Botan  1.10.9
Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes | Friends | List of all members
Botan::X509_Certificate Class Reference

#include <x509cert.h>

Inheritance diagram for Botan::X509_Certificate:
Botan::X509_Object

Public Member Functions

MemoryVector< byteauthority_key_id () const
 
MemoryVector< byteBER_encode () const
 
bool check_signature (class Public_Key &key) const
 
bool check_signature (class Public_Key *key) const
 
Key_Constraints constraints () const
 
void encode (Pipe &out, X509_Encoding encoding=PEM) const
 
std::string end_time () const
 
std::vector< std::string > ex_constraints () const
 
std::string hash_used_for_signature () const
 
bool is_CA_cert () const
 
bool is_self_signed () const
 
X509_DN issuer_dn () const
 
std::vector< std::string > issuer_info (const std::string &name) const
 
bool operator== (const X509_Certificate &other) const
 
u32bit path_limit () const
 
std::string PEM_encode () const
 
std::vector< std::string > policies () const
 
MemoryVector< byteserial_number () const
 
MemoryVector< bytesignature () const
 
AlgorithmIdentifier signature_algorithm () const
 
std::string start_time () const
 
X509_DN subject_dn () const
 
std::vector< std::string > subject_info (const std::string &name) const
 
MemoryVector< bytesubject_key_id () const
 
Public_Keysubject_public_key () const
 
MemoryVector< bytetbs_data () const
 
std::string to_string () const
 
 X509_Certificate (DataSource &source)
 
 X509_Certificate (const std::string &filename)
 
u32bit x509_version () const
 

Static Public Member Functions

static MemoryVector< bytemake_signed (class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const MemoryRegion< byte > &tbs)
 

Protected Member Functions

void do_decode ()
 

Protected Attributes

MemoryVector< bytesig
 
AlgorithmIdentifier sig_algo
 
MemoryVector< bytetbs_bits
 

Friends

class X509_CA
 

Detailed Description

This class represents X.509 Certificate

Definition at line 23 of file x509cert.h.

Constructor & Destructor Documentation

Botan::X509_Certificate::X509_Certificate ( DataSource source)

Create a certificate from a data source providing the DER or PEM encoded certificate.

Parameters
sourcethe data source

Definition at line 47 of file x509cert.cpp.

References Botan::X509_Object::do_decode().

47  :
48  X509_Object(in, "CERTIFICATE/X509 CERTIFICATE")
49  {
50  self_signed = false;
51  do_decode();
52  }
Botan::X509_Certificate::X509_Certificate ( const std::string &  filename)

Create a certificate from a file containing the DER or PEM encoded certificate.

Parameters
filenamethe name of the certificate file

Definition at line 57 of file x509cert.cpp.

References Botan::X509_Object::do_decode().

57  :
58  X509_Object(in, "CERTIFICATE/X509 CERTIFICATE")
59  {
60  self_signed = false;
61  do_decode();
62  }

Member Function Documentation

MemoryVector< byte > Botan::X509_Certificate::authority_key_id ( ) const

Get the DER encoded AuthorityKeyIdentifier of this certificate.

Returns
DER encoded AuthorityKeyIdentifier

Definition at line 250 of file x509cert.cpp.

References Botan::Data_Store::get1_memvec().

Referenced by to_string().

251  {
252  return issuer.get1_memvec("X509v3.AuthorityKeyIdentifier");
253  }
MemoryVector< byte > get1_memvec(const std::string &) const
Definition: datastor.cpp:103
MemoryVector< byte > Botan::X509_Object::BER_encode ( ) const
inherited
Returns
BER encoding of this

Definition at line 100 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::X509_Object::sig, Botan::X509_Object::sig_algo, Botan::DER_Encoder::start_cons(), and Botan::X509_Object::tbs_bits.

Referenced by Botan::X509_Object::encode(), Botan::X509_Object::PEM_encode(), and Botan::CMS_Encoder::sign().

101  {
102  return DER_Encoder()
103  .start_cons(SEQUENCE)
104  .start_cons(SEQUENCE)
105  .raw_bytes(tbs_bits)
106  .end_cons()
107  .encode(sig_algo)
108  .encode(sig, BIT_STRING)
109  .end_cons()
110  .get_contents();
111  }
MemoryVector< byte > tbs_bits
Definition: x509_obj.h:102
AlgorithmIdentifier sig_algo
Definition: x509_obj.h:101
MemoryVector< byte > sig
Definition: x509_obj.h:102
bool Botan::X509_Object::check_signature ( class Public_Key key) const
inherited

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data
Returns
true if the signature is valid, otherwise false

Definition at line 178 of file x509_obj.cpp.

References Botan::Public_Key::algo_name(), Botan::DER_SEQUENCE, Botan::IEEE_1363, Botan::OIDS::lookup(), Botan::Public_Key::message_parts(), Botan::AlgorithmIdentifier::oid, Botan::X509_Object::sig_algo, Botan::X509_Object::signature(), Botan::split_on(), Botan::X509_Object::tbs_data(), and Botan::PK_Verifier::verify_message().

Referenced by Botan::X509_Object::check_signature().

179  {
180  try {
181  std::vector<std::string> sig_info =
183 
184  if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name())
185  return false;
186 
187  std::string padding = sig_info[1];
188  Signature_Format format =
189  (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
190 
191  PK_Verifier verifier(pub_key, padding, format);
192 
193  return verifier.verify_message(tbs_data(), signature());
194  }
195  catch(...)
196  {
197  return false;
198  }
199  }
Signature_Format
Definition: pubkey.h:24
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:152
AlgorithmIdentifier sig_algo
Definition: x509_obj.h:101
std::string lookup(const OID &oid)
Definition: oids.cpp:31
MemoryVector< byte > signature() const
Definition: x509_obj.cpp:132
MemoryVector< byte > tbs_data() const
Definition: x509_obj.cpp:124
bool Botan::X509_Object::check_signature ( class Public_Key key) const
inherited

Check the signature on this data

Parameters
keythe public key purportedly used to sign this data the pointer will be deleted after use
Returns
true if the signature is valid, otherwise false

Definition at line 169 of file x509_obj.cpp.

References Botan::X509_Object::check_signature().

170  {
171  std::auto_ptr<Public_Key> key(pub_key);
172  return check_signature(*key);
173  }
bool check_signature(class Public_Key &key) const
Definition: x509_obj.cpp:178
Key_Constraints Botan::X509_Certificate::constraints ( ) const

Get the key constraints as defined in the KeyUsage extension of this certificate.

Returns
key constraints

Definition at line 225 of file x509cert.cpp.

References Botan::Data_Store::get1_u32bit(), and Botan::NO_CONSTRAINTS.

Referenced by Botan::CMS_Encoder::encrypt(), is_CA_cert(), and to_string().

226  {
227  return Key_Constraints(subject.get1_u32bit("X509v3.KeyUsage",
228  NO_CONSTRAINTS));
229  }
u32bit get1_u32bit(const std::string &, u32bit=0) const
Definition: datastor.cpp:120
Key_Constraints
Definition: pubkey_enums.h:18
void Botan::X509_Object::do_decode ( )
protectedinherited

Definition at line 221 of file x509_obj.cpp.

Referenced by Botan::PKCS10_Request::PKCS10_Request(), X509_Certificate(), and Botan::X509_CRL::X509_CRL().

222  {
223  try {
224  force_decode();
225  }
226  catch(Decoding_Error& e)
227  {
228  throw Decoding_Error(PEM_label_pref + " decoding failed (" +
229  e.what() + ")");
230  }
231  catch(Invalid_Argument& e)
232  {
233  throw Decoding_Error(PEM_label_pref + " decoding failed (" +
234  e.what() + ")");
235  }
236  }
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
void Botan::X509_Object::encode ( Pipe out,
X509_Encoding  encoding = PEM 
) const
inherited

Encode this to a pipe

Deprecated:
use BER_encode or PEM_encode instead
Parameters
outthe pipe to write to
encodingthe encoding to use

Definition at line 89 of file x509_obj.cpp.

References Botan::X509_Object::BER_encode(), Botan::PEM, Botan::X509_Object::PEM_encode(), and Botan::Pipe::write().

90  {
91  if(encoding == PEM)
92  out.write(this->PEM_encode());
93  else
94  out.write(this->BER_encode());
95  }
std::string PEM_encode() const
Definition: x509_obj.cpp:116
MemoryVector< byte > BER_encode() const
Definition: x509_obj.cpp:100
std::string Botan::X509_Certificate::end_time ( ) const

Get the notAfter of the certificate.

Returns
notAfter of the certificate

Definition at line 170 of file x509cert.cpp.

References Botan::Data_Store::get1().

Referenced by to_string(), and Botan::X509_Store::validate_cert().

171  {
172  return subject.get1("X509.Certificate.end");
173  }
std::string get1(const std::string &) const
Definition: datastor.cpp:87
std::vector< std::string > Botan::X509_Certificate::ex_constraints ( ) const

Get the key constraints as defined in the ExtendedKeyUsage extension of this certificate.

Returns
key constraints

Definition at line 234 of file x509cert.cpp.

References Botan::Data_Store::get().

Referenced by to_string().

235  {
236  return lookup_oids(subject.get("X509v3.ExtendedKeyUsage"));
237  }
std::vector< std::string > get(const std::string &) const
Definition: datastor.cpp:72
std::string Botan::X509_Object::hash_used_for_signature ( ) const
inherited
Returns
hash algorithm that was used to generate signature

Definition at line 148 of file x509_obj.cpp.

References Botan::OID::as_string(), Botan::OIDS::lookup(), Botan::AlgorithmIdentifier::oid, Botan::parse_algorithm_name(), Botan::X509_Object::sig_algo, and Botan::split_on().

149  {
150  std::vector<std::string> sig_info =
152 
153  if(sig_info.size() != 2)
154  throw Internal_Error("Invalid name format found for " +
156 
157  std::vector<std::string> pad_and_hash =
158  parse_algorithm_name(sig_info[1]);
159 
160  if(pad_and_hash.size() != 2)
161  throw Internal_Error("Invalid name format " + sig_info[1]);
162 
163  return pad_and_hash[1];
164  }
std::vector< std::string > parse_algorithm_name(const std::string &namex)
Definition: parsing.cpp:96
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:152
AlgorithmIdentifier sig_algo
Definition: x509_obj.h:101
std::string lookup(const OID &oid)
Definition: oids.cpp:31
std::string as_string() const
Definition: asn1_oid.cpp:50
bool Botan::X509_Certificate::is_CA_cert ( ) const

Check whether this certificate is a CA certificate.

Returns
true if this certificate is a CA certificate

Definition at line 205 of file x509cert.cpp.

References constraints(), Botan::Data_Store::get1_u32bit(), Botan::KEY_CERT_SIGN, and Botan::NO_CONSTRAINTS.

Referenced by Botan::X509_CA::X509_CA().

206  {
207  if(!subject.get1_u32bit("X509v3.BasicConstraints.is_ca"))
208  return false;
210  return true;
211  return false;
212  }
Key_Constraints constraints() const
Definition: x509cert.cpp:225
u32bit get1_u32bit(const std::string &, u32bit=0) const
Definition: datastor.cpp:120
bool Botan::X509_Certificate::is_self_signed ( ) const
inline

Check whether this certificate is self signed.

Returns
true if this certificate is self signed

Definition at line 106 of file x509cert.h.

Referenced by Botan::X509_Store::add_cert().

106 { return self_signed; }
X509_DN Botan::X509_Certificate::issuer_dn ( ) const

Get the issuer certificate DN.

Returns
issuer DN of this certificate

Definition at line 274 of file x509cert.cpp.

References Botan::create_dn().

275  {
276  return create_dn(issuer);
277  }
X509_DN create_dn(const Data_Store &info)
Definition: x509cert.cpp:414
std::vector< std::string > Botan::X509_Certificate::issuer_info ( const std::string &  name) const

Get a value for a specific subject_info parameter name.

Parameters
namethe name of the paramter to look up. Possible names are "X509.Certificate.v2.key_id" or "X509v3.AuthorityKeyIdentifier".
Returns
value(s) of the specified parameter

Definition at line 188 of file x509cert.cpp.

References Botan::X509_DN::deref_info_field(), and Botan::Data_Store::get().

Referenced by to_string().

189  {
190  return issuer.get(X509_DN::deref_info_field(what));
191  }
static std::string deref_info_field(const std::string &)
Definition: x509_dn.cpp:126
std::vector< std::string > get(const std::string &) const
Definition: datastor.cpp:72
MemoryVector< byte > Botan::X509_Object::make_signed ( class PK_Signer signer,
RandomNumberGenerator rng,
const AlgorithmIdentifier alg_id,
const MemoryRegion< byte > &  tbs 
)
staticinherited

Create a signed X509 object.

Parameters
signerthe signer used to sign the object
rngthe random number generator to use
alg_idthe algorithm identifier of the signature scheme
tbsthe tbs bits to be signed
Returns
signed X509 object

Definition at line 204 of file x509_obj.cpp.

References Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::get_contents(), Botan::DER_Encoder::raw_bytes(), Botan::SEQUENCE, Botan::PK_Signer::sign_message(), and Botan::DER_Encoder::start_cons().

Referenced by Botan::X509::create_cert_req(), and Botan::X509_CA::make_cert().

208  {
209  return DER_Encoder()
210  .start_cons(SEQUENCE)
211  .raw_bytes(tbs_bits)
212  .encode(algo)
213  .encode(signer->sign_message(tbs_bits, rng), BIT_STRING)
214  .end_cons()
215  .get_contents();
216  }
MemoryVector< byte > tbs_bits
Definition: x509_obj.h:102
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
bool Botan::X509_Certificate::operator== ( const X509_Certificate other) const

Check to certificates for equality.

Returns
true both certificates are (binary) equal

Definition at line 290 of file x509cert.cpp.

References Botan::X509_Object::sig, and Botan::X509_Object::sig_algo.

291  {
292  return (sig == other.sig &&
293  sig_algo == other.sig_algo &&
294  self_signed == other.self_signed &&
295  issuer == other.issuer &&
296  subject == other.subject);
297  }
AlgorithmIdentifier sig_algo
Definition: x509_obj.h:101
MemoryVector< byte > sig
Definition: x509_obj.h:102
u32bit Botan::X509_Certificate::path_limit ( ) const

Get the path limit as defined in the BasicConstraints extension of this certificate.

Returns
path limit

Definition at line 217 of file x509cert.cpp.

References Botan::Data_Store::get1_u32bit().

218  {
219  return subject.get1_u32bit("X509v3.BasicConstraints.path_constraint", 0);
220  }
u32bit get1_u32bit(const std::string &, u32bit=0) const
Definition: datastor.cpp:120
std::string Botan::X509_Object::PEM_encode ( ) const
inherited
Returns
PEM encoding of this

Definition at line 116 of file x509_obj.cpp.

References Botan::X509_Object::BER_encode(), and Botan::PEM_Code::encode().

Referenced by Botan::X509_Object::encode().

117  {
118  return PEM_Code::encode(BER_encode(), PEM_label_pref);
119  }
std::string encode(const byte der[], size_t length, const std::string &label, size_t width)
Definition: pem.cpp:19
MemoryVector< byte > BER_encode() const
Definition: x509_obj.cpp:100
std::vector< std::string > Botan::X509_Certificate::policies ( ) const

Get the policies as defined in the CertificatePolicies extension of this certificate.

Returns
certificate policies

Definition at line 242 of file x509cert.cpp.

References Botan::Data_Store::get().

Referenced by to_string().

243  {
244  return lookup_oids(subject.get("X509v3.CertificatePolicies"));
245  }
std::vector< std::string > get(const std::string &) const
Definition: datastor.cpp:72
MemoryVector< byte > Botan::X509_Certificate::serial_number ( ) const

Get the serial number of this certificate.

Returns
certificates serial number

Definition at line 266 of file x509cert.cpp.

References Botan::Data_Store::get1_memvec().

Referenced by Botan::CRL_Entry::CRL_Entry(), and to_string().

267  {
268  return subject.get1_memvec("X509.Certificate.serial");
269  }
MemoryVector< byte > get1_memvec(const std::string &) const
Definition: datastor.cpp:103
MemoryVector< byte > Botan::X509_Object::signature ( ) const
inherited
Returns
signature on tbs_data()

Definition at line 132 of file x509_obj.cpp.

References Botan::X509_Object::sig.

Referenced by Botan::X509_Object::check_signature().

133  {
134  return sig;
135  }
MemoryVector< byte > sig
Definition: x509_obj.h:102
AlgorithmIdentifier Botan::X509_Object::signature_algorithm ( ) const
inherited
Returns
signature algorithm that was used to generate signature

Definition at line 140 of file x509_obj.cpp.

References Botan::X509_Object::sig_algo.

Referenced by to_string().

141  {
142  return sig_algo;
143  }
AlgorithmIdentifier sig_algo
Definition: x509_obj.h:101
std::string Botan::X509_Certificate::start_time ( ) const

Get the notBefore of the certificate.

Returns
notBefore of the certificate

Definition at line 162 of file x509cert.cpp.

References Botan::Data_Store::get1().

Referenced by to_string(), and Botan::X509_Store::validate_cert().

163  {
164  return subject.get1("X509.Certificate.start");
165  }
std::string get1(const std::string &) const
Definition: datastor.cpp:87
X509_DN Botan::X509_Certificate::subject_dn ( ) const

Get the subject certificate DN.

Returns
subject DN of this certificate

Definition at line 282 of file x509cert.cpp.

References Botan::create_dn().

Referenced by Botan::X509_Store::add_cert(), Botan::X509_Store::add_crl(), and Botan::X509_CA::sign_request().

283  {
284  return create_dn(subject);
285  }
X509_DN create_dn(const Data_Store &info)
Definition: x509cert.cpp:414
std::vector< std::string > Botan::X509_Certificate::subject_info ( const std::string &  name) const

Get a value for a specific subject_info parameter name.

Parameters
namethe name of the paramter to look up. Possible names are "X509.Certificate.version", "X509.Certificate.serial", "X509.Certificate.start", "X509.Certificate.end", "X509.Certificate.v2.key_id", "X509.Certificate.public_key", "X509v3.BasicConstraints.path_constraint", "X509v3.BasicConstraints.is_ca", "X509v3.ExtendedKeyUsage", "X509v3.CertificatePolicies", "X509v3.SubjectKeyIdentifier" or "X509.Certificate.serial".
Returns
value(s) of the specified parameter

Definition at line 179 of file x509cert.cpp.

References Botan::X509_DN::deref_info_field(), and Botan::Data_Store::get().

Referenced by to_string().

180  {
181  return subject.get(X509_DN::deref_info_field(what));
182  }
static std::string deref_info_field(const std::string &)
Definition: x509_dn.cpp:126
std::vector< std::string > get(const std::string &) const
Definition: datastor.cpp:72
MemoryVector< byte > Botan::X509_Certificate::subject_key_id ( ) const

Get the DER encoded SubjectKeyIdentifier of this certificate.

Returns
DER encoded SubjectKeyIdentifier

Definition at line 258 of file x509cert.cpp.

References Botan::Data_Store::get1_memvec().

Referenced by Botan::X509_Store::add_cert(), Botan::X509_Store::add_crl(), Botan::CMS_Encoder::sign(), Botan::X509_CA::sign_request(), and to_string().

259  {
260  return subject.get1_memvec("X509v3.SubjectKeyIdentifier");
261  }
MemoryVector< byte > get1_memvec(const std::string &) const
Definition: datastor.cpp:103
Public_Key * Botan::X509_Certificate::subject_public_key ( ) const

Get the public key associated with this certificate.

Returns
subject public key of this certificate

Definition at line 196 of file x509cert.cpp.

References Botan::Data_Store::get1(), and Botan::X509::load_key().

Referenced by Botan::X509_Store::add_crl(), Botan::CMS_Encoder::encrypt(), to_string(), Botan::Certificate_Verify::verify(), and Botan::Server_Key_Exchange::verify().

197  {
198  DataSource_Memory source(subject.get1("X509.Certificate.public_key"));
199  return X509::load_key(source);
200  }
Public_Key * load_key(DataSource &source)
Definition: x509_key.cpp:43
std::string get1(const std::string &) const
Definition: datastor.cpp:87
MemoryVector< byte > Botan::X509_Object::tbs_data ( ) const
inherited

The underlying data that is to be or was signed

Returns
data that is or was signed

Definition at line 124 of file x509_obj.cpp.

References Botan::ASN1::put_in_sequence(), and Botan::X509_Object::tbs_bits.

Referenced by Botan::X509_Object::check_signature().

125  {
127  }
MemoryVector< byte > tbs_bits
Definition: x509_obj.h:102
SecureVector< byte > put_in_sequence(const MemoryRegion< byte > &contents)
Definition: asn1_int.cpp:34
std::string Botan::X509_Certificate::to_string ( ) const
Returns
a string describing the certificate

Definition at line 307 of file x509cert.cpp.

References authority_key_id(), constraints(), Botan::CRL_SIGN, Botan::DATA_ENCIPHERMENT, Botan::DIGITAL_SIGNATURE, end_time(), ex_constraints(), Botan::hex_encode(), issuer_info(), Botan::KEY_AGREEMENT, Botan::KEY_CERT_SIGN, Botan::KEY_ENCIPHERMENT, Botan::OIDS::lookup(), Botan::NO_CONSTRAINTS, Botan::NON_REPUDIATION, oid, Botan::X509::PEM_encode(), policies(), serial_number(), Botan::X509_Object::signature_algorithm(), start_time(), subject_info(), subject_key_id(), subject_public_key(), and x509_version().

308  {
309  const char* dn_fields[] = { "Name",
310  "Email",
311  "Organization",
312  "Organizational Unit",
313  "Locality",
314  "State",
315  "Country",
316  "IP",
317  "DNS",
318  "URI",
319  "PKIX.XMPPAddr",
320  0 };
321 
322  std::ostringstream out;
323 
324  for(size_t i = 0; dn_fields[i]; ++i)
325  {
326  const std::vector<std::string> vals = this->subject_info(dn_fields[i]);
327 
328  if(vals.empty())
329  continue;
330 
331  out << "Subject " << dn_fields[i] << ":";
332  for(size_t j = 0; j != vals.size(); ++j)
333  out << " " << vals[j];
334  out << "\n";
335  }
336 
337  for(size_t i = 0; dn_fields[i]; ++i)
338  {
339  const std::vector<std::string> vals = this->issuer_info(dn_fields[i]);
340 
341  if(vals.empty())
342  continue;
343 
344  out << "Issuer " << dn_fields[i] << ":";
345  for(size_t j = 0; j != vals.size(); ++j)
346  out << " " << vals[j];
347  out << "\n";
348  }
349 
350  out << "Version: " << this->x509_version() << "\n";
351 
352  out << "Not valid before: " << this->start_time() << "\n";
353  out << "Not valid after: " << this->end_time() << "\n";
354 
355  out << "Constraints:\n";
357  if(constraints == NO_CONSTRAINTS)
358  out << " None\n";
359  else
360  {
361  if(constraints & DIGITAL_SIGNATURE)
362  out << " Digital Signature\n";
363  if(constraints & NON_REPUDIATION)
364  out << " Non-Repuidation\n";
365  if(constraints & KEY_ENCIPHERMENT)
366  out << " Key Encipherment\n";
367  if(constraints & DATA_ENCIPHERMENT)
368  out << " Data Encipherment\n";
369  if(constraints & KEY_AGREEMENT)
370  out << " Key Agreement\n";
371  if(constraints & KEY_CERT_SIGN)
372  out << " Cert Sign\n";
373  if(constraints & CRL_SIGN)
374  out << " CRL Sign\n";
375  }
376 
377  std::vector<std::string> policies = this->policies();
378  if(policies.size())
379  {
380  out << "Policies: " << "\n";
381  for(size_t i = 0; i != policies.size(); i++)
382  out << " " << policies[i] << "\n";
383  }
384 
385  std::vector<std::string> ex_constraints = this->ex_constraints();
386  if(ex_constraints.size())
387  {
388  out << "Extended Constraints:\n";
389  for(size_t i = 0; i != ex_constraints.size(); i++)
390  out << " " << ex_constraints[i] << "\n";
391  }
392 
393  out << "Signature algorithm: " <<
394  OIDS::lookup(this->signature_algorithm().oid) << "\n";
395 
396  out << "Serial number: " << hex_encode(this->serial_number()) << "\n";
397 
398  if(this->authority_key_id().size())
399  out << "Authority keyid: " << hex_encode(this->authority_key_id()) << "\n";
400 
401  if(this->subject_key_id().size())
402  out << "Subject keyid: " << hex_encode(this->subject_key_id()) << "\n";
403 
404  X509_PublicKey* pubkey = this->subject_public_key();
405  out << "Public Key:\n" << X509::PEM_encode(*pubkey);
406  delete pubkey;
407 
408  return out.str();
409  }
Key_Constraints constraints() const
Definition: x509cert.cpp:225
Public_Key X509_PublicKey
Definition: pk_keys.h:133
MemoryVector< byte > authority_key_id() const
Definition: x509cert.cpp:250
std::string end_time() const
Definition: x509cert.cpp:170
std::string lookup(const OID &oid)
Definition: oids.cpp:31
std::string start_time() const
Definition: x509cert.cpp:162
std::string PEM_encode(const Public_Key &key)
Definition: x509_key.cpp:34
MemoryVector< byte > serial_number() const
Definition: x509cert.cpp:266
std::vector< std::string > policies() const
Definition: x509cert.cpp:242
MemoryVector< byte > subject_key_id() const
Definition: x509cert.cpp:258
std::vector< std::string > subject_info(const std::string &name) const
Definition: x509cert.cpp:179
std::vector< std::string > ex_constraints() const
Definition: x509cert.cpp:234
std::vector< std::string > issuer_info(const std::string &name) const
Definition: x509cert.cpp:188
Public_Key * subject_public_key() const
Definition: x509cert.cpp:196
u32bit x509_version() const
Definition: x509cert.cpp:154
Key_Constraints
Definition: pubkey_enums.h:18
AlgorithmIdentifier signature_algorithm() const
Definition: x509_obj.cpp:140
OID oid
Definition: x509_ext.cpp:446
void hex_encode(char output[], const byte input[], size_t input_length, bool uppercase)
Definition: hex.cpp:14
u32bit Botan::X509_Certificate::x509_version ( ) const

Get the X509 version of this certificate object.

Returns
X509 version

Definition at line 154 of file x509cert.cpp.

References Botan::Data_Store::get1_u32bit().

Referenced by to_string().

155  {
156  return (subject.get1_u32bit("X509.Certificate.version") + 1);
157  }
u32bit get1_u32bit(const std::string &, u32bit=0) const
Definition: datastor.cpp:120

Friends And Related Function Documentation

friend class X509_CA
friend

Definition at line 169 of file x509cert.h.

Member Data Documentation

MemoryVector<byte> Botan::X509_Object::sig
protectedinherited
AlgorithmIdentifier Botan::X509_Object::sig_algo
protectedinherited
MemoryVector<byte> Botan::X509_Object::tbs_bits
protectedinherited

Definition at line 102 of file x509_obj.h.

Referenced by Botan::X509_Object::BER_encode(), and Botan::X509_Object::tbs_data().


The documentation for this class was generated from the following files: