5
* Botan is released under the Simplified BSD License (see license.txt)
8
#include <botan/ocsp_types.h>
9
#include <botan/der_enc.h>
10
#include <botan/ber_dec.h>
11
#include <botan/x509_ext.h>
12
#include <botan/hash.h>
13
#include <botan/oids.h>
19
CertID::CertID(const X509_Certificate& issuer,
20
const BigInt& subject_serial)
23
In practice it seems some responders, including, notably,
24
ocsp.verisign.com, will reject anything but SHA-1 here
26
std::unique_ptr<HashFunction> hash(HashFunction::create_or_throw("SHA-160"));
28
m_hash_id = AlgorithmIdentifier(hash->name(), AlgorithmIdentifier::USE_NULL_PARAM);
29
m_issuer_key_hash = unlock(hash->process(issuer.subject_public_key_bitstring()));
30
m_issuer_dn_hash = unlock(hash->process(issuer.raw_subject_dn()));
31
m_subject_serial = subject_serial;
34
bool CertID::is_id_for(const X509_Certificate& issuer,
35
const X509_Certificate& subject) const
39
if(BigInt::decode(subject.serial_number()) != m_subject_serial)
42
std::unique_ptr<HashFunction> hash(HashFunction::create(OIDS::lookup(m_hash_id.get_oid())));
44
if(m_issuer_dn_hash != unlock(hash->process(subject.raw_issuer_dn())))
47
if(m_issuer_key_hash != unlock(hash->process(issuer.subject_public_key_bitstring())))
58
void CertID::encode_into(class DER_Encoder& to) const
60
to.start_cons(SEQUENCE)
62
.encode(m_issuer_dn_hash, OCTET_STRING)
63
.encode(m_issuer_key_hash, OCTET_STRING)
64
.encode(m_subject_serial)
68
void CertID::decode_from(class BER_Decoder& from)
70
from.start_cons(SEQUENCE)
72
.decode(m_issuer_dn_hash, OCTET_STRING)
73
.decode(m_issuer_key_hash, OCTET_STRING)
74
.decode(m_subject_serial)
79
void SingleResponse::encode_into(class DER_Encoder&) const
81
throw Not_Implemented("SingleResponse::encode_into");
84
void SingleResponse::decode_from(class BER_Decoder& from)
86
BER_Object cert_status;
87
Extensions extensions;
89
from.start_cons(SEQUENCE)
91
.get_next(cert_status)
93
.decode_optional(m_nextupdate, ASN1_Tag(0),
94
ASN1_Tag(CONTEXT_SPECIFIC | CONSTRUCTED))
95
.decode_optional(extensions,
97
ASN1_Tag(CONTEXT_SPECIFIC | CONSTRUCTED))
100
m_cert_status = cert_status.type_tag;