Source code
Revision control
Copy as Markdown
Other Tools
/*
* X.509 Self-Signed Certificate
* (C) 1999-2007 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#ifndef BOTAN_X509_SELF_H_
#define BOTAN_X509_SELF_H_
#include <botan/x509cert.h>
#include <botan/pkcs10.h>
#include <botan/pkix_types.h>
namespace Botan {
class RandomNumberGenerator;
class Private_Key;
/**
* Options for X.509 certificates.
*/
class BOTAN_PUBLIC_API(2,0) X509_Cert_Options final
{
public:
/**
* the subject common name
*/
std::string common_name;
/**
* the subject counry
*/
std::string country;
/**
* the subject organization
*/
std::string organization;
/**
* the subject organizational unit
*/
std::string org_unit;
/**
* additional subject organizational units.
*/
std::vector<std::string> more_org_units;
/**
* the subject locality
*/
std::string locality;
/**
* the subject state
*/
std::string state;
/**
* the subject serial number
*/
std::string serial_number;
/**
* the subject email adress
*/
std::string email;
/**
* the subject URI
*/
std::string uri;
/**
* the subject IPv4 address
*/
std::string ip;
/**
* the subject DNS
*/
std::string dns;
/**
* additional subject DNS entries.
*/
std::vector<std::string> more_dns;
/**
* the subject XMPP
*/
std::string xmpp;
/**
* the subject challenge password
*/
std::string challenge;
/**
* the subject notBefore
*/
X509_Time start;
/**
* the subject notAfter
*/
X509_Time end;
/**
* Indicates whether the certificate request
*/
bool is_CA;
/**
* Indicates the BasicConstraints path limit
*/
size_t path_limit;
std::string padding_scheme;
/**
* The key constraints for the subject public key
*/
Key_Constraints constraints;
/**
* The key extended constraints for the subject public key
*/
std::vector<OID> ex_constraints;
/**
* Additional X.509 extensions
*/
Extensions extensions;
/**
* Mark the certificate as a CA certificate and set the path limit.
* @param limit the path limit to be set in the BasicConstraints extension.
*/
void CA_key(size_t limit = 1);
/**
* Choose a padding scheme different from the default for the key used.
*/
void set_padding_scheme(const std::string& scheme);
/**
* Set the notBefore of the certificate.
* @param time the notBefore value of the certificate
*/
void not_before(const std::string& time);
/**
* Set the notAfter of the certificate.
* @param time the notAfter value of the certificate
*/
void not_after(const std::string& time);
/**
* Add the key constraints of the KeyUsage extension.
* @param constr the constraints to set
*/
void add_constraints(Key_Constraints constr);
/**
* Add constraints to the ExtendedKeyUsage extension.
* @param oid the oid to add
*/
void add_ex_constraint(const OID& oid);
/**
* Add constraints to the ExtendedKeyUsage extension.
* @param name the name to look up the oid to add
*/
void add_ex_constraint(const std::string& name);
/**
* Construct a new options object
* @param opts define the common name of this object. An example for this
* parameter would be "common_name/country/organization/organizational_unit".
* @param expire_time the expiration time (from the current clock in seconds)
*/
X509_Cert_Options(const std::string& opts = "",
uint32_t expire_time = 365 * 24 * 60 * 60);
};
namespace X509 {
/**
* Create a self-signed X.509 certificate.
* @param opts the options defining the certificate to create
* @param key the private key used for signing, i.e. the key
* associated with this self-signed certificate
* @param hash_fn the hash function to use
* @param rng the rng to use
* @return newly created self-signed certificate
*/
BOTAN_PUBLIC_API(2,0) X509_Certificate
create_self_signed_cert(const X509_Cert_Options& opts,
const Private_Key& key,
const std::string& hash_fn,
RandomNumberGenerator& rng);
/**
* Create a PKCS#10 certificate request.
* @param opts the options defining the request to create
* @param key the key used to sign this request
* @param rng the rng to use
* @param hash_fn the hash function to use
* @return newly created PKCS#10 request
*/
BOTAN_PUBLIC_API(2,0) PKCS10_Request create_cert_req(const X509_Cert_Options& opts,
const Private_Key& key,
const std::string& hash_fn,
RandomNumberGenerator& rng);
}
}
#endif