diff options
author | lloyd <[email protected]> | 2012-03-28 23:35:36 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-03-28 23:35:36 +0000 |
commit | 9594979caf775dc4062850044715b804d1fda60c (patch) | |
tree | 0eb8470483a12e64cca065d5e8bfad3cd28dfeef | |
parent | 0da08c29d55ddea710767267af3ec690e91a77a6 (diff) |
Kill off the quite vestigal pubkey_enums header. Move most of the code
to key_constraints.{h,cpp} in cert/x509. Move the X509_Encoding enum
to x509_key.h
Constify argument to X509_Object::check_signature, accidental ommision
-rw-r--r-- | src/cert/cvc/signed_obj.h | 2 | ||||
-rw-r--r-- | src/cert/x509/key_constraint.cpp (renamed from src/pubkey/pubkey_enums.cpp) | 29 | ||||
-rw-r--r-- | src/cert/x509/key_constraint.h (renamed from src/pubkey/pubkey_enums.h) | 24 | ||||
-rw-r--r-- | src/cert/x509/pkcs10.h | 1 | ||||
-rw-r--r-- | src/cert/x509/x509_ca.cpp | 3 | ||||
-rw-r--r-- | src/cert/x509/x509_obj.cpp | 6 | ||||
-rw-r--r-- | src/cert/x509/x509_obj.h | 6 | ||||
-rw-r--r-- | src/cert/x509/x509cert.h | 2 | ||||
-rw-r--r-- | src/pubkey/info.txt | 2 | ||||
-rw-r--r-- | src/pubkey/x509_key.cpp | 26 | ||||
-rw-r--r-- | src/pubkey/x509_key.h | 18 |
11 files changed, 59 insertions, 60 deletions
diff --git a/src/cert/cvc/signed_obj.h b/src/cert/cvc/signed_obj.h index 0c0fb30af..20f0e7b14 100644 --- a/src/cert/cvc/signed_obj.h +++ b/src/cert/cvc/signed_obj.h @@ -10,7 +10,7 @@ #define BOTAN_EAC_SIGNED_OBJECT_H__ #include <botan/asn1_obj.h> -#include <botan/pubkey_enums.h> +#include <botan/key_constraint.h> #include <botan/pipe.h> #include <vector> diff --git a/src/pubkey/pubkey_enums.cpp b/src/cert/x509/key_constraint.cpp index 90d835814..8a4b3deb3 100644 --- a/src/pubkey/pubkey_enums.cpp +++ b/src/cert/x509/key_constraint.cpp @@ -5,7 +5,8 @@ * Distributed under the terms of the Botan license */ -#include <botan/pubkey_enums.h> +#include <botan/key_constraint.h> +#include <botan/x509_key.h> #include <botan/ber_dec.h> namespace Botan { @@ -39,4 +40,30 @@ void decode(BER_Decoder& source, Key_Constraints& key_usage) } +/* +* Find the allowable key constraints +*/ +Key_Constraints find_constraints(const Public_Key& pub_key, + Key_Constraints limits) + { + const std::string name = pub_key.algo_name(); + + size_t constraints = 0; + + if(name == "DH" || name == "ECDH") + constraints |= KEY_AGREEMENT; + + if(name == "RSA" || name == "ElGamal") + constraints |= KEY_ENCIPHERMENT | DATA_ENCIPHERMENT; + + if(name == "RSA" || name == "RW" || name == "NR" || + name == "DSA" || name == "ECDSA") + constraints |= DIGITAL_SIGNATURE | NON_REPUDIATION; + + if(limits) + constraints &= limits; + + return Key_Constraints(constraints); + } + } diff --git a/src/pubkey/pubkey_enums.h b/src/cert/x509/key_constraint.h index c64a8493d..2c9b3778b 100644 --- a/src/pubkey/pubkey_enums.h +++ b/src/cert/x509/key_constraint.h @@ -28,6 +28,21 @@ enum Key_Constraints { DECIPHER_ONLY = 128 }; +class Public_Key; + +/** +* Create the key constraints for a specific public key. +* @param pub_key the public key from which the basic set of +* constraints to be placed in the return value is derived +* @param limits additional limits that will be incorporated into the +* return value +* @return combination of key type specific constraints and +* additional limits +*/ + +BOTAN_DLL Key_Constraints find_constraints(const Public_Key& pub_key, + Key_Constraints limits); + /** * BER Decoding Function for key constraints */ @@ -37,15 +52,6 @@ void BOTAN_DLL decode(BER_Decoder&, Key_Constraints&); } -/* -* Various Other Enumerations -*/ - -/** -* The two types of X509 encoding supported by Botan. -*/ -enum X509_Encoding { RAW_BER, PEM }; - } #endif diff --git a/src/cert/x509/pkcs10.h b/src/cert/x509/pkcs10.h index bd01fb6b5..065dfbdc0 100644 --- a/src/cert/x509/pkcs10.h +++ b/src/cert/x509/pkcs10.h @@ -12,6 +12,7 @@ #include <botan/x509_dn.h> #include <botan/pkcs8.h> #include <botan/datastor.h> +#include <botan/key_constraint.h> #include <vector> namespace Botan { diff --git a/src/cert/x509/x509_ca.cpp b/src/cert/x509/x509_ca.cpp index 40f2e3b3a..77e066533 100644 --- a/src/cert/x509/x509_ca.cpp +++ b/src/cert/x509/x509_ca.cpp @@ -14,6 +14,7 @@ #include <botan/lookup.h> #include <botan/oids.h> #include <botan/time.h> +#include <botan/key_constraint.h> #include <algorithm> #include <typeinfo> #include <iterator> @@ -57,7 +58,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req, else { std::auto_ptr<Public_Key> key(req.subject_public_key()); - constraints = X509::find_constraints(*key, req.constraints()); + constraints = find_constraints(*key, req.constraints()); } Extensions extensions; diff --git a/src/cert/x509/x509_obj.cpp b/src/cert/x509/x509_obj.cpp index c58081225..670bd8da6 100644 --- a/src/cert/x509/x509_obj.cpp +++ b/src/cert/x509/x509_obj.cpp @@ -168,16 +168,16 @@ std::string X509_Object::hash_used_for_signature() const /* * Check the signature on an object */ -bool X509_Object::check_signature(Public_Key* pub_key) const +bool X509_Object::check_signature(const Public_Key* pub_key) const { - std::auto_ptr<Public_Key> key(pub_key); + std::auto_ptr<const Public_Key> key(pub_key); return check_signature(*key); } /* * Check the signature on an object */ -bool X509_Object::check_signature(Public_Key& pub_key) const +bool X509_Object::check_signature(const Public_Key& pub_key) const { try { std::vector<std::string> sig_info = diff --git a/src/cert/x509/x509_obj.h b/src/cert/x509/x509_obj.h index 570b00f51..e46e72ce3 100644 --- a/src/cert/x509/x509_obj.h +++ b/src/cert/x509/x509_obj.h @@ -10,7 +10,7 @@ #include <botan/asn1_obj.h> #include <botan/pipe.h> -#include <botan/pubkey_enums.h> +#include <botan/x509_key.h> #include <botan/rng.h> #include <vector> @@ -62,7 +62,7 @@ class BOTAN_DLL X509_Object * @param key the public key purportedly used to sign this data * @return true if the signature is valid, otherwise false */ - bool check_signature(class Public_Key& key) const; + bool check_signature(const Public_Key& key) const; /** * Check the signature on this data @@ -70,7 +70,7 @@ class BOTAN_DLL X509_Object * the pointer will be deleted after use * @return true if the signature is valid, otherwise false */ - bool check_signature(class Public_Key* key) const; + bool check_signature(const Public_Key* key) const; /** * @return BER encoding of this diff --git a/src/cert/x509/x509cert.h b/src/cert/x509/x509cert.h index d25b97694..6a4fd6959 100644 --- a/src/cert/x509/x509cert.h +++ b/src/cert/x509/x509cert.h @@ -12,7 +12,7 @@ #include <botan/x509_dn.h> #include <botan/x509_key.h> #include <botan/datastor.h> -#include <botan/pubkey_enums.h> +#include <botan/key_constraint.h> #include <map> namespace Botan { diff --git a/src/pubkey/info.txt b/src/pubkey/info.txt index 5f36f63c4..c8e618839 100644 --- a/src/pubkey/info.txt +++ b/src/pubkey/info.txt @@ -6,7 +6,6 @@ pk_algs.cpp pk_keys.cpp pkcs8.cpp pubkey.cpp -pubkey_enums.cpp workfactor.cpp x509_key.cpp </source> @@ -17,7 +16,6 @@ pk_keys.h pk_ops.h pkcs8.h pubkey.h -pubkey_enums.h x509_key.h </header:public> diff --git a/src/pubkey/x509_key.cpp b/src/pubkey/x509_key.cpp index 4714b1285..c55f37d94 100644 --- a/src/pubkey/x509_key.cpp +++ b/src/pubkey/x509_key.cpp @@ -107,32 +107,6 @@ Public_Key* copy_key(const Public_Key& key) return X509::load_key(source); } -/* -* Find the allowable key constraints -*/ -Key_Constraints find_constraints(const Public_Key& pub_key, - Key_Constraints limits) - { - const std::string name = pub_key.algo_name(); - - size_t constraints = 0; - - if(name == "DH" || name == "ECDH") - constraints |= KEY_AGREEMENT; - - if(name == "RSA" || name == "ElGamal") - constraints |= KEY_ENCIPHERMENT | DATA_ENCIPHERMENT; - - if(name == "RSA" || name == "RW" || name == "NR" || - name == "DSA" || name == "ECDSA") - constraints |= DIGITAL_SIGNATURE | NON_REPUDIATION; - - if(limits) - constraints &= limits; - - return Key_Constraints(constraints); - } - } } diff --git a/src/pubkey/x509_key.h b/src/pubkey/x509_key.h index 3fdee8cde..13ad7e635 100644 --- a/src/pubkey/x509_key.h +++ b/src/pubkey/x509_key.h @@ -10,13 +10,17 @@ #include <botan/pk_keys.h> #include <botan/alg_id.h> -#include <botan/pubkey_enums.h> #include <botan/pipe.h> #include <string> namespace Botan { /** +* The two types of X509 encoding supported by Botan. +*/ +enum X509_Encoding { RAW_BER, PEM }; + +/** * This namespace contains functions for handling X.509 public keys */ namespace X509 { @@ -64,18 +68,6 @@ BOTAN_DLL Public_Key* load_key(const MemoryRegion<byte>& enc); BOTAN_DLL Public_Key* copy_key(const Public_Key& key); /** -* Create the key constraints for a specific public key. -* @param pub_key the public key from which the basic set of -* constraints to be placed in the return value is derived -* @param limits additional limits that will be incorporated into the -* return value -* @return combination of key type specific constraints and -* additional limits -*/ -BOTAN_DLL Key_Constraints find_constraints(const Public_Key& pub_key, - Key_Constraints limits); - -/** * Encode a key into a pipe. * @deprecated Use PEM_encode or BER_encode instead * |