diff options
Diffstat (limited to 'src/cert')
-rw-r--r-- | src/cert/cvc/cvc_ado.cpp | 7 | ||||
-rw-r--r-- | src/cert/cvc/cvc_cert.cpp | 23 | ||||
-rw-r--r-- | src/cert/cvc/cvc_cert.h | 8 | ||||
-rw-r--r-- | src/cert/cvc/cvc_key.h | 53 | ||||
-rw-r--r-- | src/cert/cvc/cvc_req.cpp | 18 | ||||
-rw-r--r-- | src/cert/cvc/cvc_req.h | 2 | ||||
-rw-r--r-- | src/cert/cvc/cvc_self.cpp | 11 | ||||
-rw-r--r-- | src/cert/cvc/info.txt | 1 |
8 files changed, 27 insertions, 96 deletions
diff --git a/src/cert/cvc/cvc_ado.cpp b/src/cert/cvc/cvc_ado.cpp index fd5b80f13..5ff27020d 100644 --- a/src/cert/cvc/cvc_ado.cpp +++ b/src/cert/cvc/cvc_ado.cpp @@ -45,10 +45,9 @@ void EAC1_1_ADO::force_decode() sig_algo = m_req.sig_algo; } -MemoryVector<byte> EAC1_1_ADO::make_signed( - PK_Signer& signer, - const MemoryRegion<byte>& tbs_bits, - RandomNumberGenerator& rng) +MemoryVector<byte> EAC1_1_ADO::make_signed(PK_Signer& signer, + const MemoryRegion<byte>& tbs_bits, + RandomNumberGenerator& rng) { SecureVector<byte> concat_sig = EAC1_1_obj<EAC1_1_ADO>::make_signature(signer, tbs_bits, rng); diff --git a/src/cert/cvc/cvc_cert.cpp b/src/cert/cvc/cvc_cert.cpp index 44a3ff508..b6a141d01 100644 --- a/src/cert/cvc/cvc_cert.cpp +++ b/src/cert/cvc/cvc_cert.cpp @@ -6,7 +6,6 @@ */ #include <botan/cvc_cert.h> -#include <botan/cvc_key.h> #include <botan/ecdsa.h> namespace Botan { @@ -58,21 +57,11 @@ void EAC1_1_CVC::force_decode() if(cpi != 0) throw Decoding_Error("EAC1_1 certificate's cpi was not 0"); - // FIXME: PK algos have no notion of EAC encoder/decoder currently -#if 0 - ECDSA_PublicKey tmp_pk; - std::auto_ptr<EAC1_1_CVC_Decoder> dec = tmp_pk.cvc_eac1_1_decoder(); - sig_algo = dec->public_key(enc_pk); + m_pk = decode_eac1_1_key(enc_pk, sig_algo); - - m_pk = tmp_pk; m_chat_val = enc_chat_val[0]; - self_signed = false; - if(m_car.iso_8859() == m_chr.iso_8859()) - { - self_signed= true; - } -#endif + + self_signed = (m_car.iso_8859() == m_chr.iso_8859()); } /* @@ -99,6 +88,12 @@ bool EAC1_1_CVC::operator==(EAC1_1_CVC const& rhs) const && get_concat_sig() == rhs.get_concat_sig()); } +ECDSA_PublicKey decode_eac1_1_key(const MemoryRegion<byte>& enc_key, + AlgorithmIdentifier& sig_algo) + { + throw Internal_Error("decode_eac1_1_key: Unimplemented"); + } + EAC1_1_CVC make_cvc_cert(PK_Signer& signer, MemoryRegion<byte> const& public_key, ASN1_Car const& car, diff --git a/src/cert/cvc/cvc_cert.h b/src/cert/cvc/cvc_cert.h index 14287cfdd..ee6cba79a 100644 --- a/src/cert/cvc/cvc_cert.h +++ b/src/cert/cvc/cvc_cert.h @@ -94,7 +94,7 @@ inline bool operator!=(EAC1_1_CVC const& lhs, EAC1_1_CVC const& rhs) * @param ced the CEX to appear in the certificate */ EAC1_1_CVC BOTAN_DLL make_cvc_cert(PK_Signer& signer, - MemoryRegion<byte> const& public_key, + const MemoryRegion<byte>& public_key, ASN1_Car const& car, ASN1_Chr const& chr, byte holder_auth_templ, @@ -102,6 +102,12 @@ EAC1_1_CVC BOTAN_DLL make_cvc_cert(PK_Signer& signer, ASN1_Cex cex, RandomNumberGenerator& rng); +/** +* Decode an EAC encoding ECDSA key +*/ +ECDSA_PublicKey BOTAN_DLL decode_eac1_1_key(const MemoryRegion<byte>& enc_key, + AlgorithmIdentifier& sig_algo); + } #endif diff --git a/src/cert/cvc/cvc_key.h b/src/cert/cvc/cvc_key.h deleted file mode 100644 index a81660597..000000000 --- a/src/cert/cvc/cvc_key.h +++ /dev/null @@ -1,53 +0,0 @@ -/* -* EAC CVC Public Key -* (C) 2008 FlexSecure Gmbh -* Falko Strenzke -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_EAC1_1_CVC_PUBLIC_KEY_H__ -#define BOTAN_EAC1_1_CVC_PUBLIC_KEY_H__ - -#include <botan/pipe.h> -#include <botan/pk_keys.h> -#include <botan/alg_id.h> - -namespace Botan { - -/** -* This class represents EAC 1.1 CVC public key encoders. -*/ -class BOTAN_DLL EAC1_1_CVC_Encoder - { - public: - /** - * Get the DER encoded CVC public key. - * @param alg_id the algorithm identifier to use in the encoding - * @return the DER encoded public key - */ - virtual MemoryVector<byte> - public_key(const AlgorithmIdentifier& enc) const = 0; - - virtual ~EAC1_1_CVC_Encoder() {} - }; - -/** -* This class represents EAC 1.1 CVC public key decoders. -*/ -class BOTAN_DLL EAC1_1_CVC_Decoder - { - public: - /** - * Decode a CVC public key. - * @param enc the DER encoded public key to decode - * @return the algorithm identifier found in the encoded public key - */ - virtual AlgorithmIdentifier const - public_key(const MemoryRegion<byte>& enc) = 0; - - virtual ~EAC1_1_CVC_Decoder() {} - }; -} - -#endif diff --git a/src/cert/cvc/cvc_req.cpp b/src/cert/cvc/cvc_req.cpp index 78dbdea52..0a33d4dca 100644 --- a/src/cert/cvc/cvc_req.cpp +++ b/src/cert/cvc/cvc_req.cpp @@ -1,19 +1,13 @@ /* (C) 2007 FlexSecure GmbH - 2008 Jack Lloyd + 2008-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ +#include <botan/cvc_req.h> #include <botan/cvc_cert.h> -#include <botan/der_enc.h> #include <botan/ber_dec.h> -#include <botan/pem.h> -#include <botan/parsing.h> -#include <botan/cvc_key.h> -#include <botan/oids.h> -#include <botan/look_pk.h> -#include <botan/cvc_req.h> namespace Botan { @@ -38,13 +32,7 @@ void EAC1_1_Req::force_decode() if(cpi != 0) throw Decoding_Error("EAC1_1 requests cpi was not 0"); - // FIXME: No EAC support in ECDSA -#if 0 - ECDSA_PublicKey tmp_pk; - std::auto_ptr<EAC1_1_CVC_Decoder> dec = tmp_pk.cvc_eac1_1_decoder(); - sig_algo = dec->public_key(enc_pk); - m_pk = tmp_pk; -#endif + m_pk = decode_eac1_1_key(enc_pk, sig_algo); } EAC1_1_Req::EAC1_1_Req(DataSource& in) diff --git a/src/cert/cvc/cvc_req.h b/src/cert/cvc/cvc_req.h index bfd65981f..1e8cea7f8 100644 --- a/src/cert/cvc/cvc_req.h +++ b/src/cert/cvc/cvc_req.h @@ -1,6 +1,7 @@ /* * EAC1_1 CVC Request * (C) 2008 Falko Strenzke +* 2010 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -18,7 +19,6 @@ namespace Botan { class BOTAN_DLL EAC1_1_Req : public EAC1_1_gen_CVC<EAC1_1_Req> { public: - friend class EAC1_1_Req_CA; friend class EAC1_1_ADO; friend class EAC1_1_obj<EAC1_1_Req>; diff --git a/src/cert/cvc/cvc_self.cpp b/src/cert/cvc/cvc_self.cpp index 3b8f909de..017c99b6a 100644 --- a/src/cert/cvc/cvc_self.cpp +++ b/src/cert/cvc/cvc_self.cpp @@ -106,15 +106,12 @@ EAC1_1_CVC create_self_signed_cert(Private_Key const& key, EAC1_1_CVC_Options const& opt, RandomNumberGenerator& rng) { - // NOTE: we ignore - // the value - // of opt.chr - ECDSA_PrivateKey const* priv_key = dynamic_cast<ECDSA_PrivateKey const*>(&key); + // NOTE: we ignore the value of opt.chr - if (priv_key == 0) - { + const ECDSA_PrivateKey* priv_key = dynamic_cast<const ECDSA_PrivateKey*>(&key); + + if(priv_key == 0) throw Invalid_Argument("CVC_EAC::create_self_signed_cert(): unsupported key type"); - } ASN1_Chr chr(opt.car.value()); diff --git a/src/cert/cvc/info.txt b/src/cert/cvc/info.txt index 3b83781f7..f2894297b 100644 --- a/src/cert/cvc/info.txt +++ b/src/cert/cvc/info.txt @@ -6,7 +6,6 @@ load_on auto cvc_ado.h cvc_cert.h cvc_gen_cert.h -cvc_key.h cvc_req.h cvc_self.h eac_asn_obj.h |