A collection for working with certificates. More...

Classes
class	evp_pkey_handle
	Handle class for EVP_PKEY structures. More...

Functions
std::unique_ptr< BIO, decltype(&BIO_free_all)>	make_mem_buf_bio ()

std::unique_ptr< BIO, decltype(&BIO_free_all)>	make_mem_buf_bio (const std::string &data)

template<typename error_category = error::rsa_error>
std::string	write_bio_to_string (std::unique_ptr< BIO, decltype(&BIO_free_all)> &bio_out, std::error_code &ec)

std::unique_ptr< EVP_MD_CTX, void()(EVP_MD_CTX )>	make_evp_md_ctx ()

template<typename error_category = error::rsa_error>
std::string	extract_pubkey_from_cert (const std::string &certstr, const std::string &pw, std::error_code &ec)
	Extract the public key of a pem certificate.

template<typename error_category = error::rsa_error>
std::string	extract_pubkey_from_cert (const std::string &certstr, const std::string &pw="")
	Extract the public key of a pem certificate.

std::string	convert_der_to_pem (const std::string &cert_der_str, std::error_code &ec)
	Convert the certificate provided as DER to PEM.

template<typename Decode >
std::string	convert_base64_der_to_pem (const std::string &cert_base64_der_str, Decode decode, std::error_code &ec)
	Convert the certificate provided as base64 DER to PEM.

template<typename Decode >
std::string	convert_base64_der_to_pem (const std::string &cert_base64_der_str, Decode decode)
	Convert the certificate provided as base64 DER to PEM.

std::string	convert_der_to_pem (const std::string &cert_der_str)
	Convert the certificate provided as DER to PEM.

std::string	convert_base64_der_to_pem (const std::string &cert_base64_der_str, std::error_code &ec)
	Convert the certificate provided as base64 DER to PEM.

std::string	convert_base64_der_to_pem (const std::string &cert_base64_der_str)
	Convert the certificate provided as base64 DER to PEM.

template<typename error_category = error::rsa_error>
evp_pkey_handle	load_public_key_from_string (const std::string &key, const std::string &password, std::error_code &ec)
	Load a public key from a string.

template<typename error_category = error::rsa_error>
evp_pkey_handle	load_public_key_from_string (const std::string &key, const std::string &password="")
	Load a public key from a string.

template<typename error_category = error::rsa_error>
evp_pkey_handle	load_private_key_from_string (const std::string &key, const std::string &password, std::error_code &ec)
	Load a private key from a string.

template<typename error_category = error::rsa_error>
evp_pkey_handle	load_private_key_from_string (const std::string &key, const std::string &password="")
	Load a private key from a string.

evp_pkey_handle	load_public_ec_key_from_string (const std::string &key, const std::string &password, std::error_code &ec)
	Load a public key from a string.

std::string	bn2raw (const BIGNUM *bn)

std::unique_ptr< BIGNUM, decltype(&BN_free)>	raw2bn (const std::string &raw, std::error_code &ec)

std::unique_ptr< BIGNUM, decltype(&BN_free)>	raw2bn (const std::string &raw)

evp_pkey_handle	load_public_ec_key_from_string (const std::string &key, const std::string &password="")
	Load a public key from a string.

evp_pkey_handle	load_private_ec_key_from_string (const std::string &key, const std::string &password, std::error_code &ec)
	Load a private key from a string.

template<typename Decode >
std::string	create_public_key_from_rsa_components (const std::string &modulus, const std::string &exponent, Decode decode, std::error_code &ec)
	create public key from modulus and exponent. This is defined in RFC 7518 Section 6.3 Using the required "n" (Modulus) Parameter and "e" (Exponent) Parameter.

template<typename Decode >
std::string	create_public_key_from_rsa_components (const std::string &modulus, const std::string &exponent, Decode decode)

std::string	create_public_key_from_rsa_components (const std::string &modulus, const std::string &exponent, std::error_code &ec)

std::string	create_public_key_from_rsa_components (const std::string &modulus, const std::string &exponent)

evp_pkey_handle	load_private_ec_key_from_string (const std::string &key, const std::string &password="")
	Load a private key from a string.

int	curve2nid (const std::string curve, std::error_code &ec)
	Convert a curve name to an ID.

template<typename Decode >
std::string	create_public_key_from_ec_components (const std::string &curve, const std::string &x, const std::string &y, Decode decode, std::error_code &ec)

template<typename Decode >
std::string	create_public_key_from_ec_components (const std::string &curve, const std::string &x, const std::string &y, Decode decode)

std::string	create_public_key_from_ec_components (const std::string &curve, const std::string &x, const std::string &y, std::error_code &ec)

std::string	create_public_key_from_ec_components (const std::string &curve, const std::string &x, const std::string &y)

Detailed Description

A collection for working with certificates.

These helpers are usefully when working with certificates OpenSSL APIs. For example, when dealing with JWKS (JSON Web Key Set)[https://tools.ietf.org/html/rfc7517] you maybe need to extract the modulus and exponent of an RSA Public Key.

Function Documentation

◆ bn2raw()

std::string jwt::helper::bn2raw ( const BIGNUM * bn )

inline

Convert a OpenSSL BIGNUM to a std::string

Parameters

bn	BIGNUM to convert

Returns: bignum as string

◆ convert_base64_der_to_pem() [1/4]

std::string jwt::helper::convert_base64_der_to_pem ( const std::string & cert_base64_der_str )

inline

Convert the certificate provided as base64 DER to PEM.

This is useful when using with JWKs as x5c claim is encoded as base64 DER. More info here

Parameters

cert_base64_der_str String containing the certificate encoded as base64 DER

Exceptions

rsa_exception if an error occurred

◆ convert_base64_der_to_pem() [2/4]

template<typename Decode >

std::string jwt::helper::convert_base64_der_to_pem	(	const std::string &	cert_base64_der_str,
		Decode	decode )

Convert the certificate provided as base64 DER to PEM.

This is useful when using with JWKs as x5c claim is encoded as base64 DER. More info here

Template Parameters

Decode is callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64 decode and return the results.

Parameters

cert_base64_der_str	String containing the certificate encoded as base64 DER
decode	The function to decode the cert

Exceptions

rsa_exception if an error occurred

◆ convert_base64_der_to_pem() [3/4]

template<typename Decode >

std::string jwt::helper::convert_base64_der_to_pem	(	const std::string &	cert_base64_der_str,
		Decode	decode,
		std::error_code &	ec )

Convert the certificate provided as base64 DER to PEM.

This is useful when using with JWKs as x5c claim is encoded as base64 DER. More info here.

Template Parameters

Decode is callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64 decode and return the results.

Parameters

cert_base64_der_str	String containing the certificate encoded as base64 DER
decode	The function to decode the cert
ec	error_code for error_detection (gets cleared if no error occurs)

◆ convert_base64_der_to_pem() [4/4]

std::string jwt::helper::convert_base64_der_to_pem	(	const std::string &	cert_base64_der_str,
		std::error_code &	ec )

inline

Convert the certificate provided as base64 DER to PEM.

This is useful when using with JWKs as x5c claim is encoded as base64 DER. More info here

Parameters

cert_base64_der_str	String containing the certificate encoded as base64 DER
ec	error_code for error_detection (gets cleared if no error occurs)

◆ convert_der_to_pem() [1/2]

std::string jwt::helper::convert_der_to_pem ( const std::string & cert_der_str )

inline

Convert the certificate provided as DER to PEM.

Parameters

cert_der_str String containing the DER certificate

Exceptions

rsa_exception if an error occurred

◆ convert_der_to_pem() [2/2]

std::string jwt::helper::convert_der_to_pem	(	const std::string &	cert_der_str,
		std::error_code &	ec )

inline

Convert the certificate provided as DER to PEM.

Parameters

cert_der_str	String containing the certificate encoded as base64 DER
ec	error_code for error_detection (gets cleared if no error occurs)

◆ create_public_key_from_ec_components() [1/4]

std::string jwt::helper::create_public_key_from_ec_components	(	const std::string &	curve,
		const std::string &	x,
		const std::string &	y )

inline

Create public key from curve name and coordinates. This is defined in RFC 7518 Section 6.2 Using the required "crv" (Curve), "x" (X Coordinate) and "y" (Y Coordinate) Parameters.

Parameters

curve	string containing curve name
x	string containing base64url encoded x coordinate
y	string containing base64url encoded y coordinate

Returns: public key in PEM format

◆ create_public_key_from_ec_components() [2/4]

template<typename Decode >

std::string jwt::helper::create_public_key_from_ec_components	(	const std::string &	curve,
		const std::string &	x,
		const std::string &	y,
		Decode	decode )

Create public key from curve name and coordinates. This is defined in RFC 7518 Section 6.2 Using the required "crv" (Curve), "x" (X Coordinate) and "y" (Y Coordinate) Parameters.

Template Parameters

Decode is callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64url decode and return the results.

Parameters

curve	string containing curve name
x	string containing base64url encoded x coordinate
y	string containing base64url encoded y coordinate
decode	The function to decode the RSA parameters

Returns: public key in PEM format

◆ create_public_key_from_ec_components() [3/4]

template<typename Decode >

std::string jwt::helper::create_public_key_from_ec_components	(	const std::string &	curve,
		const std::string &	x,
		const std::string &	y,
		Decode	decode,
		std::error_code &	ec )

Create public key from curve name and coordinates. This is defined in RFC 7518 Section 6.2 Using the required "crv" (Curve), "x" (X Coordinate) and "y" (Y Coordinate) Parameters.

Template Parameters

Decode is callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64url decode and return the results.

Parameters

curve	string containing curve name
x	string containing base64url encoded x coordinate
y	string containing base64url encoded y coordinate
decode	The function to decode the RSA parameters
ec	error_code for error_detection (gets cleared if no error occur

Returns: public key in PEM format

◆ create_public_key_from_ec_components() [4/4]

std::string jwt::helper::create_public_key_from_ec_components	(	const std::string &	curve,
		const std::string &	x,
		const std::string &	y,
		std::error_code &	ec )

inline

Create public key from curve name and coordinates. This is defined in RFC 7518 Section 6.2 Using the required "crv" (Curve), "x" (X Coordinate) and "y" (Y Coordinate) Parameters.

Parameters

curve	string containing curve name
x	string containing base64url encoded x coordinate
y	string containing base64url encoded y coordinate
ec	error_code for error_detection (gets cleared if no error occur

Returns: public key in PEM format

◆ create_public_key_from_rsa_components() [1/4]

std::string jwt::helper::create_public_key_from_rsa_components	(	const std::string &	modulus,
		const std::string &	exponent )

inline

Create public key from modulus and exponent. This is defined in RFC 7518 Section 6.3 Using the required "n" (Modulus) Parameter and "e" (Exponent) Parameter.

Parameters

modulus	string containing base64url encoded modulus
exponent	string containing base64url encoded exponent

Returns: public key in PEM format

◆ create_public_key_from_rsa_components() [2/4]

template<typename Decode >

std::string jwt::helper::create_public_key_from_rsa_components	(	const std::string &	modulus,
		const std::string &	exponent,
		Decode	decode )

Create public key from modulus and exponent. This is defined in RFC 7518 Section 6.3 Using the required "n" (Modulus) Parameter and "e" (Exponent) Parameter.

Template Parameters

Decode is callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64url decode and return the results.

Parameters

modulus	string containing base64url encoded modulus
exponent	string containing base64url encoded exponent
decode	The function to decode the RSA parameters

Returns: public key in PEM format

◆ create_public_key_from_rsa_components() [3/4]

template<typename Decode >

std::string jwt::helper::create_public_key_from_rsa_components	(	const std::string &	modulus,
		const std::string &	exponent,
		Decode	decode,
		std::error_code &	ec )

create public key from modulus and exponent. This is defined in RFC 7518 Section 6.3 Using the required "n" (Modulus) Parameter and "e" (Exponent) Parameter.

Template Parameters

Decode is callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64url decode and return the results.

Parameters

modulus	string containing base64url encoded modulus
exponent	string containing base64url encoded exponent
decode	The function to decode the RSA parameters
ec	error_code for error_detection (gets cleared if no error occur

Returns: public key in PEM format

◆ create_public_key_from_rsa_components() [4/4]

std::string jwt::helper::create_public_key_from_rsa_components	(	const std::string &	modulus,
		const std::string &	exponent,
		std::error_code &	ec )

inline

Create public key from modulus and exponent. This is defined in RFC 7518 Section 6.3 Using the required "n" (Modulus) Parameter and "e" (Exponent) Parameter.

Parameters

modulus	string containing base64 encoded modulus
exponent	string containing base64 encoded exponent
ec	error_code for error_detection (gets cleared if no error occur

Returns: public key in PEM format

◆ curve2nid()

int jwt::helper::curve2nid	(	const std::string	curve,
		std::error_code &	ec )

inline

Convert a curve name to an ID.

Parameters

curve	string containing curve name
ec	error_code for error_detection

Returns: ID

◆ extract_pubkey_from_cert() [1/2]

template<typename error_category = error::rsa_error>

std::string jwt::helper::extract_pubkey_from_cert	(	const std::string &	certstr,
		const std::string &	pw,
		std::error_code &	ec )

Extract the public key of a pem certificate.

Template Parameters

error_category jwt::error enum category to match with the keys being used

Parameters

certstr	String containing the certificate encoded as pem
pw	Password used to decrypt certificate (leave empty if not encrypted)
ec	error_code for error_detection (gets cleared if no error occurred)

◆ extract_pubkey_from_cert() [2/2]

template<typename error_category = error::rsa_error>

std::string jwt::helper::extract_pubkey_from_cert	(	const std::string &	certstr,
		const std::string &	pw = "" )

Extract the public key of a pem certificate.

Template Parameters

error_category jwt::error enum category to match with the keys being used

Parameters

certstr	String containing the certificate encoded as pem
pw	Password used to decrypt certificate (leave empty if not encrypted)

Exceptions

templated error_category's type exception if an error occurred

◆ load_private_ec_key_from_string() [1/2]

evp_pkey_handle jwt::helper::load_private_ec_key_from_string	(	const std::string &	key,
		const std::string &	password,
		std::error_code &	ec )

inline

Load a private key from a string.

Deprecated: Use the templated version helper::load_private_key_from_string with error::ecdsa_error

Parameters

key	String containing a private key as pem
password	Password used to decrypt key (leave empty if not encrypted)
ec	error_code for error_detection (gets cleared if no error occurs)

◆ load_private_ec_key_from_string() [2/2]

evp_pkey_handle jwt::helper::load_private_ec_key_from_string	(	const std::string &	key,
		const std::string &	password = "" )

inline

Load a private key from a string.

Deprecated: Use the templated version helper::load_private_key_from_string with error::ecdsa_error

Parameters

key	String containing a private key as pem
password	Password used to decrypt key (leave empty if not encrypted)

Exceptions

ecdsa_exception if an error occurred

◆ load_private_key_from_string() [1/2]

template<typename error_category = error::rsa_error>

evp_pkey_handle jwt::helper::load_private_key_from_string	(	const std::string &	key,
		const std::string &	password,
		std::error_code &	ec )

inline

Load a private key from a string.

Template Parameters

error_category jwt::error enum category to match with the keys being used

Parameters

key	String containing a private key as pem
password	Password used to decrypt key (leave empty if not encrypted)
ec	error_code for error_detection (gets cleared if no error occurs)

◆ load_private_key_from_string() [2/2]

template<typename error_category = error::rsa_error>

evp_pkey_handle jwt::helper::load_private_key_from_string	(	const std::string &	key,
		const std::string &	password = "" )

inline

Load a private key from a string.

Template Parameters

error_category jwt::error enum category to match with the keys being used

Parameters

key	String containing a private key as pem
password	Password used to decrypt key (leave empty if not encrypted)

Exceptions

Templated error_category's type exception if an error occurred

◆ load_public_ec_key_from_string() [1/2]

evp_pkey_handle jwt::helper::load_public_ec_key_from_string	(	const std::string &	key,
		const std::string &	password,
		std::error_code &	ec )

inline

Load a public key from a string.

The string should contain a pem encoded certificate or public key

Deprecated: Use the templated version helper::load_private_key_from_string with error::ecdsa_error

Parameters

key	String containing the certificate encoded as pem
password	Password used to decrypt certificate (leave empty if not encrypted)
ec	error_code for error_detection (gets cleared if no error occurs)

◆ load_public_ec_key_from_string() [2/2]

evp_pkey_handle jwt::helper::load_public_ec_key_from_string	(	const std::string &	key,
		const std::string &	password = "" )

inline

Load a public key from a string.

The string should contain a pem encoded certificate or public key

Deprecated: Use the templated version helper::load_private_key_from_string with error::ecdsa_error

Parameters

key	String containing the certificate or key encoded as pem
password	Password used to decrypt certificate or key (leave empty if not encrypted)

Exceptions

ecdsa_exception if an error occurred

◆ load_public_key_from_string() [1/2]

template<typename error_category = error::rsa_error>

evp_pkey_handle jwt::helper::load_public_key_from_string	(	const std::string &	key,
		const std::string &	password,
		std::error_code &	ec )

Load a public key from a string.

The string should contain a pem encoded certificate or public key

Template Parameters

error_category jwt::error enum category to match with the keys being used

Parameters

key	String containing the certificate encoded as pem
password	Password used to decrypt certificate (leave empty if not encrypted)
ec	error_code for error_detection (gets cleared if no error occurs)

◆ load_public_key_from_string() [2/2]

template<typename error_category = error::rsa_error>

evp_pkey_handle jwt::helper::load_public_key_from_string	(	const std::string &	key,
		const std::string &	password = "" )

inline

Load a public key from a string.

The string should contain a pem encoded certificate or public key

Template Parameters

error_category jwt::error enum category to match with the keys being used

Parameters

key	String containing the certificate encoded as pem
password	Password used to decrypt certificate (leave empty if not encrypted)

Exceptions

Templated error_category's type exception if an error occurred

◆ raw2bn() [1/2]

std::unique_ptr< BIGNUM, decltype(&BN_free)> jwt::helper::raw2bn ( const std::string & raw )

inline

Convert an std::string to a OpenSSL BIGNUM

Parameters

raw	String to convert

Returns: BIGNUM representation

◆ raw2bn() [2/2]

std::unique_ptr< BIGNUM, decltype(&BN_free)> jwt::helper::raw2bn	(	const std::string &	raw,
		std::error_code &	ec )

inline

Convert an std::string to a OpenSSL BIGNUM

Parameters

raw	String to convert
ec	error_code for error_detection (gets cleared if no error occurs)

Returns: BIGNUM representation

Classes

Functions

Detailed Description

Function Documentation

◆ bn2raw()

◆ convert_base64_der_to_pem() [1/4]

◆ convert_base64_der_to_pem() [2/4]

◆ convert_base64_der_to_pem() [3/4]

◆ convert_base64_der_to_pem() [4/4]

◆ convert_der_to_pem() [1/2]

◆ convert_der_to_pem() [2/2]

◆ create_public_key_from_ec_components() [1/4]

◆ create_public_key_from_ec_components() [2/4]

◆ create_public_key_from_ec_components() [3/4]

◆ create_public_key_from_ec_components() [4/4]

◆ create_public_key_from_rsa_components() [1/4]

◆ create_public_key_from_rsa_components() [2/4]

◆ create_public_key_from_rsa_components() [3/4]

◆ create_public_key_from_rsa_components() [4/4]

◆ curve2nid()

◆ extract_pubkey_from_cert() [1/2]

◆ extract_pubkey_from_cert() [2/2]

◆ load_private_ec_key_from_string() [1/2]

◆ load_private_ec_key_from_string() [2/2]

◆ load_private_key_from_string() [1/2]

◆ load_private_key_from_string() [2/2]

◆ load_public_ec_key_from_string() [1/2]

◆ load_public_ec_key_from_string() [2/2]

◆ load_public_key_from_string() [1/2]

◆ load_public_key_from_string() [2/2]

◆ raw2bn() [1/2]

◆ raw2bn() [2/2]