aboutsummaryrefslogtreecommitdiffstats
path: root/src/cert/cvc/cvc_gen_cert.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/cert/cvc/cvc_gen_cert.h')
-rw-r--r--src/cert/cvc/cvc_gen_cert.h161
1 files changed, 161 insertions, 0 deletions
diff --git a/src/cert/cvc/cvc_gen_cert.h b/src/cert/cvc/cvc_gen_cert.h
new file mode 100644
index 000000000..7a9ac86fa
--- /dev/null
+++ b/src/cert/cvc/cvc_gen_cert.h
@@ -0,0 +1,161 @@
+/*************************************************
+* EAC1_1 general CVC Header File *
+* (C) 2008 Falko Strenzke *
+*************************************************/
+
+#ifndef BOTAN_EAC_CVC_GCERT_H__
+#define BOTAN_EAC_CVC_GCERT_H__
+
+#include <botan/x509_key.h>
+#include <botan/enums.h>
+#include <string>
+#include <botan/pubkey.h>
+#include <botan/ecdsa_sig.h>
+
+namespace Botan {
+
+/**
+* This class represents TR03110 (EAC) v1.1 generalized CV Certificates
+*/
+template<typename Derived>
+class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1_1_obj
+ {
+ friend class EAC1_1_obj<EAC1_1_gen_CVC>;
+ protected:
+ ECDSA_PublicKey m_pk; // public key
+ ASN1_Chr m_chr;
+ bool self_signed;
+
+ static void decode_info(SharedPtrConverter<DataSource> source, SecureVector<byte> & res_tbs_bits, ECDSA_Signature & res_sig);
+ public:
+
+ /**
+ * Get this certificates public key.
+ * @result this certificates public key
+ */
+ std::auto_ptr<Public_Key> subject_public_key() const;
+
+ /**
+ * Find out whether this object is self signed.
+ * @result true if this object is self signed
+ */
+ bool is_self_signed() const;
+
+ /**
+ * Get the CHR of the certificate.
+ * @result the CHR of the certificate
+ */
+ ASN1_Chr get_chr() const;
+
+ /**
+ * Put the DER encoded version of this object into a pipe. PEM
+ * is not supported.
+ * @param out the pipe to push the DER encoded version into
+ * @param encoding the encoding to use. Must be DER.
+ */
+ void encode(Pipe& out, X509_Encoding encoding) const;
+
+ /**
+ * Get the to-be-signed (TBS) data of this object.
+ * @result the TBS data of this object
+ */
+ SecureVector<byte> tbs_data() const;
+
+ /**
+ * Build the DER encoded certifcate body of an object
+ * @param tbs the data to be signed
+ * @result the correctly encoded body of the object
+ */
+ static SecureVector<byte> build_cert_body(MemoryRegion<byte> const& tbs);
+
+ /**
+ * Create a signed generalized CVC object.
+ * @param signer the signer used to sign this object
+ * @param tbs_bits the body the generalized CVC object to be signed
+ * @result the DER encoded signed generalized CVC object
+ */
+ static MemoryVector<byte> make_signed(
+ std::auto_ptr<PK_Signer> signer,
+ const MemoryRegion<byte>& tbs_bits);
+ virtual ~EAC1_1_gen_CVC<Derived>()
+ {}
+
+ }
+ ;
+template<typename Derived> ASN1_Chr EAC1_1_gen_CVC<Derived>::get_chr() const
+ {
+ return m_chr;
+ }
+template<typename Derived> bool EAC1_1_gen_CVC<Derived>::is_self_signed() const
+ {
+ return self_signed;
+ }
+template<typename Derived> MemoryVector<byte> EAC1_1_gen_CVC<Derived>::make_signed(
+ std::auto_ptr<PK_Signer> signer,
+ const MemoryRegion<byte>& tbs_bits) // static
+ {
+ SecureVector<byte> concat_sig = EAC1_1_obj<Derived>::make_signature(signer, tbs_bits);
+ assert(concat_sig.size() % 2 == 0);
+ return DER_Encoder()
+ .start_cons(ASN1_Tag(33), APPLICATION)
+ .raw_bytes(tbs_bits)
+ .encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
+ .end_cons()
+ .get_contents();
+ }
+template<typename Derived> std::auto_ptr<Public_Key> EAC1_1_gen_CVC<Derived>::subject_public_key() const
+ {
+ return std::auto_ptr<Public_Key>(new ECDSA_PublicKey(m_pk));
+ }
+template<typename Derived> SecureVector<byte> EAC1_1_gen_CVC<Derived>::build_cert_body(MemoryRegion<byte> const& tbs)
+ {
+ return DER_Encoder()
+ .start_cons(ASN1_Tag(78), APPLICATION)
+ .raw_bytes(tbs)
+ .end_cons().get_contents();
+ }
+template<typename Derived> SecureVector<byte> EAC1_1_gen_CVC<Derived>::tbs_data() const
+ {
+ return build_cert_body(EAC1_1_obj<Derived>::tbs_bits);
+ }
+template<typename Derived> void EAC1_1_gen_CVC<Derived>::encode(Pipe& out, X509_Encoding encoding) const
+ {
+ SecureVector<byte> concat_sig(EAC1_1_obj<Derived>::m_sig.get_concatenation());
+ SecureVector<byte> der = DER_Encoder()
+ .start_cons(ASN1_Tag(33), APPLICATION)
+ .start_cons(ASN1_Tag(78), APPLICATION)
+ .raw_bytes(EAC1_1_obj<Derived>::tbs_bits)
+ .end_cons()
+ .encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
+ .end_cons()
+ .get_contents();
+
+ if (encoding == PEM)
+ throw Invalid_Argument("EAC1_1_gen_CVC::encode() cannot PEM encode an EAC object");
+ else
+ out.write(der);
+ }
+
+template<typename Derived>
+void EAC1_1_gen_CVC<Derived>::decode_info(
+ SharedPtrConverter<DataSource> source,
+ SecureVector<byte> & res_tbs_bits,
+ ECDSA_Signature & res_sig)
+ {
+ SecureVector<byte> concat_sig;
+ BER_Decoder(source.get_shared())
+ .start_cons(ASN1_Tag(33))
+ .start_cons(ASN1_Tag(78))
+ .raw_bytes(res_tbs_bits)
+ .end_cons()
+ .decode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
+ .end_cons();
+ res_sig = ecdsa::decode_concatenation(concat_sig);
+ }
+
+}
+
+#endif
+
+