From 07c250e5b1acf64ac08096e7f4c883702040c2f0 Mon Sep 17 00:00:00 2001 From: lloyd Date: Wed, 3 Mar 2010 17:54:25 +0000 Subject: Reorganize where some CVC code goes to avoid template bloat + VC problems --- src/cert/cvc/cvc_cert.cpp | 4 +- src/cert/cvc/cvc_cert.h | 1 + src/cert/cvc/cvc_gen_cert.h | 1 + src/cert/cvc/cvc_self.cpp | 25 +++---------- src/cert/cvc/eac_obj.h | 90 ++++++++++----------------------------------- src/cert/cvc/signed_obj.cpp | 37 ++++++++++++++++++- src/cert/cvc/signed_obj.h | 3 +- 7 files changed, 66 insertions(+), 95 deletions(-) diff --git a/src/cert/cvc/cvc_cert.cpp b/src/cert/cvc/cvc_cert.cpp index b6a141d01..a31981ef5 100644 --- a/src/cert/cvc/cvc_cert.cpp +++ b/src/cert/cvc/cvc_cert.cpp @@ -1,12 +1,12 @@ /* (C) 2007 FlexSecure GmbH - 2008 Jack Lloyd + 2008-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ #include -#include +#include namespace Botan { diff --git a/src/cert/cvc/cvc_cert.h b/src/cert/cvc/cvc_cert.h index ee6cba79a..6e2966a6f 100644 --- a/src/cert/cvc/cvc_cert.h +++ b/src/cert/cvc/cvc_cert.h @@ -10,6 +10,7 @@ #define BOTAN_CVC_EAC_H__ #include +#include #include namespace Botan { diff --git a/src/cert/cvc/cvc_gen_cert.h b/src/cert/cvc/cvc_gen_cert.h index 8140cb050..e19bb5e04 100644 --- a/src/cert/cvc/cvc_gen_cert.h +++ b/src/cert/cvc/cvc_gen_cert.h @@ -12,6 +12,7 @@ #include #include #include +#include #include namespace Botan { diff --git a/src/cert/cvc/cvc_self.cpp b/src/cert/cvc/cvc_self.cpp index 017c99b6a..b54b8b4bb 100644 --- a/src/cert/cvc/cvc_self.cpp +++ b/src/cert/cvc/cvc_self.cpp @@ -9,6 +9,8 @@ #include #include #include +#include +#include #include namespace Botan { @@ -81,26 +83,9 @@ std::string padding_and_hash_from_oid(OID const& oid) return padding_and_hash; } -std::string fixed_len_seqnr(u32bit seqnr, u32bit len) - { - std::stringstream ss; - std::string result; - ss << seqnr; - ss >> result; - if (result.size() > len) - { - throw Invalid_Argument("fixed_len_seqnr(): number too high to be encoded in provided length"); - } - while (result.size() < len) - { - result.insert(0,"0"); - } - return result; - } - } -namespace CVC_EAC -{ + +namespace CVC_EAC { EAC1_1_CVC create_self_signed_cert(Private_Key const& key, EAC1_1_CVC_Options const& opt, @@ -276,7 +261,7 @@ EAC1_1_CVC sign_request(EAC1_1_CVC const& signer_cert, throw Invalid_Argument("CVC_EAC::create_self_signed_cert(): unsupported key type"); } std::string chr_str = signee.get_chr().value(); - chr_str.append(fixed_len_seqnr(seqnr, seqnr_len)); + chr_str += to_string(seqnr, seqnr_len); ASN1_Chr chr(chr_str); std::string padding_and_hash = padding_and_hash_from_oid(signee.signature_algorithm().oid); std::auto_ptr pk_signer(get_pk_signer(*priv_key, padding_and_hash)); diff --git a/src/cert/cvc/eac_obj.h b/src/cert/cvc/eac_obj.h index d4f02c530..60da7126e 100644 --- a/src/cert/cvc/eac_obj.h +++ b/src/cert/cvc/eac_obj.h @@ -8,12 +8,8 @@ #ifndef BOTAN_EAC_OBJ_H__ #define BOTAN_EAC_OBJ_H__ -#include #include -#include -#include -#include -#include +#include namespace Botan { @@ -23,84 +19,36 @@ namespace Botan { template // CRTP is used enable the call sequence: class BOTAN_DLL EAC1_1_obj : public EAC_Signed_Object { - // data members first: - protected: - - ECDSA_Signature m_sig; - - // member functions here: public: /** * Return the signature as a concatenation of the encoded parts. * @result the concatenated signature */ - SecureVector get_concat_sig() const; + SecureVector get_concat_sig() const + { return m_sig.get_concatenation(); } - /** - * Verify the signature of this objects. - * @param pub_key the public key to verify the signature with - * @result true if the verification succeeded - */ - virtual bool check_signature(Public_Key& pub_key) const; + bool check_signature(class Public_Key& key) const + { + return EAC_Signed_Object::check_signature(key, m_sig.DER_encode()); + } protected: - void init(DataSource& in); - - virtual ~EAC1_1_obj(){} - - }; - -template -SecureVector EAC1_1_obj::get_concat_sig() const - { - return m_sig.get_concatenation(); - } - -template -void EAC1_1_obj::init(DataSource& in) - { - try - { - Derived::decode_info(in, tbs_bits, m_sig); - } - catch(Decoding_Error) - { - throw Decoding_Error(PEM_label_pref + " decoding failed"); - } - } - -template -bool EAC1_1_obj::check_signature(Public_Key& pub_key) const - { - try - { - std::vector sig_info = - split_on(OIDS::lookup(sig_algo.oid), '/'); + ECDSA_Signature m_sig; - if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name()) + void init(DataSource& in) { - return false; + try + { + Derived::decode_info(in, tbs_bits, m_sig); + } + catch(Decoding_Error) + { + throw Decoding_Error(PEM_label_pref + " decoding failed"); + } } - std::string padding = sig_info[1]; - Signature_Format format = - (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363; - - if(!dynamic_cast(&pub_key)) - return false; - - SecureVector seq_sig = m_sig.DER_encode(); - SecureVector to_sign = tbs_data(); - - PK_Verifying_wo_MR_Key& sig_key = dynamic_cast(pub_key); - std::auto_ptr verifier(get_pk_verifier(sig_key, padding, format)); - return verifier->verify_message(to_sign, seq_sig); - } - catch(...) - { - return false; - } - } + virtual ~EAC1_1_obj(){} + }; } diff --git a/src/cert/cvc/signed_obj.cpp b/src/cert/cvc/signed_obj.cpp index 022d0fa5f..31a158dd4 100644 --- a/src/cert/cvc/signed_obj.cpp +++ b/src/cert/cvc/signed_obj.cpp @@ -1,12 +1,15 @@ /* * EAC SIGNED Object -* (C) 1999-2007 Jack Lloyd +* (C) 1999-2010 Jack Lloyd * 2007 FlexSecure GmbH * * Distributed under the terms of the Botan license */ #include +#include +#include +#include namespace Botan { @@ -42,6 +45,38 @@ AlgorithmIdentifier EAC_Signed_Object::signature_algorithm() const return sig_algo; } +bool EAC_Signed_Object::check_signature(Public_Key& pub_key, + const MemoryRegion& sig) const + { + try + { + std::vector sig_info = + split_on(OIDS::lookup(sig_algo.oid), '/'); + + if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name()) + { + return false; + } + + std::string padding = sig_info[1]; + Signature_Format format = + (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363; + + if(!dynamic_cast(&pub_key)) + return false; + + SecureVector to_sign = tbs_data(); + + PK_Verifying_wo_MR_Key& sig_key = dynamic_cast(pub_key); + std::auto_ptr verifier(get_pk_verifier(sig_key, padding, format)); + return verifier->verify_message(to_sign, sig); + } + catch(...) + { + return false; + } + } + /* * Try to decode the actual information */ diff --git a/src/cert/cvc/signed_obj.h b/src/cert/cvc/signed_obj.h index 17b75a08a..0e7dd6bdb 100644 --- a/src/cert/cvc/signed_obj.h +++ b/src/cert/cvc/signed_obj.h @@ -53,7 +53,8 @@ class BOTAN_DLL EAC_Signed_Object * @return true if the signature was created by the private key * associated with this public key */ - virtual bool check_signature(class Public_Key&) const = 0; + bool check_signature(class Public_Key& key, + const MemoryRegion& sig) const; /** * Write this object DER encoded into a specified pipe. -- cgit v1.2.3