11 files changed, 59 insertions, 60 deletions

diff --git a/src/cert/cvc/signed_obj.h b/src/cert/cvc/signed_obj.h
index 0c0fb30af..20f0e7b14 100644
--- a/src/cert/cvc/signed_obj.h
+++ b/src/cert/cvc/signed_obj.h
@@ -10,7 +10,7 @@
 #define BOTAN_EAC_SIGNED_OBJECT_H__
 
 #include <botan/asn1_obj.h>
-#include <botan/pubkey_enums.h>
+#include <botan/key_constraint.h>
 #include <botan/pipe.h>
 #include <vector>
 
diff --git a/src/pubkey/pubkey_enums.cpp b/src/cert/x509/key_constraint.cpp
index 90d835814..8a4b3deb3 100644
--- a/src/pubkey/pubkey_enums.cpp
+++ b/src/cert/x509/key_constraint.cpp
@@ -5,7 +5,8 @@
 * Distributed under the terms of the Botan license
 */
 
-#include <botan/pubkey_enums.h>
+#include <botan/key_constraint.h>
+#include <botan/x509_key.h>
 #include <botan/ber_dec.h>
 
 namespace Botan {
@@ -39,4 +40,30 @@ void decode(BER_Decoder& source, Key_Constraints& key_usage)
 
 }
 
+/*
+* Find the allowable key constraints
+*/
+Key_Constraints find_constraints(const Public_Key& pub_key,
+                                 Key_Constraints limits)
+   {
+   const std::string name = pub_key.algo_name();
+
+   size_t constraints = 0;
+
+   if(name == "DH" || name == "ECDH")
+      constraints |= KEY_AGREEMENT;
+
+   if(name == "RSA" || name == "ElGamal")
+      constraints |= KEY_ENCIPHERMENT | DATA_ENCIPHERMENT;
+
+   if(name == "RSA" || name == "RW" || name == "NR" ||
+      name == "DSA" || name == "ECDSA")
+      constraints |= DIGITAL_SIGNATURE | NON_REPUDIATION;
+
+   if(limits)
+      constraints &= limits;
+
+   return Key_Constraints(constraints);
+   }
+
 }
diff --git a/src/pubkey/pubkey_enums.h b/src/cert/x509/key_constraint.h
index c64a8493d..2c9b3778b 100644
--- a/src/pubkey/pubkey_enums.h
+++ b/src/cert/x509/key_constraint.h
@@ -28,6 +28,21 @@ enum Key_Constraints {
    DECIPHER_ONLY      = 128
 };
 
+class Public_Key;
+
+/**
+* Create the key constraints for a specific public key.
+* @param pub_key the public key from which the basic set of
+* constraints to be placed in the return value is derived
+* @param limits additional limits that will be incorporated into the
+* return value
+* @return combination of key type specific constraints and
+* additional limits
+*/
+
+BOTAN_DLL Key_Constraints find_constraints(const Public_Key& pub_key,
+                                           Key_Constraints limits);
+
 /**
 * BER Decoding Function for key constraints
 */
@@ -37,15 +52,6 @@ void BOTAN_DLL decode(BER_Decoder&, Key_Constraints&);
 
 }
 
-/*
-* Various Other Enumerations
-*/
-
-/**
-* The two types of X509 encoding supported by Botan.
-*/
-enum X509_Encoding { RAW_BER, PEM };
-
 }
 
 #endif
diff --git a/src/cert/x509/pkcs10.h b/src/cert/x509/pkcs10.h
index bd01fb6b5..065dfbdc0 100644
--- a/src/cert/x509/pkcs10.h
+++ b/src/cert/x509/pkcs10.h
@@ -12,6 +12,7 @@
 #include <botan/x509_dn.h>
 #include <botan/pkcs8.h>
 #include <botan/datastor.h>
+#include <botan/key_constraint.h>
 #include <vector>
 
 namespace Botan {
diff --git a/src/cert/x509/x509_ca.cpp b/src/cert/x509/x509_ca.cpp
index 40f2e3b3a..77e066533 100644
--- a/src/cert/x509/x509_ca.cpp
+++ b/src/cert/x509/x509_ca.cpp
@@ -14,6 +14,7 @@
 #include <botan/lookup.h>
 #include <botan/oids.h>
 #include <botan/time.h>
+#include <botan/key_constraint.h>
 #include <algorithm>
 #include <typeinfo>
 #include <iterator>
@@ -57,7 +58,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
    else
       {
       std::auto_ptr<Public_Key> key(req.subject_public_key());
-      constraints = X509::find_constraints(*key, req.constraints());
+      constraints = find_constraints(*key, req.constraints());
       }
 
    Extensions extensions;
diff --git a/src/cert/x509/x509_obj.cpp b/src/cert/x509/x509_obj.cpp
index c58081225..670bd8da6 100644
--- a/src/cert/x509/x509_obj.cpp
+++ b/src/cert/x509/x509_obj.cpp
@@ -168,16 +168,16 @@ std::string X509_Object::hash_used_for_signature() const
 /*
 * Check the signature on an object
 */
-bool X509_Object::check_signature(Public_Key* pub_key) const
+bool X509_Object::check_signature(const Public_Key* pub_key) const
    {
-   std::auto_ptr<Public_Key> key(pub_key);
+   std::auto_ptr<const Public_Key> key(pub_key);
    return check_signature(*key);
    }
 
 /*
 * Check the signature on an object
 */
-bool X509_Object::check_signature(Public_Key& pub_key) const
+bool X509_Object::check_signature(const Public_Key& pub_key) const
    {
    try {
       std::vector<std::string> sig_info =
diff --git a/src/cert/x509/x509_obj.h b/src/cert/x509/x509_obj.h
index 570b00f51..e46e72ce3 100644
--- a/src/cert/x509/x509_obj.h
+++ b/src/cert/x509/x509_obj.h
@@ -10,7 +10,7 @@
 
 #include <botan/asn1_obj.h>
 #include <botan/pipe.h>
-#include <botan/pubkey_enums.h>
+#include <botan/x509_key.h>
 #include <botan/rng.h>
 #include <vector>
 
@@ -62,7 +62,7 @@ class BOTAN_DLL X509_Object
       * @param key the public key purportedly used to sign this data
       * @return true if the signature is valid, otherwise false
       */
-      bool check_signature(class Public_Key& key) const;
+      bool check_signature(const Public_Key& key) const;
 
       /**
       * Check the signature on this data
@@ -70,7 +70,7 @@ class BOTAN_DLL X509_Object
       *        the pointer will be deleted after use
       * @return true if the signature is valid, otherwise false
       */
-      bool check_signature(class Public_Key* key) const;
+      bool check_signature(const Public_Key* key) const;
 
       /**
       * @return BER encoding of this
diff --git a/src/cert/x509/x509cert.h b/src/cert/x509/x509cert.h
index d25b97694..6a4fd6959 100644
--- a/src/cert/x509/x509cert.h
+++ b/src/cert/x509/x509cert.h
@@ -12,7 +12,7 @@
 #include <botan/x509_dn.h>
 #include <botan/x509_key.h>
 #include <botan/datastor.h>
-#include <botan/pubkey_enums.h>
+#include <botan/key_constraint.h>
 #include <map>
 
 namespace Botan {
diff --git a/src/pubkey/info.txt b/src/pubkey/info.txt
index 5f36f63c4..c8e618839 100644
--- a/src/pubkey/info.txt
+++ b/src/pubkey/info.txt
@@ -6,7 +6,6 @@ pk_algs.cpp
 pk_keys.cpp
 pkcs8.cpp
 pubkey.cpp
-pubkey_enums.cpp
 workfactor.cpp
 x509_key.cpp
 </source>
@@ -17,7 +16,6 @@ pk_keys.h
 pk_ops.h
 pkcs8.h
 pubkey.h
-pubkey_enums.h
 x509_key.h
 </header:public>
 
diff --git a/src/pubkey/x509_key.cpp b/src/pubkey/x509_key.cpp
index 4714b1285..c55f37d94 100644
--- a/src/pubkey/x509_key.cpp
+++ b/src/pubkey/x509_key.cpp
@@ -107,32 +107,6 @@ Public_Key* copy_key(const Public_Key& key)
    return X509::load_key(source);
    }
 
-/*
-* Find the allowable key constraints
-*/
-Key_Constraints find_constraints(const Public_Key& pub_key,
-                                 Key_Constraints limits)
-   {
-   const std::string name = pub_key.algo_name();
-
-   size_t constraints = 0;
-
-   if(name == "DH" || name == "ECDH")
-      constraints |= KEY_AGREEMENT;
-
-   if(name == "RSA" || name == "ElGamal")
-      constraints |= KEY_ENCIPHERMENT | DATA_ENCIPHERMENT;
-
-   if(name == "RSA" || name == "RW" || name == "NR" ||
-      name == "DSA" || name == "ECDSA")
-      constraints |= DIGITAL_SIGNATURE | NON_REPUDIATION;
-
-   if(limits)
-      constraints &= limits;
-
-   return Key_Constraints(constraints);
-   }
-
 }
 
 }
diff --git a/src/pubkey/x509_key.h b/src/pubkey/x509_key.h
index 3fdee8cde..13ad7e635 100644
--- a/src/pubkey/x509_key.h
+++ b/src/pubkey/x509_key.h
@@ -10,13 +10,17 @@
 
 #include <botan/pk_keys.h>
 #include <botan/alg_id.h>
-#include <botan/pubkey_enums.h>
 #include <botan/pipe.h>
 #include <string>
 
 namespace Botan {
 
 /**
+* The two types of X509 encoding supported by Botan.
+*/
+enum X509_Encoding { RAW_BER, PEM };
+
+/**
 * This namespace contains functions for handling X.509 public keys
 */
 namespace X509 {
@@ -64,18 +68,6 @@ BOTAN_DLL Public_Key* load_key(const MemoryRegion<byte>& enc);
 BOTAN_DLL Public_Key* copy_key(const Public_Key& key);
 
 /**
-* Create the key constraints for a specific public key.
-* @param pub_key the public key from which the basic set of
-* constraints to be placed in the return value is derived
-* @param limits additional limits that will be incorporated into the
-* return value
-* @return combination of key type specific constraints and
-* additional limits
-*/
-BOTAN_DLL Key_Constraints find_constraints(const Public_Key& pub_key,
-                                           Key_Constraints limits);
-
-/**
 * Encode a key into a pipe.
 * @deprecated Use PEM_encode or BER_encode instead
 *