monotone

monotone Mtn Source Tree

Root/botan/x509_crl.cpp

1/*************************************************
2* X.509 CRL Source File *
3* (C) 1999-2005 The Botan Project *
4*************************************************/
5
6#include <botan/x509_crl.h>
7#include <botan/parsing.h>
8#include <botan/bigint.h>
9#include <botan/conf.h>
10#include <botan/oids.h>
11
12namespace Botan {
13
14/*************************************************
15* Load a X.509 CRL *
16*************************************************/
17X509_CRL::X509_CRL(DataSource& in) : X509_Object(in, "X509 CRL/CRL")
18 {
19 version = crl_count = 0;
20
21 do_decode();
22 }
23
24/*************************************************
25* Load a X.509 CRL *
26*************************************************/
27X509_CRL::X509_CRL(const std::string& in) : X509_Object(in, "CRL/X509 CRL")
28 {
29 version = crl_count = 0;
30
31 do_decode();
32 }
33
34/*************************************************
35* Decode the TBSCertList data *
36*************************************************/
37void X509_CRL::force_decode()
38 {
39 BER_Decoder tbs_crl(tbs_bits);
40
41 BER::decode_optional(tbs_crl, version, INTEGER, UNIVERSAL);
42
43 if(version != 0 && version != 1)
44 throw X509_CRL_Error("Unknown X.509 CRL version " +
45 to_string(version+1));
46
47 AlgorithmIdentifier sig_algo_inner;
48 BER::decode(tbs_crl, sig_algo_inner);
49
50 if(sig_algo != sig_algo_inner)
51 throw X509_CRL_Error("Algorithm identifier mismatch");
52
53 BER::decode(tbs_crl, issuer);
54 BER::decode(tbs_crl, start);
55 BER::decode(tbs_crl, end);
56
57 BER_Object next = tbs_crl.get_next_object();
58
59 if(next.type_tag == SEQUENCE && next.class_tag == CONSTRUCTED)
60 {
61 BER_Decoder cert_list(next.value);
62
63 while(cert_list.more_items())
64 {
65 CRL_Entry entry;
66 BER::decode(cert_list, entry);
67 revoked.push_back(entry);
68 }
69 next = tbs_crl.get_next_object();
70 }
71
72 if(next.type_tag == 0 &&
73 next.class_tag == ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC))
74 {
75 BER_Decoder crl_options(next.value);
76 BER_Decoder sequence = BER::get_subsequence(crl_options);
77
78 while(sequence.more_items())
79 {
80 Extension extn;
81 BER::decode(sequence, extn);
82 handle_crl_extension(extn);
83 }
84 next = tbs_crl.get_next_object();
85 }
86
87 if(next.type_tag != NO_OBJECT)
88 throw X509_CRL_Error("Unknown tag in CRL");
89
90 tbs_crl.verify_end();
91 }
92
93/*************************************************
94* Decode a CRL extension *
95*************************************************/
96void X509_CRL::handle_crl_extension(const Extension& extn)
97 {
98 BER_Decoder value(extn.value);
99
100 if(extn.oid == OIDS::lookup("X509v3.AuthorityKeyIdentifier"))
101 {
102 BER_Decoder key_id = BER::get_subsequence(value);
103 BER::decode_optional_string(key_id, issuer_key_id, OCTET_STRING,
104 ASN1_Tag(0), CONTEXT_SPECIFIC);
105 }
106 else if(extn.oid == OIDS::lookup("X509v3.CRLNumber"))
107 BER::decode(value, crl_count);
108 else
109 {
110 if(extn.critical)
111 {
112 std::string action = Config::get_string("x509/crl/unknown_critical");
113 if(action == "throw")
114 throw X509_CRL_Error("Unknown critical CRL extension " +
115 extn.oid.as_string());
116 else if(action != "ignore")
117 throw Invalid_Argument("Bad value of x509/crl/unknown_critical: "
118 + action);
119 }
120 return;
121 }
122
123 value.verify_end();
124 }
125
126/*************************************************
127* Return the list of revoked certificates *
128*************************************************/
129std::vector<CRL_Entry> X509_CRL::get_revoked() const
130 {
131 return revoked;
132 }
133
134/*************************************************
135* Return the distinguished name of the issuer *
136*************************************************/
137X509_DN X509_CRL::issuer_dn() const
138 {
139 return issuer;
140 }
141
142/*************************************************
143* Return the key identifier of the issuer *
144*************************************************/
145MemoryVector<byte> X509_CRL::authority_key_id() const
146 {
147 return issuer_key_id;
148 }
149
150/*************************************************
151* Return the CRL number of this CRL *
152*************************************************/
153u32bit X509_CRL::crl_number() const
154 {
155 return crl_count;
156 }
157
158/*************************************************
159* Return the issue data of the CRL *
160*************************************************/
161X509_Time X509_CRL::this_update() const
162 {
163 return start;
164 }
165
166/*************************************************
167* Return the date when a new CRL will be issued *
168*************************************************/
169X509_Time X509_CRL::next_update() const
170 {
171 return end;
172 }
173
174}

Archive Download this file

Branches

Tags

Quick Links:     www.monotone.ca    -     Downloads    -     Documentation    -     Wiki    -     Code Forge    -     Build Status