/* * Deocde the CertificateRequestInfo */ void PKCS10_Request::force_decode() { BER_Decoder cert_req_info(m_tbs_bits); size_t version; cert_req_info.decode(version); if(version != 0) throw Decoding_Error("Unknown version code in PKCS #10 request: " + std::to_string(version)); X509_DN dn_subject; cert_req_info.decode(dn_subject); m_info.add(dn_subject.contents()); BER_Object public_key = cert_req_info.get_next_object(); if(public_key.type_tag != SEQUENCE || public_key.class_tag != CONSTRUCTED) throw BER_Bad_Tag("PKCS10_Request: Unexpected tag for public key", public_key.type_tag, public_key.class_tag); m_info.add("X509.Certificate.public_key", PEM_Code::encode( ASN1::put_in_sequence(unlock(public_key.value)), "PUBLIC KEY" ) ); BER_Object attr_bits = cert_req_info.get_next_object(); if(attr_bits.type_tag == 0 && attr_bits.class_tag == ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC)) { BER_Decoder attributes(attr_bits.value); while(attributes.more_items()) { Attribute attr; attributes.decode(attr); handle_attribute(attr); } attributes.verify_end(); } else if(attr_bits.type_tag != NO_OBJECT) throw BER_Bad_Tag("PKCS10_Request: Unexpected tag for attributes", attr_bits.type_tag, attr_bits.class_tag); cert_req_info.verify_end(); if(!this->check_signature(subject_public_key())) throw Decoding_Error("PKCS #10 request: Bad signature detected"); }
/* * Decode a BER encoded KeyUsage */ void decode(BER_Decoder& source, Key_Constraints& key_usage) { BER_Object obj = source.get_next_object(); if(obj.type_tag != BIT_STRING || obj.class_tag != UNIVERSAL) throw BER_Bad_Tag("Bad tag for usage constraint", obj.type_tag, obj.class_tag); if(obj.value.size() != 2 && obj.value.size() != 3) throw BER_Decoding_Error("Bad size for BITSTRING in usage constraint"); if(obj.value[0] >= 8) throw BER_Decoding_Error("Invalid unused bits in usage constraint"); const byte mask = (0xFF << obj.value[0]); obj.value[obj.value.size()-1] &= mask; u16bit usage = 0; for(u32bit j = 1; j != obj.value.size(); ++j) usage = (obj.value[j] << 8) | usage; key_usage = Key_Constraints(usage); }