diff options
author | Jack Lloyd <[email protected]> | 2017-12-19 01:18:40 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2017-12-19 01:33:40 -0500 |
commit | afabd4a6b33336815614288f01b80bcbf31ba79c (patch) | |
tree | bae42c4560c37f8090f6658eefc45bac77eb7b13 /src/lib/x509 | |
parent | ac754772afbf7be397f8631ebbb3d2921b0a7753 (diff) |
Add accessors to ASN1_Attribute and AlgorithmIdentifier
Diffstat (limited to 'src/lib/x509')
-rw-r--r-- | src/lib/x509/ocsp.cpp | 2 | ||||
-rw-r--r-- | src/lib/x509/ocsp_types.cpp | 2 | ||||
-rw-r--r-- | src/lib/x509/pkcs10.cpp | 10 | ||||
-rw-r--r-- | src/lib/x509/x509_ca.cpp | 4 | ||||
-rw-r--r-- | src/lib/x509/x509_obj.cpp | 18 | ||||
-rw-r--r-- | src/lib/x509/x509cert.cpp | 8 |
6 files changed, 23 insertions, 21 deletions
diff --git a/src/lib/x509/ocsp.cpp b/src/lib/x509/ocsp.cpp index 6d8d66687..5a98b7495 100644 --- a/src/lib/x509/ocsp.cpp +++ b/src/lib/x509/ocsp.cpp @@ -148,7 +148,7 @@ Certificate_Status_Code Response::verify_signature(const X509_Certificate& issue std::unique_ptr<Public_Key> pub_key(issuer.subject_public_key()); const std::vector<std::string> sig_info = - split_on(OIDS::lookup(m_sig_algo.oid), '/'); + split_on(OIDS::lookup(m_sig_algo.get_oid()), '/'); if(sig_info.size() != 2 || sig_info[0] != pub_key->algo_name()) return Certificate_Status_Code::OCSP_RESPONSE_INVALID; diff --git a/src/lib/x509/ocsp_types.cpp b/src/lib/x509/ocsp_types.cpp index d09681fcd..353cb100a 100644 --- a/src/lib/x509/ocsp_types.cpp +++ b/src/lib/x509/ocsp_types.cpp @@ -39,7 +39,7 @@ bool CertID::is_id_for(const X509_Certificate& issuer, if(BigInt::decode(subject.serial_number()) != m_subject_serial) return false; - std::unique_ptr<HashFunction> hash(HashFunction::create(OIDS::lookup(m_hash_id.oid))); + std::unique_ptr<HashFunction> hash(HashFunction::create(OIDS::lookup(m_hash_id.get_oid()))); if(m_issuer_dn_hash != unlock(hash->process(subject.raw_issuer_dn()))) return false; diff --git a/src/lib/x509/pkcs10.cpp b/src/lib/x509/pkcs10.cpp index 1f7e915ff..b1543e398 100644 --- a/src/lib/x509/pkcs10.cpp +++ b/src/lib/x509/pkcs10.cpp @@ -90,21 +90,23 @@ std::unique_ptr<PKCS10_Data> decode_pkcs10(const std::vector<uint8_t>& body) { Attribute attr; attributes.decode(attr); - BER_Decoder value(attr.parameters); - if(attr.oid == OIDS::lookup("PKCS9.EmailAddress")) + const OID& oid = attr.get_oid(); + BER_Decoder value(attr.get_parameters()); + + if(oid == OIDS::lookup("PKCS9.EmailAddress")) { ASN1_String email; value.decode(email); pkcs9_email.insert(email.value()); } - else if(attr.oid == OIDS::lookup("PKCS9.ChallengePassword")) + else if(oid == OIDS::lookup("PKCS9.ChallengePassword")) { ASN1_String challenge_password; value.decode(challenge_password); data->m_challenge = challenge_password.value(); } - else if(attr.oid == OIDS::lookup("PKCS9.ExtensionRequest")) + else if(oid == OIDS::lookup("PKCS9.ExtensionRequest")) { value.decode(data->m_extensions).verify_end(); } diff --git a/src/lib/x509/x509_ca.cpp b/src/lib/x509/x509_ca.cpp index 22fb8ce80..0a470762f 100644 --- a/src/lib/x509/x509_ca.cpp +++ b/src/lib/x509/x509_ca.cpp @@ -273,8 +273,8 @@ PK_Signer* choose_sig_format(const Private_Key& key, padding = padding + "(" + hash->name() + ")"; - sig_algo.oid = OIDS::lookup(algo_name + "/" + padding); - sig_algo.parameters = key.algorithm_identifier().parameters; + sig_algo = AlgorithmIdentifier(OIDS::lookup(algo_name + "/" + padding), + key.algorithm_identifier().get_parameters()); return new PK_Signer(key, rng, padding, format); } diff --git a/src/lib/x509/x509_obj.cpp b/src/lib/x509/x509_obj.cpp index 4450df7bb..309bdb1f9 100644 --- a/src/lib/x509/x509_obj.cpp +++ b/src/lib/x509/x509_obj.cpp @@ -40,7 +40,7 @@ Pss_params decode_pss_params(const std::vector<uint8_t>& encoded_pss_params) .decode_optional(pss_parameter.trailer_field, ASN1_Tag(3), PRIVATE, size_t(1)) .end_cons(); - BER_Decoder(pss_parameter.mask_gen_algo.parameters).decode(pss_parameter.mask_gen_hash); + BER_Decoder(pss_parameter.mask_gen_algo.get_parameters()).decode(pss_parameter.mask_gen_hash); return pss_parameter; } @@ -147,7 +147,7 @@ std::vector<uint8_t> X509_Object::tbs_data() const */ std::string X509_Object::hash_used_for_signature() const { - const OID oid = m_sig_algo.oid; + const OID& oid = m_sig_algo.get_oid(); std::vector<std::string> sig_info = split_on(OIDS::lookup(oid), '/'); if(sig_info.size() != 2) @@ -156,7 +156,7 @@ std::string X509_Object::hash_used_for_signature() const if(sig_info[1] == "EMSA4") { - return OIDS::lookup(decode_pss_params(signature_algorithm().parameters).hash_algo.oid); + return OIDS::lookup(decode_pss_params(signature_algorithm().get_parameters()).hash_algo.get_oid()); } else { @@ -190,7 +190,7 @@ bool X509_Object::check_signature(const Public_Key& pub_key) const { try { std::vector<std::string> sig_info = - split_on(OIDS::lookup(m_sig_algo.oid), '/'); + split_on(OIDS::lookup(m_sig_algo.get_oid()), '/'); if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name()) return false; @@ -202,22 +202,22 @@ bool X509_Object::check_signature(const Public_Key& pub_key) const if(padding == "EMSA4") { // "MUST contain RSASSA-PSS-params" - if(signature_algorithm().parameters.empty()) + if(signature_algorithm().get_parameters().empty()) { return false; } - Pss_params pss_parameter = decode_pss_params(signature_algorithm().parameters); + Pss_params pss_parameter = decode_pss_params(signature_algorithm().get_parameters()); // hash_algo must be SHA1, SHA2-224, SHA2-256, SHA2-384 or SHA2-512 - std::string hash_algo = OIDS::lookup(pss_parameter.hash_algo.oid); + std::string hash_algo = OIDS::lookup(pss_parameter.hash_algo.get_oid()); if(hash_algo != "SHA-160" && hash_algo != "SHA-224" && hash_algo != "SHA-256" && hash_algo != "SHA-384" && hash_algo != "SHA-512") { return false; } - std::string mgf_algo = OIDS::lookup(pss_parameter.mask_gen_algo.oid); + std::string mgf_algo = OIDS::lookup(pss_parameter.mask_gen_algo.get_oid()); if(mgf_algo != "MGF1") { return false; @@ -225,7 +225,7 @@ bool X509_Object::check_signature(const Public_Key& pub_key) const // For MGF1, it is strongly RECOMMENDED that the underlying hash function be the same as the one identified by hashAlgorithm // Must be SHA1, SHA2-224, SHA2-256, SHA2-384 or SHA2-512 - if(pss_parameter.mask_gen_hash.oid != pss_parameter.hash_algo.oid) + if(pss_parameter.mask_gen_hash.get_oid() != pss_parameter.hash_algo.get_oid()) { return false; } diff --git a/src/lib/x509/x509cert.cpp b/src/lib/x509/x509cert.cpp index 1370d52b0..da691452b 100644 --- a/src/lib/x509/x509cert.cpp +++ b/src/lib/x509/x509cert.cpp @@ -131,7 +131,7 @@ std::unique_ptr<X509_Certificate_Data> parse_x509_cert_body(const X509_Object& o BER_Decoder(public_key.value).decode(public_key_alg_id).discard_remaining(); std::vector<std::string> public_key_info = - split_on(OIDS::oid2str(public_key_alg_id.oid), '/'); + split_on(OIDS::oid2str(public_key_alg_id.get_oid()), '/'); if(!public_key_info.empty() && public_key_info[0] == "RSA") { @@ -167,7 +167,7 @@ std::unique_ptr<X509_Certificate_Data> parse_x509_cert_body(const X509_Object& o else { // oid = rsaEncryption -> parameters field MUST contain NULL - if(public_key_alg_id != AlgorithmIdentifier(public_key_alg_id.oid, AlgorithmIdentifier::USE_NULL_PARAM)) + if(public_key_alg_id != AlgorithmIdentifier(public_key_alg_id.get_oid(), AlgorithmIdentifier::USE_NULL_PARAM)) { throw Decoding_Error("Parameters field MUST contain NULL"); } @@ -801,7 +801,7 @@ std::string X509_Certificate::to_string() const out << "CRL " << crl_distribution_point() << "\n"; out << "Signature algorithm: " << - OIDS::oid2str(this->signature_algorithm().oid) << "\n"; + OIDS::oid2str(this->signature_algorithm().get_oid()) << "\n"; out << "Serial number: " << hex_encode(this->serial_number()) << "\n"; @@ -820,7 +820,7 @@ std::string X509_Certificate::to_string() const catch(Decoding_Error&) { const AlgorithmIdentifier& alg_id = this->subject_public_key_algo(); - out << "Failed to decode key with oid " << alg_id.oid.as_string() << "\n"; + out << "Failed to decode key with oid " << alg_id.get_oid().as_string() << "\n"; } return out.str(); |