Botan  1.10.9
x509_crl.cpp
Go to the documentation of this file.
1 /*
2 * X.509 CRL
3 * (C) 1999-2007 Jack Lloyd
4 *
5 * Distributed under the terms of the Botan license
6 */
7 
8 #include <botan/x509_crl.h>
9 #include <botan/x509_ext.h>
10 #include <botan/ber_dec.h>
11 #include <botan/parsing.h>
12 #include <botan/bigint.h>
13 #include <botan/oids.h>
14 
15 namespace Botan {
16 
17 /*
18 * Load a X.509 CRL
19 */
20 X509_CRL::X509_CRL(DataSource& in, bool touc) :
21  X509_Object(in, "X509 CRL/CRL"), throw_on_unknown_critical(touc)
22  {
23  do_decode();
24  }
25 
26 /*
27 * Load a X.509 CRL
28 */
29 X509_CRL::X509_CRL(const std::string& in, bool touc) :
30  X509_Object(in, "CRL/X509 CRL"), throw_on_unknown_critical(touc)
31  {
32  do_decode();
33  }
34 
35 /*
36 * Decode the TBSCertList data
37 */
38 void X509_CRL::force_decode()
39  {
40  BER_Decoder tbs_crl(tbs_bits);
41 
42  size_t version;
43  tbs_crl.decode_optional(version, INTEGER, UNIVERSAL);
44 
45  if(version != 0 && version != 1)
46  throw X509_CRL_Error("Unknown X.509 CRL version " +
47  to_string(version+1));
48 
49  AlgorithmIdentifier sig_algo_inner;
50  tbs_crl.decode(sig_algo_inner);
51 
52  if(sig_algo != sig_algo_inner)
53  throw X509_CRL_Error("Algorithm identifier mismatch");
54 
55  X509_DN dn_issuer;
56  tbs_crl.decode(dn_issuer);
57  info.add(dn_issuer.contents());
58 
59  X509_Time start, end;
60  tbs_crl.decode(start).decode(end);
61  info.add("X509.CRL.start", start.readable_string());
62  info.add("X509.CRL.end", end.readable_string());
63 
64  BER_Object next = tbs_crl.get_next_object();
65 
66  if(next.type_tag == SEQUENCE && next.class_tag == CONSTRUCTED)
67  {
68  BER_Decoder cert_list(next.value);
69 
70  while(cert_list.more_items())
71  {
72  CRL_Entry entry(throw_on_unknown_critical);
73  cert_list.decode(entry);
74  revoked.push_back(entry);
75  }
76  next = tbs_crl.get_next_object();
77  }
78 
79  if(next.type_tag == 0 &&
81  {
82  BER_Decoder crl_options(next.value);
83 
84  Extensions extensions(throw_on_unknown_critical);
85 
86  crl_options.decode(extensions).verify_end();
87 
88  extensions.contents_to(info, info);
89 
90  next = tbs_crl.get_next_object();
91  }
92 
93  if(next.type_tag != NO_OBJECT)
94  throw X509_CRL_Error("Unknown tag in CRL");
95 
96  tbs_crl.verify_end();
97  }
98 
99 /*
100 * Return the list of revoked certificates
101 */
102 std::vector<CRL_Entry> X509_CRL::get_revoked() const
103  {
104  return revoked;
105  }
106 
107 /*
108 * Return the distinguished name of the issuer
109 */
111  {
112  return create_dn(info);
113  }
114 
115 /*
116 * Return the key identifier of the issuer
117 */
119  {
120  return info.get1_memvec("X509v3.AuthorityKeyIdentifier");
121  }
122 
123 /*
124 * Return the CRL number of this CRL
125 */
127  {
128  return info.get1_u32bit("X509v3.CRLNumber");
129  }
130 
131 /*
132 * Return the issue data of the CRL
133 */
135  {
136  return info.get1("X509.CRL.start");
137  }
138 
139 /*
140 * Return the date when a new CRL will be issued
141 */
143  {
144  return info.get1("X509.CRL.end");
145  }
146 
147 }
u32bit crl_number() const
Definition: x509_crl.cpp:126
X509_Time this_update() const
Definition: x509_crl.cpp:134
MemoryVector< byte > tbs_bits
Definition: x509_obj.h:102
MemoryVector< byte > authority_key_id() const
Definition: x509_crl.cpp:118
X509_DN issuer_dn() const
Definition: x509_crl.cpp:110
std::string get1(const std::string &) const
Definition: datastor.cpp:87
AlgorithmIdentifier sig_algo
Definition: x509_obj.h:101
X509_Time next_update() const
Definition: x509_crl.cpp:142
X509_DN create_dn(const Data_Store &info)
Definition: x509cert.cpp:414
X509_CRL(DataSource &source, bool throw_on_unknown_critical=false)
Definition: x509_crl.cpp:20
ASN1_Tag
Definition: asn1_int.h:19
Definition: crl_ent.h:18
SecureVector< byte > value
Definition: asn1_int.h:83
std::vector< CRL_Entry > get_revoked() const
Definition: x509_crl.cpp:102
ASN1_Tag class_tag
Definition: asn1_int.h:82
MemoryVector< byte > get1_memvec(const std::string &) const
Definition: datastor.cpp:103
u32bit get1_u32bit(const std::string &, u32bit=0) const
Definition: datastor.cpp:120
ASN1_Tag type_tag
Definition: asn1_int.h:82
std::string to_string(u64bit n, size_t min_len)
Definition: parsing.cpp:42
std::string readable_string() const
Definition: asn1_tm.cpp:216
std::multimap< std::string, std::string > contents() const
Definition: x509_dn.cpp:89
unsigned int u32bit
Definition: types.h:32
void add(const std::multimap< std::string, std::string > &)
Definition: datastor.cpp:161