#include <ocsp_types.h>
Public Member Functions | |
| CertID () | |
| CertID (const X509_Certificate &issuer, const X509_Certificate &subject) | |
| void | decode_from (class BER_Decoder &from) override |
| void | encode_into (class DER_Encoder &to) const override |
| bool | is_id_for (const X509_Certificate &issuer, const X509_Certificate &subject) const |
Detailed Description
Definition at line 19 of file ocsp_types.h.
Constructor & Destructor Documentation
| Botan::OCSP::CertID::CertID | ( | ) | [inline] |
Definition at line 22 of file ocsp_types.h.
{}
| Botan::OCSP::CertID::CertID | ( | const X509_Certificate & | issuer, |
| const X509_Certificate & | subject | ||
| ) |
Definition at line 20 of file ocsp_types.cpp.
References Botan::BER::decode(), Botan::get_hash(), Botan::X509_Certificate::raw_issuer_dn(), Botan::X509_Certificate::serial_number(), Botan::unlock(), and Botan::AlgorithmIdentifier::USE_NULL_PARAM.
{
/*
In practice it seems some responders, including, notably,
ocsp.verisign.com, will reject anything but SHA-1 here
*/
std::unique_ptr<HashFunction> hash(get_hash("SHA-160"));
m_hash_id = AlgorithmIdentifier(hash->name(), AlgorithmIdentifier::USE_NULL_PARAM);
m_issuer_key_hash = unlock(hash->process(extract_key_bitstr(issuer)));
m_issuer_dn_hash = unlock(hash->process(subject.raw_issuer_dn()));
m_subject_serial = BigInt::decode(subject.serial_number());
}
Member Function Documentation
| void Botan::OCSP::CertID::decode_from | ( | class BER_Decoder & | from | ) | [override, virtual] |
Decode whatever this object is from from
- Parameters:
-
from the BER_Decoder that will be read from
Implements Botan::ASN1_Object.
Definition at line 83 of file ocsp_types.cpp.
References Botan::BER_Decoder::decode(), Botan::BER_Decoder::end_cons(), Botan::OCTET_STRING, Botan::SEQUENCE, and Botan::BER_Decoder::start_cons().
{
from.start_cons(SEQUENCE)
.decode(m_hash_id)
.decode(m_issuer_dn_hash, OCTET_STRING)
.decode(m_issuer_key_hash, OCTET_STRING)
.decode(m_subject_serial)
.end_cons();
}
| void Botan::OCSP::CertID::encode_into | ( | class DER_Encoder & | to | ) | const [override, virtual] |
Encode whatever this object is into to
- Parameters:
-
to the DER_Encoder that will be written to
Implements Botan::ASN1_Object.
Definition at line 73 of file ocsp_types.cpp.
References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::OCTET_STRING, Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().
{
to.start_cons(SEQUENCE)
.encode(m_hash_id)
.encode(m_issuer_dn_hash, OCTET_STRING)
.encode(m_issuer_key_hash, OCTET_STRING)
.encode(m_subject_serial)
.end_cons();
}
| bool Botan::OCSP::CertID::is_id_for | ( | const X509_Certificate & | issuer, |
| const X509_Certificate & | subject | ||
| ) | const |
Definition at line 49 of file ocsp_types.cpp.
References Botan::BigInt::decode(), Botan::get_hash(), Botan::OIDS::lookup(), Botan::AlgorithmIdentifier::oid, Botan::X509_Certificate::raw_issuer_dn(), Botan::X509_Certificate::serial_number(), and Botan::unlock().
{
try
{
if(BigInt::decode(subject.serial_number()) != m_subject_serial)
return false;
std::unique_ptr<HashFunction> hash(get_hash(OIDS::lookup(m_hash_id.oid)));
if(m_issuer_dn_hash != unlock(hash->process(subject.raw_issuer_dn())))
return false;
if(m_issuer_key_hash != unlock(hash->process(extract_key_bitstr(issuer))))
return false;
}
catch(...)
{
return false;
}
return true;
}
The documentation for this class was generated from the following files:
- src/lib/cert/x509/ocsp_types.h
- src/lib/cert/x509/ocsp_types.cpp
