diff options
-rw-r--r-- | checks/x509.cpp | 37 | ||||
-rw-r--r-- | include/dh.h | 4 | ||||
-rw-r--r-- | include/dl_algo.h | 6 | ||||
-rw-r--r-- | include/dsa.h | 2 | ||||
-rw-r--r-- | include/elgamal.h | 2 | ||||
-rw-r--r-- | include/if_algo.h | 2 | ||||
-rw-r--r-- | include/nr.h | 2 | ||||
-rw-r--r-- | include/pk_keys.h | 48 | ||||
-rw-r--r-- | include/pkcs8.h | 11 | ||||
-rw-r--r-- | include/x509_key.h | 13 | ||||
-rw-r--r-- | include/x509_obj.h | 2 | ||||
-rw-r--r-- | include/x509stor.h | 1 | ||||
-rw-r--r-- | src/dh.cpp | 21 | ||||
-rw-r--r-- | src/dsa.cpp | 13 | ||||
-rw-r--r-- | src/elgamal.cpp | 13 | ||||
-rw-r--r-- | src/if_algo.cpp | 9 | ||||
-rw-r--r-- | src/nr.cpp | 13 | ||||
-rw-r--r-- | src/pk_keys.cpp | 8 | ||||
-rw-r--r-- | src/rsa.cpp | 4 | ||||
-rw-r--r-- | src/rw.cpp | 4 | ||||
-rw-r--r-- | src/x509_key.cpp | 27 | ||||
-rw-r--r-- | src/x509find.cpp | 22 |
22 files changed, 130 insertions, 134 deletions
diff --git a/checks/x509.cpp b/checks/x509.cpp index b42071af6..6c1ab0f16 100644 --- a/checks/x509.cpp +++ b/checks/x509.cpp @@ -1,3 +1,5 @@ + +#include <botan/filters.h> #include <botan/x509self.h> #include <botan/x509stor.h> #include <botan/x509_ca.h> @@ -7,11 +9,36 @@ using namespace Botan; #include <iostream> +#include <memory> X509_Cert_Options ca_opts(); X509_Cert_Options req_opts1(); X509_Cert_Options req_opts2(); +u64bit key_id(const X509_PublicKey* key) + { + std::auto_ptr<X509_Encoder> encoder(key->x509_encoder()); + if(!encoder.get()) + throw Internal_Error("X509_PublicKey:key_id: No encoder found"); + + Pipe pipe(new Hash_Filter("SHA-1", 8)); + pipe.start_msg(); + pipe.write(key->algo_name()); + pipe.write(encoder->alg_id().parameters); + pipe.write(encoder->key_bits()); + pipe.end_msg(); + + SecureVector<byte> output = pipe.read_all(); + + if(output.size() != 8) + throw Internal_Error("X509_PublicKey::key_id: Incorrect output size"); + + u64bit id = 0; + for(u32bit j = 0; j != 8; ++j) + id = (id << 8) | output[j]; + return id; + } + u32bit check_against_copy(const PKCS8_PrivateKey& orig) { PKCS8_PrivateKey* copy_priv = PKCS8::copy_key(orig); @@ -21,10 +48,10 @@ u32bit check_against_copy(const PKCS8_PrivateKey& orig) DataSource_Memory enc_source(PKCS8::PEM_encode(orig, passphrase)); PKCS8_PrivateKey* copy_priv_enc = PKCS8::load_key(enc_source, passphrase); - u64bit orig_id = orig.key_id(); - u64bit pub_id = copy_pub->key_id(); - u64bit priv_id = copy_priv->key_id(); - u64bit priv_enc_id = copy_priv_enc->key_id(); + u64bit orig_id = key_id(&orig); + u64bit pub_id = key_id(copy_pub); + u64bit priv_id = key_id(copy_priv); + u64bit priv_enc_id = key_id(copy_priv_enc); delete copy_pub; delete copy_priv; @@ -32,7 +59,7 @@ u32bit check_against_copy(const PKCS8_PrivateKey& orig) if(orig_id != pub_id || orig_id != priv_id || orig_id != priv_enc_id) { - printf("FAILED!!\n"); + std::cout << "Failed copy check\n"; return 1; } return 0; diff --git a/include/dh.h b/include/dh.h index f30033d9d..3bf2f1c24 100644 --- a/include/dh.h +++ b/include/dh.h @@ -18,6 +18,8 @@ class DH_PublicKey : public virtual DL_Scheme_PublicKey { public: MemoryVector<byte> public_value() const; + u32bit max_input_bits() const; + DH_PublicKey(const DL_Group&, const BigInt&); protected: std::string algo_name() const { return "DH"; } @@ -46,7 +48,7 @@ class DH_PrivateKey : public DH_PublicKey, DH_PrivateKey(const DL_Group&, const BigInt&, const BigInt& = 0); private: friend PKCS8_PrivateKey* get_private_key(const std::string&); - void PKCS8_load_hook(); + void PKCS8_load_hook(bool = false); DH_PrivateKey() {} DH_Core core; diff --git a/include/dl_algo.h b/include/dl_algo.h index b72b3df42..5a12370f6 100644 --- a/include/dl_algo.h +++ b/include/dl_algo.h @@ -15,7 +15,7 @@ namespace Botan { /************************************************* * DL Public Key * *************************************************/ -class DL_Scheme_PublicKey : public virtual X509_PublicKey +class DL_Scheme_PublicKey : public virtual Public_Key { public: bool check_key(bool) const; @@ -43,7 +43,7 @@ class DL_Scheme_PublicKey : public virtual X509_PublicKey * DL Private Key * *************************************************/ class DL_Scheme_PrivateKey : public virtual DL_Scheme_PublicKey, - public virtual PKCS8_PrivateKey + public virtual Private_Key { public: bool check_key(bool) const; @@ -56,7 +56,7 @@ class DL_Scheme_PrivateKey : public virtual DL_Scheme_PublicKey, private: PKCS8_Encoder* pkcs8_encoder() const; PKCS8_Decoder* pkcs8_decoder(); - virtual void PKCS8_load_hook() {} + virtual void PKCS8_load_hook(bool = false) {} }; } diff --git a/include/dsa.h b/include/dsa.h index f2f630e7c..28e2eefbf 100644 --- a/include/dsa.h +++ b/include/dsa.h @@ -51,7 +51,7 @@ class DSA_PrivateKey : public DSA_PublicKey, DSA_PrivateKey(const DL_Group&, const BigInt&, const BigInt& = 0); private: friend PKCS8_PrivateKey* get_private_key(const std::string&); - void PKCS8_load_hook(); + void PKCS8_load_hook(bool = false); DSA_PrivateKey() {} }; diff --git a/include/elgamal.h b/include/elgamal.h index 3731e8f1b..f3ba15bba 100644 --- a/include/elgamal.h +++ b/include/elgamal.h @@ -50,7 +50,7 @@ class ElGamal_PrivateKey : public ElGamal_PublicKey, ElGamal_PrivateKey(const DL_Group&, const BigInt&, const BigInt& = 0); private: friend PKCS8_PrivateKey* get_private_key(const std::string&); - void PKCS8_load_hook(); + void PKCS8_load_hook(bool = false); ElGamal_PrivateKey() {} }; diff --git a/include/if_algo.h b/include/if_algo.h index 02f8763d8..550d07440 100644 --- a/include/if_algo.h +++ b/include/if_algo.h @@ -50,7 +50,7 @@ class IF_Scheme_PrivateKey : public virtual IF_Scheme_PublicKey, virtual ~IF_Scheme_PrivateKey() {} protected: - virtual void PKCS8_load_hook(); + virtual void PKCS8_load_hook(bool = false); BigInt d, p, q, d1, d2, c; private: PKCS8_Encoder* pkcs8_encoder() const; diff --git a/include/nr.h b/include/nr.h index 14749a6b5..a48985ff6 100644 --- a/include/nr.h +++ b/include/nr.h @@ -51,7 +51,7 @@ class NR_PrivateKey : public NR_PublicKey, NR_PrivateKey(const DL_Group&, const BigInt&, const BigInt& = 0); private: friend PKCS8_PrivateKey* get_private_key(const std::string&); - void PKCS8_load_hook(); + void PKCS8_load_hook(bool = false); NR_PrivateKey() {} }; diff --git a/include/pk_keys.h b/include/pk_keys.h index 96fb2051e..d1f6a2204 100644 --- a/include/pk_keys.h +++ b/include/pk_keys.h @@ -12,29 +12,44 @@ namespace Botan { /************************************************* -* Generic PK Key * +* Public Key Base Class * *************************************************/ -class PK_Key +class Public_Key { public: virtual std::string algo_name() const = 0; - virtual OID get_oid() const; - virtual u32bit max_input_bits() const { return 0; } + virtual bool check_key(bool) const { return true; } virtual u32bit message_parts() const { return 1; } virtual u32bit message_part_size() const { return 0; } - virtual ~PK_Key() {} + virtual u32bit max_input_bits() const = 0; + + virtual class X509_Encoder* x509_encoder() const { return 0; } + virtual class X509_Decoder* x509_decoder() { return 0; } + + virtual ~Public_Key() {} protected: - void check_loaded_public() const; - void check_loaded_private() const; - void check_generated_private() const; + virtual void load_check() const; + }; + +/************************************************* +* Private Key Base Class * +*************************************************/ +class Private_Key : public virtual Public_Key + { + public: + virtual class PKCS8_Encoder* pkcs8_encoder() const { return 0; } + virtual class PKCS8_Decoder* pkcs8_decoder() { return 0; } + protected: + void load_check() const; + void gen_check() const; }; /************************************************* * PK Encrypting Key * *************************************************/ -class PK_Encrypting_Key : public virtual PK_Key +class PK_Encrypting_Key : public virtual Public_Key { public: virtual SecureVector<byte> encrypt(const byte[], u32bit) const = 0; @@ -44,7 +59,7 @@ class PK_Encrypting_Key : public virtual PK_Key /************************************************* * PK Decrypting Key * *************************************************/ -class PK_Decrypting_Key : public virtual PK_Key +class PK_Decrypting_Key : public virtual Private_Key { public: virtual SecureVector<byte> decrypt(const byte[], u32bit) const = 0; @@ -54,7 +69,7 @@ class PK_Decrypting_Key : public virtual PK_Key /************************************************* * PK Signing Key * *************************************************/ -class PK_Signing_Key : public virtual PK_Key +class PK_Signing_Key : public virtual Private_Key { public: virtual SecureVector<byte> sign(const byte[], u32bit) const = 0; @@ -64,7 +79,7 @@ class PK_Signing_Key : public virtual PK_Key /************************************************* * PK Verifying Key, Message Recovery Version * *************************************************/ -class PK_Verifying_with_MR_Key : public virtual PK_Key +class PK_Verifying_with_MR_Key : public virtual Public_Key { public: virtual SecureVector<byte> verify(const byte[], u32bit) const = 0; @@ -74,7 +89,7 @@ class PK_Verifying_with_MR_Key : public virtual PK_Key /************************************************* * PK Verifying Key, No Message Recovery Version * *************************************************/ -class PK_Verifying_wo_MR_Key : public virtual PK_Key +class PK_Verifying_wo_MR_Key : public virtual Public_Key { public: virtual bool verify(const byte[], u32bit, @@ -85,7 +100,7 @@ class PK_Verifying_wo_MR_Key : public virtual PK_Key /************************************************* * PK Secret Value Derivation Key * *************************************************/ -class PK_Key_Agreement_Key : public virtual PK_Key +class PK_Key_Agreement_Key : public virtual Private_Key { public: virtual SecureVector<byte> derive_key(const byte[], u32bit) const = 0; @@ -93,7 +108,12 @@ class PK_Key_Agreement_Key : public virtual PK_Key virtual ~PK_Key_Agreement_Key() {} }; +/************************************************* +* Typedefs * +*************************************************/ typedef PK_Key_Agreement_Key PK_KA_Key; +typedef Public_Key X509_PublicKey; +typedef Private_Key PKCS8_PrivateKey; } diff --git a/include/pkcs8.h b/include/pkcs8.h index 5e3e1c097..2dd863848 100644 --- a/include/pkcs8.h +++ b/include/pkcs8.h @@ -34,17 +34,6 @@ class PKCS8_Decoder }; /************************************************* -* PKCS #8 Private Key * -*************************************************/ -class PKCS8_PrivateKey : public virtual X509_PublicKey - { - public: - virtual PKCS8_Encoder* pkcs8_encoder() const = 0; - virtual PKCS8_Decoder* pkcs8_decoder() = 0; - virtual ~PKCS8_PrivateKey() {} - }; - -/************************************************* * PKCS #8 General Exception * *************************************************/ struct PKCS8_Exception : public Decoding_Error diff --git a/include/x509_key.h b/include/x509_key.h index 330444097..c0b7c24d7 100644 --- a/include/x509_key.h +++ b/include/x509_key.h @@ -34,19 +34,6 @@ class X509_Decoder virtual ~X509_Decoder() {} }; -/************************************************* -* X.509 Public Key * -*************************************************/ -class X509_PublicKey : public virtual PK_Key - { - public: - u64bit key_id() const; - - virtual X509_Encoder* x509_encoder() const = 0; - virtual X509_Decoder* x509_decoder() = 0; - virtual ~X509_PublicKey() {} - }; - namespace X509 { /************************************************* diff --git a/include/x509_obj.h b/include/x509_obj.h index 47c95a041..61483ffd1 100644 --- a/include/x509_obj.h +++ b/include/x509_obj.h @@ -26,7 +26,7 @@ class X509_Object const AlgorithmIdentifier&, const MemoryRegion<byte>&); - bool check_signature(class X509_PublicKey&) const; + bool check_signature(class Public_Key&) const; void encode(Pipe&, X509_Encoding = PEM) const; SecureVector<byte> BER_encode() const; diff --git a/include/x509stor.h b/include/x509stor.h index e3dd763d2..fd26cd2bd 100644 --- a/include/x509stor.h +++ b/include/x509stor.h @@ -137,7 +137,6 @@ namespace X509_Store_Search { std::vector<X509_Certificate> by_email(const X509_Store&, const std::string&); std::vector<X509_Certificate> by_name(const X509_Store&, const std::string&); std::vector<X509_Certificate> by_dns(const X509_Store&, const std::string&); -std::vector<X509_Certificate> by_keyid(const X509_Store&, u64bit); std::vector<X509_Certificate> by_iands(const X509_Store&, const X509_DN&, const MemoryRegion<byte>&); std::vector<X509_Certificate> by_SKID(const X509_Store&, diff --git a/src/dh.cpp b/src/dh.cpp index cdcd17e50..23242e5f6 100644 --- a/src/dh.cpp +++ b/src/dh.cpp @@ -24,7 +24,15 @@ DH_PublicKey::DH_PublicKey(const DL_Group& grp, const BigInt& y1) *************************************************/ void DH_PublicKey::X509_load_hook() { - check_loaded_public(); + load_check(); + } + +/************************************************* +* Return the maximum input size in bits * +*************************************************/ +u32bit DH_PublicKey::max_input_bits() const + { + return group_p().bits(); } /************************************************* @@ -45,8 +53,7 @@ DH_PrivateKey::DH_PrivateKey(const DL_Group& grp) const BigInt& p = group_p(); x = random_integer(2 * dl_work_factor(p.bits())); - PKCS8_load_hook(); - check_generated_private(); + PKCS8_load_hook(true); } /************************************************* @@ -60,17 +67,21 @@ DH_PrivateKey::DH_PrivateKey(const DL_Group& grp, const BigInt& x1, x = x1; PKCS8_load_hook(); - check_loaded_private(); } /************************************************* * Algorithm Specific PKCS #8 Initialization Code * *************************************************/ -void DH_PrivateKey::PKCS8_load_hook() +void DH_PrivateKey::PKCS8_load_hook(bool generated) { if(y == 0) y = power_mod(group_g(), x, group_p()); core = DH_Core(group, x); + + if(generated) + gen_check(); + else + load_check(); } /************************************************* diff --git a/src/dsa.cpp b/src/dsa.cpp index d3fc9107a..f5f7d1765 100644 --- a/src/dsa.cpp +++ b/src/dsa.cpp @@ -25,7 +25,7 @@ DSA_PublicKey::DSA_PublicKey(const DL_Group& grp, const BigInt& y1) void DSA_PublicKey::X509_load_hook() { core = DSA_Core(group, y); - check_loaded_public(); + load_check(); } /************************************************* @@ -61,8 +61,7 @@ DSA_PrivateKey::DSA_PrivateKey(const DL_Group& grp) group = grp; x = random_integer(2, group_q() - 1); - PKCS8_load_hook(); - check_generated_private(); + PKCS8_load_hook(true); } /************************************************* @@ -76,17 +75,21 @@ DSA_PrivateKey::DSA_PrivateKey(const DL_Group& grp, const BigInt& x1, x = x1; PKCS8_load_hook(); - check_loaded_private(); } /************************************************* * Algorithm Specific PKCS #8 Initialization Code * *************************************************/ -void DSA_PrivateKey::PKCS8_load_hook() +void DSA_PrivateKey::PKCS8_load_hook(bool generated) { if(y == 0) y = power_mod(group_g(), x, group_p()); core = DSA_Core(group, y, x); + + if(generated) + gen_check(); + else + load_check(); } /************************************************* diff --git a/src/elgamal.cpp b/src/elgamal.cpp index 152aeb4dc..7be0a576b 100644 --- a/src/elgamal.cpp +++ b/src/elgamal.cpp @@ -26,7 +26,7 @@ ElGamal_PublicKey::ElGamal_PublicKey(const DL_Group& grp, const BigInt& y1) void ElGamal_PublicKey::X509_load_hook() { core = ELG_Core(group, y); - check_loaded_public(); + load_check(); } /************************************************* @@ -56,8 +56,7 @@ ElGamal_PrivateKey::ElGamal_PrivateKey(const DL_Group& grp) x = random_integer(2 * dl_work_factor(group_p().bits())); - PKCS8_load_hook(); - check_generated_private(); + PKCS8_load_hook(true); } /************************************************* @@ -71,17 +70,21 @@ ElGamal_PrivateKey::ElGamal_PrivateKey(const DL_Group& grp, const BigInt& x1, x = x1; PKCS8_load_hook(); - check_loaded_private(); } /************************************************* * Algorithm Specific PKCS #8 Initialization Code * *************************************************/ -void ElGamal_PrivateKey::PKCS8_load_hook() +void ElGamal_PrivateKey::PKCS8_load_hook(bool generated) { if(y == 0) y = power_mod(group_g(), x, group_p()); core = ELG_Core(group, y, x); + + if(generated) + gen_check(); + else + load_check(); } /************************************************* diff --git a/src/if_algo.cpp b/src/if_algo.cpp index 97d0d0510..afa428fde 100644 --- a/src/if_algo.cpp +++ b/src/if_algo.cpp @@ -159,13 +159,13 @@ PKCS8_Decoder* IF_Scheme_PrivateKey::pkcs8_decoder() void IF_Scheme_PublicKey::X509_load_hook() { core = IF_Core(e, n); - check_loaded_public(); + load_check(); } /************************************************* * Algorithm Specific PKCS #8 Initialization Code * *************************************************/ -void IF_Scheme_PrivateKey::PKCS8_load_hook() +void IF_Scheme_PrivateKey::PKCS8_load_hook(bool generated) { if(n == 0) n = p * q; if(d1 == 0) d1 = d % (p - 1); @@ -173,6 +173,11 @@ void IF_Scheme_PrivateKey::PKCS8_load_hook() if(c == 0) c = inverse_mod(q, p); core = IF_Core(e, n, d, p, q, d1, d2, c); + + if(generated) + gen_check(); + else + load_check(); } /************************************************* diff --git a/src/nr.cpp b/src/nr.cpp index d6e436015..f8fe065df 100644 --- a/src/nr.cpp +++ b/src/nr.cpp @@ -25,7 +25,7 @@ NR_PublicKey::NR_PublicKey(const DL_Group& grp, const BigInt& y1) void NR_PublicKey::X509_load_hook() { core = NR_Core(group, y); - check_loaded_public(); + load_check(); } /************************************************* @@ -60,8 +60,7 @@ NR_PrivateKey::NR_PrivateKey(const DL_Group& grp) group = grp; x = random_integer(2, group_q() - 1); - PKCS8_load_hook(); - check_generated_private(); + PKCS8_load_hook(true); } /************************************************* @@ -75,17 +74,21 @@ NR_PrivateKey::NR_PrivateKey(const DL_Group& grp, const BigInt& x1, x = x1; PKCS8_load_hook(); - check_loaded_private(); } /************************************************* * Algorithm Specific PKCS #8 Initialization Code * *************************************************/ -void NR_PrivateKey::PKCS8_load_hook() +void NR_PrivateKey::PKCS8_load_hook(bool generated) { if(y == 0) y = power_mod(group_g(), x, group_p()); core = NR_Core(group, y, x); + + if(generated) + gen_check(); + else + load_check(); } /************************************************* diff --git a/src/pk_keys.cpp b/src/pk_keys.cpp index 4a175e17c..478ee5d37 100644 --- a/src/pk_keys.cpp +++ b/src/pk_keys.cpp @@ -27,7 +27,7 @@ bool key_check_level(const std::string& type) /************************************************* * Default OID access * *************************************************/ -OID PK_Key::get_oid() const +OID Public_Key::get_oid() const { try { return OIDS::lookup(algo_name()); @@ -41,7 +41,7 @@ OID PK_Key::get_oid() const /************************************************* * Run checks on a loaded public key * *************************************************/ -void PK_Key::check_loaded_public() const +void Public_Key::load_check() const { if(!check_key(key_check_level("public"))) throw Invalid_Argument(algo_name() + ": Invalid public key"); @@ -50,7 +50,7 @@ void PK_Key::check_loaded_public() const /************************************************* * Run checks on a loaded private key * *************************************************/ -void PK_Key::check_loaded_private() const +void Private_Key::load_check() const { if(!check_key(key_check_level("private"))) throw Invalid_Argument(algo_name() + ": Invalid private key"); @@ -59,7 +59,7 @@ void PK_Key::check_loaded_private() const /************************************************* * Run checks on a generated private key * *************************************************/ -void PK_Key::check_generated_private() const +void Private_Key::gen_check() const { if(!check_key(key_check_level("private_gen"))) throw Self_Test_Failure(algo_name() + " private key generation failed"); diff --git a/src/rsa.cpp b/src/rsa.cpp index c11733aa3..1176b3a68 100644 --- a/src/rsa.cpp +++ b/src/rsa.cpp @@ -64,8 +64,7 @@ RSA_PrivateKey::RSA_PrivateKey(u32bit bits, u32bit exp) q = random_prime(bits - p.bits(), e); d = inverse_mod(e, lcm(p - 1, q - 1)); - PKCS8_load_hook(); - check_generated_private(); + PKCS8_load_hook(true); if(n.bits() != bits) throw Self_Test_Failure(algo_name() + " private key generation failed"); @@ -88,7 +87,6 @@ RSA_PrivateKey::RSA_PrivateKey(const BigInt& prime1, const BigInt& prime2, d = inverse_mod(e, lcm(p - 1, q - 1)); PKCS8_load_hook(); - check_loaded_private(); } /************************************************* diff --git a/src/rw.cpp b/src/rw.cpp index 9ab43cde9..714929edd 100644 --- a/src/rw.cpp +++ b/src/rw.cpp @@ -65,8 +65,7 @@ RW_PrivateKey::RW_PrivateKey(u32bit bits, u32bit exp) q = random_prime(bits - p.bits(), e / 2, ((p % 8 == 3) ? 7 : 3), 8); d = inverse_mod(e, lcm(p - 1, q - 1) >> 1); - PKCS8_load_hook(); - check_generated_private(); + PKCS8_load_hook(true); if(n.bits() != bits) throw Self_Test_Failure(algo_name() + " private key generation failed"); @@ -89,7 +88,6 @@ RW_PrivateKey::RW_PrivateKey(const BigInt& prime1, const BigInt& prime2, d = inverse_mod(e, lcm(p - 1, q - 1) >> 1); PKCS8_load_hook(); - check_loaded_private(); } /************************************************* diff --git a/src/x509_key.cpp b/src/x509_key.cpp index 2825cf836..332297e78 100644 --- a/src/x509_key.cpp +++ b/src/x509_key.cpp @@ -15,33 +15,6 @@ namespace Botan { -/************************************************* -* Compute the key id * -*************************************************/ -u64bit X509_PublicKey::key_id() const - { - std::auto_ptr<X509_Encoder> encoder(x509_encoder()); - if(!encoder.get()) - throw Internal_Error("X509_PublicKey:key_id: No encoder found"); - - Pipe pipe(new Hash_Filter("SHA-1", 8)); - pipe.start_msg(); - pipe.write(algo_name()); - pipe.write(encoder->alg_id().parameters); - pipe.write(encoder->key_bits()); - pipe.end_msg(); - - SecureVector<byte> output = pipe.read_all(); - - if(output.size() != 8) - throw Internal_Error("X509_PublicKey::key_id: Incorrect output size"); - - u64bit id = 0; - for(u32bit j = 0; j != 8; ++j) - id = (id << 8) | output[j]; - return id; - } - namespace X509 { /************************************************* diff --git a/src/x509find.cpp b/src/x509find.cpp index 7a9d370a1..9a6f75fe4 100644 --- a/src/x509find.cpp +++ b/src/x509find.cpp @@ -101,28 +101,6 @@ std::vector<X509_Certificate> by_dns(const X509_Store& store, } /************************************************* -* Search for a certificate by key id * -*************************************************/ -std::vector<X509_Certificate> by_keyid(const X509_Store& store, u64bit key_id) - { - class KeyID_Match : public X509_Store::Search_Func - { - public: - bool match(const X509_Certificate& cert) const - { - std::auto_ptr<X509_PublicKey> key(cert.subject_public_key()); - return (key->key_id() == key_id); - } - KeyID_Match(u64bit id) : key_id(id) {} - private: - u64bit key_id; - }; - - KeyID_Match search_params(key_id); - return store.get_certs(search_params); - } - -/************************************************* * Search for a certificate by issuer/serial * *************************************************/ std::vector<X509_Certificate> by_iands(const X509_Store& store, |