8 #include <botan/x509_ca.h>     9 #include <botan/pubkey.h>    10 #include <botan/der_enc.h>    11 #include <botan/ber_dec.h>    12 #include <botan/bigint.h>    13 #include <botan/parsing.h>    14 #include <botan/lookup.h>    15 #include <botan/oids.h>    16 #include <botan/time.h>    30                  const std::string& hash_fn) : cert(c)
    80    return make_cert(signer, rng, ca_sig_algo,
    82                     not_before, not_after,
   100    const size_t X509_CERT_VERSION = 3;
   101    const size_t SERIAL_BITS = 128;
   103    BigInt serial_no(rng, SERIAL_BITS);
   108                .
encode(X509_CERT_VERSION-1)
   142    std::vector<CRL_Entry> empty;
   143    return make_crl(empty, 1, next_update, rng);
   150                              const std::vector<CRL_Entry>& new_revoked,
   154    std::vector<CRL_Entry> revoked = crl.
get_revoked();
   156    std::copy(new_revoked.begin(), new_revoked.end(),
   157              std::back_inserter(revoked));
   159    return make_crl(revoked, crl.
crl_number() + 1, next_update, rng);
   165 X509_CRL X509_CA::make_crl(
const std::vector<CRL_Entry>& revoked,
   169    const size_t X509_CRL_VERSION = 2;
   184             .
encode(X509_CRL_VERSION-1)
   189             .encode_if(revoked.size() > 0,
   219                              const std::string& hash_fn,
   224    const std::string algo_name = key.
algo_name();
   233    if(algo_name == 
"RSA")
   235    else if(algo_name == 
"DSA")
   237    else if(algo_name == 
"ECDSA")
   238       padding = 
"EMSA1_BSI";
   245    padding = padding + 
'(' + proto_hash->
name() + 
')';
   250    return new PK_Signer(key, padding, format);
 X509_DN issuer_dn() const
X509_DN subject_dn() const
MemoryVector< byte > subject_key_id() const
DER_Encoder & encode_list(const std::vector< T > &values)
static X509_Certificate make_cert(PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &sig_algo, const MemoryRegion< byte > &pub_key, const X509_Time ¬_before, const X509_Time ¬_after, const X509_DN &issuer_dn, const X509_DN &subject_dn, const Extensions &extensions)
X509_CA(const X509_Certificate &ca_certificate, const Private_Key &key, const std::string &hash_fn)
virtual AlgorithmIdentifier algorithm_identifier() const =0
u32bit crl_number() const
AlternativeName subject_alt_name() const
X509_Certificate ca_certificate() const
virtual std::string algo_name() const =0
std::invalid_argument Invalid_Argument
SecureVector< byte > parameters
X509_CRL update_crl(const X509_CRL &last_crl, const std::vector< CRL_Entry > &new_entries, RandomNumberGenerator &rng, u32bit next_update=0) const
void add(Certificate_Extension *extn, bool critical=false)
unsigned long long u64bit
Key_Constraints find_constraints(const Public_Key &pub_key, Key_Constraints limits)
std::string lookup(const OID &oid)
std::vector< CRL_Entry > get_revoked() const
Key_Constraints constraints() const
virtual std::string name() const =0
static MemoryVector< byte > make_signed(class PK_Signer *signer, RandomNumberGenerator &rng, const AlgorithmIdentifier &alg_id, const MemoryRegion< byte > &tbs)
std::string encode(const byte der[], size_t length, const std::string &label, size_t width)
MemoryVector< byte > raw_public_key() const
u32bit path_limit() const
u32bit timespec_to_u32bit(const std::string ×pec)
DER_Encoder & start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
const HashFunction * retrieve_hash(const std::string &algo_spec)
X509_DN subject_dn() const
virtual size_t max_input_bits() const =0
Public_Key * subject_public_key() const
X509_Certificate sign_request(const PKCS10_Request &req, RandomNumberGenerator &rng, const X509_Time ¬_before, const X509_Time ¬_after)
X509_CRL new_crl(RandomNumberGenerator &rng, u32bit next_update=0) const
virtual size_t output_length() const =0
virtual size_t message_parts() const
PK_Signer * choose_sig_format(const Private_Key &key, const std::string &hash_fn, AlgorithmIdentifier &sig_algo)
std::vector< OID > ex_constraints() const