aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-03-28 23:35:36 +0000
committerlloyd <[email protected]>2012-03-28 23:35:36 +0000
commit9594979caf775dc4062850044715b804d1fda60c (patch)
tree0eb8470483a12e64cca065d5e8bfad3cd28dfeef
parent0da08c29d55ddea710767267af3ec690e91a77a6 (diff)
Kill off the quite vestigal pubkey_enums header. Move most of the code
to key_constraints.{h,cpp} in cert/x509. Move the X509_Encoding enum to x509_key.h Constify argument to X509_Object::check_signature, accidental ommision
-rw-r--r--src/cert/cvc/signed_obj.h2
-rw-r--r--src/cert/x509/key_constraint.cpp (renamed from src/pubkey/pubkey_enums.cpp)29
-rw-r--r--src/cert/x509/key_constraint.h (renamed from src/pubkey/pubkey_enums.h)24
-rw-r--r--src/cert/x509/pkcs10.h1
-rw-r--r--src/cert/x509/x509_ca.cpp3
-rw-r--r--src/cert/x509/x509_obj.cpp6
-rw-r--r--src/cert/x509/x509_obj.h6
-rw-r--r--src/cert/x509/x509cert.h2
-rw-r--r--src/pubkey/info.txt2
-rw-r--r--src/pubkey/x509_key.cpp26
-rw-r--r--src/pubkey/x509_key.h18
11 files changed, 59 insertions, 60 deletions
diff --git a/src/cert/cvc/signed_obj.h b/src/cert/cvc/signed_obj.h
index 0c0fb30af..20f0e7b14 100644
--- a/src/cert/cvc/signed_obj.h
+++ b/src/cert/cvc/signed_obj.h
@@ -10,7 +10,7 @@
#define BOTAN_EAC_SIGNED_OBJECT_H__
#include <botan/asn1_obj.h>
-#include <botan/pubkey_enums.h>
+#include <botan/key_constraint.h>
#include <botan/pipe.h>
#include <vector>
diff --git a/src/pubkey/pubkey_enums.cpp b/src/cert/x509/key_constraint.cpp
index 90d835814..8a4b3deb3 100644
--- a/src/pubkey/pubkey_enums.cpp
+++ b/src/cert/x509/key_constraint.cpp
@@ -5,7 +5,8 @@
* Distributed under the terms of the Botan license
*/
-#include <botan/pubkey_enums.h>
+#include <botan/key_constraint.h>
+#include <botan/x509_key.h>
#include <botan/ber_dec.h>
namespace Botan {
@@ -39,4 +40,30 @@ void decode(BER_Decoder& source, Key_Constraints& key_usage)
}
+/*
+* Find the allowable key constraints
+*/
+Key_Constraints find_constraints(const Public_Key& pub_key,
+ Key_Constraints limits)
+ {
+ const std::string name = pub_key.algo_name();
+
+ size_t constraints = 0;
+
+ if(name == "DH" || name == "ECDH")
+ constraints |= KEY_AGREEMENT;
+
+ if(name == "RSA" || name == "ElGamal")
+ constraints |= KEY_ENCIPHERMENT | DATA_ENCIPHERMENT;
+
+ if(name == "RSA" || name == "RW" || name == "NR" ||
+ name == "DSA" || name == "ECDSA")
+ constraints |= DIGITAL_SIGNATURE | NON_REPUDIATION;
+
+ if(limits)
+ constraints &= limits;
+
+ return Key_Constraints(constraints);
+ }
+
}
diff --git a/src/pubkey/pubkey_enums.h b/src/cert/x509/key_constraint.h
index c64a8493d..2c9b3778b 100644
--- a/src/pubkey/pubkey_enums.h
+++ b/src/cert/x509/key_constraint.h
@@ -28,6 +28,21 @@ enum Key_Constraints {
DECIPHER_ONLY = 128
};
+class Public_Key;
+
+/**
+* Create the key constraints for a specific public key.
+* @param pub_key the public key from which the basic set of
+* constraints to be placed in the return value is derived
+* @param limits additional limits that will be incorporated into the
+* return value
+* @return combination of key type specific constraints and
+* additional limits
+*/
+
+BOTAN_DLL Key_Constraints find_constraints(const Public_Key& pub_key,
+ Key_Constraints limits);
+
/**
* BER Decoding Function for key constraints
*/
@@ -37,15 +52,6 @@ void BOTAN_DLL decode(BER_Decoder&, Key_Constraints&);
}
-/*
-* Various Other Enumerations
-*/
-
-/**
-* The two types of X509 encoding supported by Botan.
-*/
-enum X509_Encoding { RAW_BER, PEM };
-
}
#endif
diff --git a/src/cert/x509/pkcs10.h b/src/cert/x509/pkcs10.h
index bd01fb6b5..065dfbdc0 100644
--- a/src/cert/x509/pkcs10.h
+++ b/src/cert/x509/pkcs10.h
@@ -12,6 +12,7 @@
#include <botan/x509_dn.h>
#include <botan/pkcs8.h>
#include <botan/datastor.h>
+#include <botan/key_constraint.h>
#include <vector>
namespace Botan {
diff --git a/src/cert/x509/x509_ca.cpp b/src/cert/x509/x509_ca.cpp
index 40f2e3b3a..77e066533 100644
--- a/src/cert/x509/x509_ca.cpp
+++ b/src/cert/x509/x509_ca.cpp
@@ -14,6 +14,7 @@
#include <botan/lookup.h>
#include <botan/oids.h>
#include <botan/time.h>
+#include <botan/key_constraint.h>
#include <algorithm>
#include <typeinfo>
#include <iterator>
@@ -57,7 +58,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
else
{
std::auto_ptr<Public_Key> key(req.subject_public_key());
- constraints = X509::find_constraints(*key, req.constraints());
+ constraints = find_constraints(*key, req.constraints());
}
Extensions extensions;
diff --git a/src/cert/x509/x509_obj.cpp b/src/cert/x509/x509_obj.cpp
index c58081225..670bd8da6 100644
--- a/src/cert/x509/x509_obj.cpp
+++ b/src/cert/x509/x509_obj.cpp
@@ -168,16 +168,16 @@ std::string X509_Object::hash_used_for_signature() const
/*
* Check the signature on an object
*/
-bool X509_Object::check_signature(Public_Key* pub_key) const
+bool X509_Object::check_signature(const Public_Key* pub_key) const
{
- std::auto_ptr<Public_Key> key(pub_key);
+ std::auto_ptr<const Public_Key> key(pub_key);
return check_signature(*key);
}
/*
* Check the signature on an object
*/
-bool X509_Object::check_signature(Public_Key& pub_key) const
+bool X509_Object::check_signature(const Public_Key& pub_key) const
{
try {
std::vector<std::string> sig_info =
diff --git a/src/cert/x509/x509_obj.h b/src/cert/x509/x509_obj.h
index 570b00f51..e46e72ce3 100644
--- a/src/cert/x509/x509_obj.h
+++ b/src/cert/x509/x509_obj.h
@@ -10,7 +10,7 @@
#include <botan/asn1_obj.h>
#include <botan/pipe.h>
-#include <botan/pubkey_enums.h>
+#include <botan/x509_key.h>
#include <botan/rng.h>
#include <vector>
@@ -62,7 +62,7 @@ class BOTAN_DLL X509_Object
* @param key the public key purportedly used to sign this data
* @return true if the signature is valid, otherwise false
*/
- bool check_signature(class Public_Key& key) const;
+ bool check_signature(const Public_Key& key) const;
/**
* Check the signature on this data
@@ -70,7 +70,7 @@ class BOTAN_DLL X509_Object
* the pointer will be deleted after use
* @return true if the signature is valid, otherwise false
*/
- bool check_signature(class Public_Key* key) const;
+ bool check_signature(const Public_Key* key) const;
/**
* @return BER encoding of this
diff --git a/src/cert/x509/x509cert.h b/src/cert/x509/x509cert.h
index d25b97694..6a4fd6959 100644
--- a/src/cert/x509/x509cert.h
+++ b/src/cert/x509/x509cert.h
@@ -12,7 +12,7 @@
#include <botan/x509_dn.h>
#include <botan/x509_key.h>
#include <botan/datastor.h>
-#include <botan/pubkey_enums.h>
+#include <botan/key_constraint.h>
#include <map>
namespace Botan {
diff --git a/src/pubkey/info.txt b/src/pubkey/info.txt
index 5f36f63c4..c8e618839 100644
--- a/src/pubkey/info.txt
+++ b/src/pubkey/info.txt
@@ -6,7 +6,6 @@ pk_algs.cpp
pk_keys.cpp
pkcs8.cpp
pubkey.cpp
-pubkey_enums.cpp
workfactor.cpp
x509_key.cpp
</source>
@@ -17,7 +16,6 @@ pk_keys.h
pk_ops.h
pkcs8.h
pubkey.h
-pubkey_enums.h
x509_key.h
</header:public>
diff --git a/src/pubkey/x509_key.cpp b/src/pubkey/x509_key.cpp
index 4714b1285..c55f37d94 100644
--- a/src/pubkey/x509_key.cpp
+++ b/src/pubkey/x509_key.cpp
@@ -107,32 +107,6 @@ Public_Key* copy_key(const Public_Key& key)
return X509::load_key(source);
}
-/*
-* Find the allowable key constraints
-*/
-Key_Constraints find_constraints(const Public_Key& pub_key,
- Key_Constraints limits)
- {
- const std::string name = pub_key.algo_name();
-
- size_t constraints = 0;
-
- if(name == "DH" || name == "ECDH")
- constraints |= KEY_AGREEMENT;
-
- if(name == "RSA" || name == "ElGamal")
- constraints |= KEY_ENCIPHERMENT | DATA_ENCIPHERMENT;
-
- if(name == "RSA" || name == "RW" || name == "NR" ||
- name == "DSA" || name == "ECDSA")
- constraints |= DIGITAL_SIGNATURE | NON_REPUDIATION;
-
- if(limits)
- constraints &= limits;
-
- return Key_Constraints(constraints);
- }
-
}
}
diff --git a/src/pubkey/x509_key.h b/src/pubkey/x509_key.h
index 3fdee8cde..13ad7e635 100644
--- a/src/pubkey/x509_key.h
+++ b/src/pubkey/x509_key.h
@@ -10,13 +10,17 @@
#include <botan/pk_keys.h>
#include <botan/alg_id.h>
-#include <botan/pubkey_enums.h>
#include <botan/pipe.h>
#include <string>
namespace Botan {
/**
+* The two types of X509 encoding supported by Botan.
+*/
+enum X509_Encoding { RAW_BER, PEM };
+
+/**
* This namespace contains functions for handling X.509 public keys
*/
namespace X509 {
@@ -64,18 +68,6 @@ BOTAN_DLL Public_Key* load_key(const MemoryRegion<byte>& enc);
BOTAN_DLL Public_Key* copy_key(const Public_Key& key);
/**
-* Create the key constraints for a specific public key.
-* @param pub_key the public key from which the basic set of
-* constraints to be placed in the return value is derived
-* @param limits additional limits that will be incorporated into the
-* return value
-* @return combination of key type specific constraints and
-* additional limits
-*/
-BOTAN_DLL Key_Constraints find_constraints(const Public_Key& pub_key,
- Key_Constraints limits);
-
-/**
* Encode a key into a pipe.
* @deprecated Use PEM_encode or BER_encode instead
*