diff options
| -rw-r--r-- | include/pem.h | 6 | ||||
| -rw-r--r-- | src/pem.cpp | 27 | ||||
| -rw-r--r-- | src/policy.cpp | 4 |
3 files changed, 13 insertions, 24 deletions
diff --git a/include/pem.h b/include/pem.h index b076995d7..1d873d238 100644 --- a/include/pem.h +++ b/include/pem.h @@ -15,12 +15,12 @@ namespace PEM_Code { /************************************************* * PEM Encoding/Decoding * *************************************************/ -std::string encode(const byte[], u32bit, const std::string&); -std::string encode(const MemoryRegion<byte>&, const std::string&); +std::string encode(const byte[], u32bit, const std::string&, u32bit = 64); +std::string encode(const MemoryRegion<byte>&, const std::string&, u32bit = 64); SecureVector<byte> decode(DataSource&, std::string&); SecureVector<byte> decode_check_label(DataSource&, const std::string&); -bool matches(DataSource&, const std::string& = ""); +bool matches(DataSource&, const std::string& = "", u32bit search_range = 4096); } diff --git a/src/pem.cpp b/src/pem.cpp index 028ab90f4..fb0be6fd5 100644 --- a/src/pem.cpp +++ b/src/pem.cpp @@ -4,7 +4,6 @@ *************************************************/ #include <botan/pem.h> -#include <botan/config.h> #include <botan/filters.h> #include <botan/parsing.h> @@ -15,17 +14,13 @@ namespace PEM_Code { /************************************************* * PEM encode BER/DER-encoded objects * *************************************************/ -std::string encode(const byte der[], u32bit length, const std::string& label) +std::string encode(const byte der[], u32bit length, const std::string& label, + u32bit width) { - const u32bit PEM_WIDTH = global_config().option_as_u32bit("pem/width"); - - if(PEM_WIDTH < 50 || PEM_WIDTH > 76) - throw Encoding_Error("PEM: Invalid line width " + to_string(PEM_WIDTH)); - const std::string PEM_HEADER = "-----BEGIN " + label + "-----\n"; const std::string PEM_TRAILER = "-----END " + label + "-----\n"; - Pipe pipe(new Base64_Encoder(true, PEM_WIDTH)); + Pipe pipe(new Base64_Encoder(true, width)); pipe.process_msg(der, length); return (PEM_HEADER + pipe.read_all_as_string() + PEM_TRAILER); } @@ -33,9 +28,10 @@ std::string encode(const byte der[], u32bit length, const std::string& label) /************************************************* * PEM encode BER/DER-encoded objects * *************************************************/ -std::string encode(const MemoryRegion<byte>& data, const std::string& label) +std::string encode(const MemoryRegion<byte>& data, const std::string& label, + u32bit width) { - return encode(data, data.size(), label); + return encode(data, data.size(), label, width); } /************************************************* @@ -57,8 +53,7 @@ SecureVector<byte> decode_check_label(DataSource& source, *************************************************/ SecureVector<byte> decode(DataSource& source, std::string& label) { - const u32bit RANDOM_CHAR_LIMIT = - global_config().option_as_u32bit("pem/forgive"); + const u32bit RANDOM_CHAR_LIMIT = 8; const std::string PEM_HEADER1 = "-----BEGIN "; const std::string PEM_HEADER2 = "-----"; @@ -116,14 +111,12 @@ SecureVector<byte> decode(DataSource& source, std::string& label) /************************************************* * Search for a PEM signature * *************************************************/ -bool matches(DataSource& source, const std::string& extra) +bool matches(DataSource& source, const std::string& extra, + u32bit search_range) { - const u32bit PEM_SEARCH_RANGE = - global_config().option_as_u32bit("pem/search"); - const std::string PEM_HEADER = "-----BEGIN " + extra; - SecureVector<byte> search_buf(PEM_SEARCH_RANGE); + SecureVector<byte> search_buf(search_range); u32bit got = source.peek(search_buf, search_buf.size(), 0); if(got < PEM_HEADER.length()) diff --git a/src/policy.cpp b/src/policy.cpp index ac81f43b0..9adb8e6b5 100644 --- a/src/policy.cpp +++ b/src/policy.cpp @@ -223,10 +223,6 @@ void set_default_config(Config& config) config.set_option("pk/test/private", "basic"); config.set_option("pk/test/private_gen", "all"); - config.set_option("pem/search", "4*1024"); - config.set_option("pem/forgive", "8"); - config.set_option("pem/width", "64"); - config.set_option("rng/ms_capi_prov_type", "INTEL_SEC:RSA_FULL"); config.set_option("rng/unix_path", "/bin:/sbin:/usr/bin:/usr/sbin"); config.set_option("rng/es_files", "/dev/random:/dev/srandom:/dev/urandom"); |