diff options
-rw-r--r-- | src/cert/cvc/cvc_cert.cpp | 4 | ||||
-rw-r--r-- | src/cert/cvc/cvc_cert.h | 1 | ||||
-rw-r--r-- | src/cert/cvc/cvc_gen_cert.h | 1 | ||||
-rw-r--r-- | src/cert/cvc/cvc_self.cpp | 25 | ||||
-rw-r--r-- | src/cert/cvc/eac_obj.h | 90 | ||||
-rw-r--r-- | src/cert/cvc/signed_obj.cpp | 37 | ||||
-rw-r--r-- | src/cert/cvc/signed_obj.h | 3 |
7 files changed, 66 insertions, 95 deletions
diff --git a/src/cert/cvc/cvc_cert.cpp b/src/cert/cvc/cvc_cert.cpp index b6a141d01..a31981ef5 100644 --- a/src/cert/cvc/cvc_cert.cpp +++ b/src/cert/cvc/cvc_cert.cpp @@ -1,12 +1,12 @@ /* (C) 2007 FlexSecure GmbH - 2008 Jack Lloyd + 2008-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ #include <botan/cvc_cert.h> -#include <botan/ecdsa.h> +#include <botan/oids.h> namespace Botan { diff --git a/src/cert/cvc/cvc_cert.h b/src/cert/cvc/cvc_cert.h index ee6cba79a..6e2966a6f 100644 --- a/src/cert/cvc/cvc_cert.h +++ b/src/cert/cvc/cvc_cert.h @@ -10,6 +10,7 @@ #define BOTAN_CVC_EAC_H__ #include <botan/cvc_gen_cert.h> +#include <botan/ecdsa.h> #include <string> namespace Botan { diff --git a/src/cert/cvc/cvc_gen_cert.h b/src/cert/cvc/cvc_gen_cert.h index 8140cb050..e19bb5e04 100644 --- a/src/cert/cvc/cvc_gen_cert.h +++ b/src/cert/cvc/cvc_gen_cert.h @@ -12,6 +12,7 @@ #include <botan/eac_obj.h> #include <botan/eac_asn_obj.h> #include <botan/ecdsa.h> +#include <botan/pubkey.h> #include <memory> namespace Botan { diff --git a/src/cert/cvc/cvc_self.cpp b/src/cert/cvc/cvc_self.cpp index 017c99b6a..b54b8b4bb 100644 --- a/src/cert/cvc/cvc_self.cpp +++ b/src/cert/cvc/cvc_self.cpp @@ -9,6 +9,8 @@ #include <botan/ecc_key.h> #include <botan/point_gfp.h> #include <botan/time.h> +#include <botan/oids.h> +#include <botan/look_pk.h> #include <sstream> namespace Botan { @@ -81,26 +83,9 @@ std::string padding_and_hash_from_oid(OID const& oid) return padding_and_hash; } -std::string fixed_len_seqnr(u32bit seqnr, u32bit len) - { - std::stringstream ss; - std::string result; - ss << seqnr; - ss >> result; - if (result.size() > len) - { - throw Invalid_Argument("fixed_len_seqnr(): number too high to be encoded in provided length"); - } - while (result.size() < len) - { - result.insert(0,"0"); - } - return result; - } - } -namespace CVC_EAC -{ + +namespace CVC_EAC { EAC1_1_CVC create_self_signed_cert(Private_Key const& key, EAC1_1_CVC_Options const& opt, @@ -276,7 +261,7 @@ EAC1_1_CVC sign_request(EAC1_1_CVC const& signer_cert, throw Invalid_Argument("CVC_EAC::create_self_signed_cert(): unsupported key type"); } std::string chr_str = signee.get_chr().value(); - chr_str.append(fixed_len_seqnr(seqnr, seqnr_len)); + chr_str += to_string(seqnr, seqnr_len); ASN1_Chr chr(chr_str); std::string padding_and_hash = padding_and_hash_from_oid(signee.signature_algorithm().oid); std::auto_ptr<Botan::PK_Signer> pk_signer(get_pk_signer(*priv_key, padding_and_hash)); diff --git a/src/cert/cvc/eac_obj.h b/src/cert/cvc/eac_obj.h index d4f02c530..60da7126e 100644 --- a/src/cert/cvc/eac_obj.h +++ b/src/cert/cvc/eac_obj.h @@ -8,12 +8,8 @@ #ifndef BOTAN_EAC_OBJ_H__ #define BOTAN_EAC_OBJ_H__ -#include <botan/ecdsa_sig.h> #include <botan/signed_obj.h> -#include <botan/look_pk.h> -#include <botan/oids.h> -#include <memory> -#include <string> +#include <botan/ecdsa_sig.h> namespace Botan { @@ -23,84 +19,36 @@ namespace Botan { template<typename Derived> // CRTP is used enable the call sequence: class BOTAN_DLL EAC1_1_obj : public EAC_Signed_Object { - // data members first: - protected: - - ECDSA_Signature m_sig; - - // member functions here: public: /** * Return the signature as a concatenation of the encoded parts. * @result the concatenated signature */ - SecureVector<byte> get_concat_sig() const; + SecureVector<byte> get_concat_sig() const + { return m_sig.get_concatenation(); } - /** - * Verify the signature of this objects. - * @param pub_key the public key to verify the signature with - * @result true if the verification succeeded - */ - virtual bool check_signature(Public_Key& pub_key) const; + bool check_signature(class Public_Key& key) const + { + return EAC_Signed_Object::check_signature(key, m_sig.DER_encode()); + } protected: - void init(DataSource& in); - - virtual ~EAC1_1_obj<Derived>(){} - - }; - -template<typename Derived> -SecureVector<byte> EAC1_1_obj<Derived>::get_concat_sig() const - { - return m_sig.get_concatenation(); - } - -template<typename Derived> -void EAC1_1_obj<Derived>::init(DataSource& in) - { - try - { - Derived::decode_info(in, tbs_bits, m_sig); - } - catch(Decoding_Error) - { - throw Decoding_Error(PEM_label_pref + " decoding failed"); - } - } - -template<typename Derived> -bool EAC1_1_obj<Derived>::check_signature(Public_Key& pub_key) const - { - try - { - std::vector<std::string> sig_info = - split_on(OIDS::lookup(sig_algo.oid), '/'); + ECDSA_Signature m_sig; - if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name()) + void init(DataSource& in) { - return false; + try + { + Derived::decode_info(in, tbs_bits, m_sig); + } + catch(Decoding_Error) + { + throw Decoding_Error(PEM_label_pref + " decoding failed"); + } } - std::string padding = sig_info[1]; - Signature_Format format = - (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363; - - if(!dynamic_cast<PK_Verifying_wo_MR_Key*>(&pub_key)) - return false; - - SecureVector<byte> seq_sig = m_sig.DER_encode(); - SecureVector<byte> to_sign = tbs_data(); - - PK_Verifying_wo_MR_Key& sig_key = dynamic_cast<PK_Verifying_wo_MR_Key&>(pub_key); - std::auto_ptr<PK_Verifier> verifier(get_pk_verifier(sig_key, padding, format)); - return verifier->verify_message(to_sign, seq_sig); - } - catch(...) - { - return false; - } - } + virtual ~EAC1_1_obj<Derived>(){} + }; } diff --git a/src/cert/cvc/signed_obj.cpp b/src/cert/cvc/signed_obj.cpp index 022d0fa5f..31a158dd4 100644 --- a/src/cert/cvc/signed_obj.cpp +++ b/src/cert/cvc/signed_obj.cpp @@ -1,12 +1,15 @@ /* * EAC SIGNED Object -* (C) 1999-2007 Jack Lloyd +* (C) 1999-2010 Jack Lloyd * 2007 FlexSecure GmbH * * Distributed under the terms of the Botan license */ #include <botan/signed_obj.h> +#include <botan/look_pk.h> +#include <botan/oids.h> +#include <memory> namespace Botan { @@ -42,6 +45,38 @@ AlgorithmIdentifier EAC_Signed_Object::signature_algorithm() const return sig_algo; } +bool EAC_Signed_Object::check_signature(Public_Key& pub_key, + const MemoryRegion<byte>& sig) const + { + try + { + std::vector<std::string> sig_info = + split_on(OIDS::lookup(sig_algo.oid), '/'); + + if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name()) + { + return false; + } + + std::string padding = sig_info[1]; + Signature_Format format = + (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363; + + if(!dynamic_cast<PK_Verifying_wo_MR_Key*>(&pub_key)) + return false; + + SecureVector<byte> to_sign = tbs_data(); + + PK_Verifying_wo_MR_Key& sig_key = dynamic_cast<PK_Verifying_wo_MR_Key&>(pub_key); + std::auto_ptr<PK_Verifier> verifier(get_pk_verifier(sig_key, padding, format)); + return verifier->verify_message(to_sign, sig); + } + catch(...) + { + return false; + } + } + /* * Try to decode the actual information */ diff --git a/src/cert/cvc/signed_obj.h b/src/cert/cvc/signed_obj.h index 17b75a08a..0e7dd6bdb 100644 --- a/src/cert/cvc/signed_obj.h +++ b/src/cert/cvc/signed_obj.h @@ -53,7 +53,8 @@ class BOTAN_DLL EAC_Signed_Object * @return true if the signature was created by the private key * associated with this public key */ - virtual bool check_signature(class Public_Key&) const = 0; + bool check_signature(class Public_Key& key, + const MemoryRegion<byte>& sig) const; /** * Write this object DER encoded into a specified pipe. |