diff options
Diffstat (limited to 'src/cert/cvc/cvc_gen_cert.h')
-rw-r--r-- | src/cert/cvc/cvc_gen_cert.h | 161 |
1 files changed, 161 insertions, 0 deletions
diff --git a/src/cert/cvc/cvc_gen_cert.h b/src/cert/cvc/cvc_gen_cert.h new file mode 100644 index 000000000..7a9ac86fa --- /dev/null +++ b/src/cert/cvc/cvc_gen_cert.h @@ -0,0 +1,161 @@ +/************************************************* +* EAC1_1 general CVC Header File * +* (C) 2008 Falko Strenzke * +* [email protected] * +*************************************************/ + +#ifndef BOTAN_EAC_CVC_GCERT_H__ +#define BOTAN_EAC_CVC_GCERT_H__ + +#include <botan/x509_key.h> +#include <botan/enums.h> +#include <string> +#include <botan/pubkey.h> +#include <botan/ecdsa_sig.h> + +namespace Botan { + +/** +* This class represents TR03110 (EAC) v1.1 generalized CV Certificates +*/ +template<typename Derived> +class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1_1_obj + { + friend class EAC1_1_obj<EAC1_1_gen_CVC>; + protected: + ECDSA_PublicKey m_pk; // public key + ASN1_Chr m_chr; + bool self_signed; + + static void decode_info(SharedPtrConverter<DataSource> source, SecureVector<byte> & res_tbs_bits, ECDSA_Signature & res_sig); + public: + + /** + * Get this certificates public key. + * @result this certificates public key + */ + std::auto_ptr<Public_Key> subject_public_key() const; + + /** + * Find out whether this object is self signed. + * @result true if this object is self signed + */ + bool is_self_signed() const; + + /** + * Get the CHR of the certificate. + * @result the CHR of the certificate + */ + ASN1_Chr get_chr() const; + + /** + * Put the DER encoded version of this object into a pipe. PEM + * is not supported. + * @param out the pipe to push the DER encoded version into + * @param encoding the encoding to use. Must be DER. + */ + void encode(Pipe& out, X509_Encoding encoding) const; + + /** + * Get the to-be-signed (TBS) data of this object. + * @result the TBS data of this object + */ + SecureVector<byte> tbs_data() const; + + /** + * Build the DER encoded certifcate body of an object + * @param tbs the data to be signed + * @result the correctly encoded body of the object + */ + static SecureVector<byte> build_cert_body(MemoryRegion<byte> const& tbs); + + /** + * Create a signed generalized CVC object. + * @param signer the signer used to sign this object + * @param tbs_bits the body the generalized CVC object to be signed + * @result the DER encoded signed generalized CVC object + */ + static MemoryVector<byte> make_signed( + std::auto_ptr<PK_Signer> signer, + const MemoryRegion<byte>& tbs_bits); + virtual ~EAC1_1_gen_CVC<Derived>() + {} + + } + ; +template<typename Derived> ASN1_Chr EAC1_1_gen_CVC<Derived>::get_chr() const + { + return m_chr; + } +template<typename Derived> bool EAC1_1_gen_CVC<Derived>::is_self_signed() const + { + return self_signed; + } +template<typename Derived> MemoryVector<byte> EAC1_1_gen_CVC<Derived>::make_signed( + std::auto_ptr<PK_Signer> signer, + const MemoryRegion<byte>& tbs_bits) // static + { + SecureVector<byte> concat_sig = EAC1_1_obj<Derived>::make_signature(signer, tbs_bits); + assert(concat_sig.size() % 2 == 0); + return DER_Encoder() + .start_cons(ASN1_Tag(33), APPLICATION) + .raw_bytes(tbs_bits) + .encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION) + .end_cons() + .get_contents(); + } +template<typename Derived> std::auto_ptr<Public_Key> EAC1_1_gen_CVC<Derived>::subject_public_key() const + { + return std::auto_ptr<Public_Key>(new ECDSA_PublicKey(m_pk)); + } +template<typename Derived> SecureVector<byte> EAC1_1_gen_CVC<Derived>::build_cert_body(MemoryRegion<byte> const& tbs) + { + return DER_Encoder() + .start_cons(ASN1_Tag(78), APPLICATION) + .raw_bytes(tbs) + .end_cons().get_contents(); + } +template<typename Derived> SecureVector<byte> EAC1_1_gen_CVC<Derived>::tbs_data() const + { + return build_cert_body(EAC1_1_obj<Derived>::tbs_bits); + } +template<typename Derived> void EAC1_1_gen_CVC<Derived>::encode(Pipe& out, X509_Encoding encoding) const + { + SecureVector<byte> concat_sig(EAC1_1_obj<Derived>::m_sig.get_concatenation()); + SecureVector<byte> der = DER_Encoder() + .start_cons(ASN1_Tag(33), APPLICATION) + .start_cons(ASN1_Tag(78), APPLICATION) + .raw_bytes(EAC1_1_obj<Derived>::tbs_bits) + .end_cons() + .encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION) + .end_cons() + .get_contents(); + + if (encoding == PEM) + throw Invalid_Argument("EAC1_1_gen_CVC::encode() cannot PEM encode an EAC object"); + else + out.write(der); + } + +template<typename Derived> +void EAC1_1_gen_CVC<Derived>::decode_info( + SharedPtrConverter<DataSource> source, + SecureVector<byte> & res_tbs_bits, + ECDSA_Signature & res_sig) + { + SecureVector<byte> concat_sig; + BER_Decoder(source.get_shared()) + .start_cons(ASN1_Tag(33)) + .start_cons(ASN1_Tag(78)) + .raw_bytes(res_tbs_bits) + .end_cons() + .decode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION) + .end_cons(); + res_sig = ecdsa::decode_concatenation(concat_sig); + } + +} + +#endif + + |