8 #include <botan/pkcs10.h>
9 #include <botan/x509_ext.h>
10 #include <botan/x509cert.h>
11 #include <botan/der_enc.h>
12 #include <botan/ber_dec.h>
13 #include <botan/parsing.h>
14 #include <botan/oids.h>
15 #include <botan/pem.h>
23 X509_Object(in,
"CERTIFICATE REQUEST/NEW CERTIFICATE REQUEST")
32 X509_Object(in,
"CERTIFICATE REQUEST/NEW CERTIFICATE REQUEST")
40 void PKCS10_Request::force_decode()
45 cert_req_info.decode(version);
47 throw Decoding_Error(
"Unknown version code in PKCS #10 request: " +
51 cert_req_info.decode(dn_subject);
55 BER_Object public_key = cert_req_info.get_next_object();
57 throw BER_Bad_Tag(
"PKCS10_Request: Unexpected tag for public key",
60 info.
add(
"X509.Certificate.public_key",
67 BER_Object attr_bits = cert_req_info.get_next_object();
73 while(attributes.more_items())
76 attributes.decode(attr);
77 handle_attribute(attr);
79 attributes.verify_end();
82 throw BER_Bad_Tag(
"PKCS10_Request: Unexpected tag for attributes",
85 cert_req_info.verify_end();
88 throw Decoding_Error(
"PKCS #10 request: Bad signature detected");
94 void PKCS10_Request::handle_attribute(
const Attribute& attr)
96 BER_Decoder value(attr.parameters);
102 info.
add(
"RFC822", email.value());
104 else if(attr.oid ==
OIDS::lookup(
"PKCS9.ChallengePassword"))
107 value.decode(challenge_password);
108 info.
add(
"PKCS9.ChallengePassword", challenge_password.value());
110 else if(attr.oid ==
OIDS::lookup(
"PKCS9.ExtensionRequest"))
112 Extensions extensions;
113 value.decode(extensions).verify_end();
115 Data_Store issuer_info;
116 extensions.contents_to(info, issuer_info);
125 return info.
get1(
"PKCS9.ChallengePassword");
175 std::vector<std::string> oids = info.
get(
"X509v3.ExtendedKeyUsage");
177 std::vector<OID> result;
178 for(
size_t i = 0; i != oids.size(); ++i)
179 result.push_back(
OID(oids[i]));
188 return (info.
get1_u32bit(
"X509v3.BasicConstraints.is_ca") > 0);
196 return info.
get1_u32bit(
"X509v3.BasicConstraints.path_constraint", 0);
MemoryVector< byte > tbs_bits
std::vector< OID > ex_constraints() const
Public_Key * subject_public_key() const
Public_Key * load_key(DataSource &source)
MemoryVector< byte > raw_public_key() const
bool check_signature(class Public_Key &key) const
std::string get1(const std::string &) const
X509_DN create_dn(const Data_Store &info)
AlternativeName subject_alt_name() const
AlternativeName create_alt_name(const Data_Store &info)
std::string lookup(const OID &oid)
X509_DN subject_dn() const
SecureVector< byte > value
Key_Constraints constraints() const
SecureVector< byte > put_in_sequence(const MemoryRegion< byte > &contents)
std::string challenge_password() const
std::string encode(const byte der[], size_t length, const std::string &label, size_t width)
u32bit get1_u32bit(const std::string &, u32bit=0) const
PKCS10_Request(DataSource &source)
std::string to_string(u64bit n, size_t min_len)
std::multimap< std::string, std::string > contents() const
u32bit path_limit() const
SecureVector< byte > decode_check_label(DataSource &source, const std::string &label_want)
std::vector< std::string > get(const std::string &) const
void add(const std::multimap< std::string, std::string > &)