)
Definition: oids.cpp:31
std::string as_string() const
Definition: asn1_oid.cpp:50
bool Botan::PKCS10_Request::is_CA ( ) const

Find out whether this is a CA request.

Returns
true if it is a CA request, false otherwise.

Definition at line 186 of file pkcs10.cpp.

References Botan::Data_Store::get1_u32bit().

Referenced by Botan::X509_CA::sign_request().

187  {
188  return (info.get1_u32bit("X509v3.BasicConstraints.is_ca") > 0);
189  }
u32bit get1_u32bit(const std::string &, u32bit=0) const
Definition: datastor.cpp:120
MemoryVector< byte > Botan::X509_Object::make_signed ( class PK_Signer signer,
RandomNumberGenerator rng,
const AlgorithmIdentifier alg_id,
const MemoryRegion< byte > &  tbs 
)
staticinherited

Create a signed X509 object.

Parameters
signerthe signer used to sign the object
rngthe random number generator to use
alg_idthe algorithm identifier of the signature scheme
tbsthe tbs bits to be signed
Returns
signed X509 object

Definition at line 204 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::get_contents(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::PK_Signer::sign_message(), and Botan::DER_Encoder::start_cons().

Referenced by Botan::X509::create_cert_req(), and Botan::X509_CA::make_cert().

208  {
209  return DER_Encoder()
210  .start_cons(SEQUENCE)
211  .raw_bytes(tbs_bits)
212  .encode(algo)
213  .encode(signer->sign_message(tbs_bits, rng), BIT_STRING)
214  .end_cons()
215  .get_contents();
216  }
MemoryVector< byte > tbs_bits
Definition: x509_obj.h:102
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
u32bit Botan::PKCS10_Request::path_limit ( ) const

Return the constraint on the path length defined in the BasicConstraints extension.

Returns
path limit

Definition at line 194 of file pkcs10.cpp.

References Botan::Data_Store::get1_u32bit().

Referenced by Botan::X509_CA::sign_request().

195  {
196  return info.get1_u32bit("X509v3.BasicConstraints.path_constraint", 0);
197  }
u32bit get1_u32bit(const std::string &, u32bit=0) const
Definition: datastor.cpp:120
std::string Botan::X509_Object::PEM_encode ( ) const
inherited
Returns
PEM encoding of this

Definition at line 116 of file x509_obj.cpp.

References Botan::X509_Object::BER_encode(), and Botan::PEM_Code::encode().

Referenced by Botan::X509_Object::encode().

117  {
118  return PEM_Code::encode(BER_encode(), PEM_label_pref);
119  }
std::string encode(const byte der[], size_t length, const std::string &label, size_t width)
Definition: pem.cpp:19
MemoryVector< byte > BER_encode() const
Definition: x509_obj.cpp:100
MemoryVector< byte > Botan::PKCS10_Request::raw_public_key ( ) const

Get the raw DER encoded public key.

Returns
raw DER encoded public key

Definition at line 139 of file pkcs10.cpp.

References Botan::PEM_Code::decode_check_label(), and Botan::Data_Store::get1().

Referenced by Botan::X509_CA::sign_request().

140  {
141  DataSource_Memory source(info.get1("X509.Certificate.public_key"));
142  return PEM_Code::decode_check_label(source, "PUBLIC KEY");
143  }
std::string get1(const std::string &) const
Definition: datastor.cpp:87
SecureVector< byte > decode_check_label(DataSource &source, const std::string &label_want)
Definition: pem.cpp:42
MemoryVector< byte > Botan::X509_Object::signature ( ) const
inherited
Returns
signature on tbs_data()

Definition at line 132 of file x509_obj.cpp.

References Botan::X509_Object::sig.

Referenced by Botan::X509_Object::check_signature().

133  {
134  return sig;
135  }
MemoryVector< byte > sig
Definition: x509_obj.h:102
AlgorithmIdentifier Botan::X509_Object::signature_algorithm ( ) const
inherited
Returns
signature algorithm that was used to generate signature

Definition at line 140 of file x509_obj.cpp.

References Botan::X509_Object::sig_algo.

Referenced by Botan::X509_Certificate::to_string().

141  {
142  return sig_algo;
143  }
AlgorithmIdentifier sig_algo
Definition: x509_obj.h:101
AlternativeName Botan::PKCS10_Request::subject_alt_name ( ) const

Get the subject alternative name.

Returns
subject alternative name.

Definition at line 157 of file pkcs10.cpp.

References Botan::create_alt_name().

Referenced by Botan::X509_CA::sign_request().

158  {
159  return create_alt_name(info);
160  }
AlternativeName create_alt_name(const Data_Store &info)
Definition: x509cert.cpp:442
X509_DN Botan::PKCS10_Request::subject_dn ( ) const

Get the subject DN.

Returns
subject DN

Definition at line 131 of file pkcs10.cpp.

References Botan::create_dn().

Referenced by Botan::X509_CA::sign_request().

132  {
133  return create_dn(info);
134  }
X509_DN create_dn(const Data_Store &info)
Definition: x509cert.cpp:414
Public_Key * Botan::PKCS10_Request::subject_public_key ( ) const

Get the subject public key.

Returns
subject public key

Definition at line 148 of file pkcs10.cpp.

References Botan::Data_Store::get1(), and Botan::X509::load_key().

Referenced by Botan::X509_CA::sign_request().

149  {
150  DataSource_Memory source(info.get1("X509.Certificate.public_key"));
151  return X509::load_key(source);
152  }
Public_Key * load_key(DataSource &source)
Definition: x509_key.cpp:43
std::string get1(const std::string &) const
Definition: datastor.cpp:87
MemoryVector< byte > Botan::X509_Object::tbs_data ( ) const
inherited

The underlying data that is to be or was signed

Returns
data that is or was signed

Definition at line 124 of file x509_obj.cpp.

References Botan::ASN1::put_in_sequence(), and Botan::X509_Object::tbs_bits.

Referenced by Botan::X509_Object::check_signature().

125  {
127  }
MemoryVector< byte > tbs_bits
Definition: x509_obj.h:102
SecureVector< byte > put_in_sequence(const MemoryRegion< byte > &contents)
Definition: asn1_int.cpp:34

Member Data Documentation

MemoryVector<byte> Botan::X509_Object::sig
protectedinherited
AlgorithmIdentifier Botan::X509_Object::sig_algo
protectedinherited
MemoryVector<byte> Botan::X509_Object::tbs_bits
protectedinherited

Definition at line 102 of file x509_obj.h.

Referenced by Botan::X509_Object::BER_encode(), and Botan::X509_Object::tbs_data().


The documentation for this class was generated from the following files: