diff options
author | lloyd <[email protected]> | 2008-10-08 20:40:40 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2008-10-08 20:40:40 +0000 |
commit | 0ffb4257258df236dc469ef086b1871fe7b5afba (patch) | |
tree | 8cad23bb8bdf1db1f4d7e6a19eb23d6c1ef2e4ae /src/cert/cvc/cvc_self.h | |
parent | fa7aa7f8dc857bae547fe6981fa6fc2b065b2004 (diff) |
Many improvements towards getting the CVC implementation from InSiTo
compiling against mainline. Add several missing classes extracted from
other files inside InSiTo. Add dependency note for ecdsa and asn1
Diffstat (limited to 'src/cert/cvc/cvc_self.h')
-rw-r--r-- | src/cert/cvc/cvc_self.h | 235 |
1 files changed, 117 insertions, 118 deletions
diff --git a/src/cert/cvc/cvc_self.h b/src/cert/cvc/cvc_self.h index 7caa96832..c2eaf9737 100644 --- a/src/cert/cvc/cvc_self.h +++ b/src/cert/cvc/cvc_self.h @@ -1,148 +1,147 @@ /************************************************* -* X.509 Self-Signed Certificate Header File * -* (C) 1999-2007 The Botan Project * +* CVC Self-Signed Certificate Header File * +* (C) 2007 FlexSecure GmbH * +* 2008 Jack Lloyd * *************************************************/ #ifndef BOTAN_CVC_EAC_SELF_H__ #define BOTAN_CVC_EAC_SELF_H__ -#include <botan/x509cert.h> #include <botan/pkcs8.h> #include <botan/pkcs10.h> #include <botan/cvc_cert.h> -#include <botan/ec.h> +#include <botan/ecdsa.h> #include <botan/asn1_obj.h> #include <botan/cvc_req.h> #include <botan/cvc_ado.h> -namespace Botan - { - /** - * This class represents a set of options used for the creation of CVC certificates - */ - class EAC1_1_CVC_Options - { - public: +namespace Botan { - ASN1_Car car; - ASN1_Chr chr; - byte holder_auth_templ; - ASN1_Ced ced; - ASN1_Cex cex; - std::string hash_alg; - }; +/** +* This class represents a set of options used for the creation of CVC certificates +*/ +class EAC1_1_CVC_Options + { + public: + + ASN1_Car car; + ASN1_Chr chr; + byte holder_auth_templ; + ASN1_Ced ced; + ASN1_Cex cex; + std::string hash_alg; + }; /** * This namespace represents general EAC 1.1 convenience functions. */ - namespace CVC_EAC - { +namespace CVC_EAC +{ - /** - * Create a selfsigned CVCA - * @param key the ECDSA private key to be used to sign the certificate - * @param opts used to set several parameters. Necessary are: - * car, holder_auth_templ, hash_alg, ced, cex and hash_alg - * @result the self signed certificate - */ +/** +* Create a selfsigned CVCA +* @param key the ECDSA private key to be used to sign the certificate +* @param opts used to set several parameters. Necessary are: +* car, holder_auth_templ, hash_alg, ced, cex and hash_alg +* @result the self signed certificate +*/ EAC1_1_CVC create_self_signed_cert(Private_Key const& key, - EAC1_1_CVC_Options const& opts); - /** - * Create a CVC request. The key encoding will be according to the provided private key. - * @param priv_key the private key associated with the requesting entity - * @param chr the chr to appear in the certificate (to be provided without - * sequence number) - * @param hash_alg the string defining the hash algorithm to be used for the creation - * of the signature - * @result the new request - */ - EAC1_1_Req create_cvc_req(Private_Key const& priv_key, - ASN1_Chr const& chr, - std::string const& hash_alg); + EAC1_1_CVC_Options const& opts); +/** +* Create a CVC request. The key encoding will be according to the provided private key. +* @param priv_key the private key associated with the requesting entity +* @param chr the chr to appear in the certificate (to be provided without +* sequence number) +* @param hash_alg the string defining the hash algorithm to be used for the creation +* of the signature +* @result the new request +*/ +EAC1_1_Req create_cvc_req(Private_Key const& priv_key, + ASN1_Chr const& chr, + std::string const& hash_alg); - /** - * Create an ADO from a request object. - * @param priv_key the private key used to sign the ADO - * @param req the request forming the body of the ADO - * @param car the CAR forming the body of the ADO, i.e. the - * CHR of the entity associated with the provided private key - */ - EAC1_1_ADO create_ado_req(Private_Key const& priv_key, - EAC1_1_Req const& req, - ASN1_Car const& car); - } +/** +* Create an ADO from a request object. +* @param priv_key the private key used to sign the ADO +* @param req the request forming the body of the ADO +* @param car the CAR forming the body of the ADO, i.e. the +* CHR of the entity associated with the provided private key +*/ +EAC1_1_ADO create_ado_req(Private_Key const& priv_key, + EAC1_1_Req const& req, + ASN1_Car const& car); +} /** * This namespace represents EAC 1.1 CVC convenience functions following the specific german * requirements. */ - namespace DE_EAC - { - /** - * Create a CVCA certificate. - * @param priv_key the private key associated with the CVCA certificate - * to be created - * @param hash the string identifying the hash algorithm to be used - * for signing the certificate to be created - * @param car the CAR of the certificate to be created - * @param iris indicates whether the entity associated with the certificate - * shall be entitled to read the biometrical iris image - * @param fingerpr indicates whether the entity associated with the certificate - * shall be entitled to read the biometrical fingerprint image - * @result the CVCA certificate created - */ - EAC1_1_CVC create_cvca(Private_Key const& priv_key, - std::string const& hash, - ASN1_Car const& car, - bool iris, - bool fingerpr); - - /** - * Create a link certificate between two CVCA certificates. The key - * encoding will be implicitCA. - * @param signer the cvca certificate associated with the signing - * entity - * @param priv_key the private key associated with the signer - * @param to_be_signed the certificate which whose CAR/CHR will be - * the holder of the link certificate - */ - EAC1_1_CVC link_cvca(EAC1_1_CVC const& signer, - Private_Key const& priv_key, - EAC1_1_CVC const& to_be_signed); +namespace DE_EAC +{ +/** +* Create a CVCA certificate. +* @param priv_key the private key associated with the CVCA certificate +* to be created +* @param hash the string identifying the hash algorithm to be used +* for signing the certificate to be created +* @param car the CAR of the certificate to be created +* @param iris indicates whether the entity associated with the certificate +* shall be entitled to read the biometrical iris image +* @param fingerpr indicates whether the entity associated with the certificate +* shall be entitled to read the biometrical fingerprint image +* @result the CVCA certificate created +*/ +EAC1_1_CVC create_cvca(Private_Key const& priv_key, + std::string const& hash, + ASN1_Car const& car, + bool iris, + bool fingerpr); - /** - * Create a CVC request. The key encoding will be implicitCA. - * @param priv_key the private key associated with the requesting entity - * @param chr the chr to appear in the certificate (to be provided without - * sequence number) - * @param hash_alg the string defining the hash algorithm to be used for the creation - * of the signature - * @result the new request - */ - EAC1_1_Req create_cvc_req(Private_Key const& priv_key, - ASN1_Chr const& chr, - std::string const& hash_alg); - /** - * Sign a CVC request. - * @param signer_cert the certificate of the signing entity - * @param priv_key the private key of the signing entity - * @param req the request to be signed - * @param seqnr the sequence number of the certificate to be created - * @param seqnr_len the number of digits the sequence number will be - * encoded in - * @param domestic indicates whether to sign a domestic or a foreign certificate: - * set to true for domestic - * @result the new certificate - * - **/ - EAC1_1_CVC sign_request(EAC1_1_CVC const& signer_cert, - Private_Key const& priv_key, - EAC1_1_Req const& req, - u32bit seqnr, - u32bit seqnr_len, - bool domestic); - } +/** +* Create a link certificate between two CVCA certificates. The key +* encoding will be implicitCA. +* @param signer the cvca certificate associated with the signing +* entity +* @param priv_key the private key associated with the signer +* @param to_be_signed the certificate which whose CAR/CHR will be +* the holder of the link certificate +*/ +EAC1_1_CVC link_cvca(EAC1_1_CVC const& signer, + Private_Key const& priv_key, + EAC1_1_CVC const& to_be_signed); +/** +* Create a CVC request. The key encoding will be implicitCA. +* @param priv_key the private key associated with the requesting entity +* @param chr the chr to appear in the certificate (to be provided without +* sequence number) +* @param hash_alg the string defining the hash algorithm to be used for the creation +* of the signature +* @result the new request +*/ +EAC1_1_Req create_cvc_req(Private_Key const& priv_key, + ASN1_Chr const& chr, + std::string const& hash_alg); +/** +* Sign a CVC request. +* @param signer_cert the certificate of the signing entity +* @param priv_key the private key of the signing entity +* @param req the request to be signed +* @param seqnr the sequence number of the certificate to be created +* @param seqnr_len the number of digits the sequence number will be +* encoded in +* @param domestic indicates whether to sign a domestic or a foreign certificate: +* set to true for domestic +* @result the new certificate +* +**/ +EAC1_1_CVC sign_request(EAC1_1_CVC const& signer_cert, + Private_Key const& priv_key, + EAC1_1_Req const& req, + u32bit seqnr, + u32bit seqnr_len, + bool domestic); +} - } +} #endif |