/* * EAC1_1 objects * (C) 2008 Falko Strenzke * * Distributed under the terms of the Botan license */ #ifndef BOTAN_EAC_OBJ_H__ #define BOTAN_EAC_OBJ_H__ #include #include #include #include #include #include #include #include #include #include #include namespace Botan { /* * TR03110 v1.1 EAC CV Certificate */ template // CRTP is used enable the call sequence: class BOTAN_DLL EAC1_1_obj : public EAC_Signed_Object { // data members first: protected: ECDSA_Signature m_sig; // member functions here: public: /** * Return the signature as a concatenation of the encoded parts. * @result the concatenated signature */ SecureVector get_concat_sig() const; /** * Verify the signature of this objects. * @param pub_key the public key to verify the signature with * @result true if the verification succeeded */ virtual bool check_signature(Public_Key& pub_key) const; protected: void init(DataSource& in); static SecureVector make_signature(PK_Signer& signer, const MemoryRegion& tbs_bits, RandomNumberGenerator& rng); virtual ~EAC1_1_obj(){} }; template SecureVector EAC1_1_obj::get_concat_sig() const { return m_sig.get_concatenation(); } template SecureVector EAC1_1_obj::make_signature(PK_Signer& signer, const MemoryRegion& tbs_bits, RandomNumberGenerator& rng) { // this is the signature as a der sequence SecureVector seq_sig = signer.sign_message(tbs_bits, rng); ECDSA_Signature sig(decode_seq(seq_sig)); SecureVector concat_sig(sig.get_concatenation()); return concat_sig; } template void EAC1_1_obj::init(DataSource& in) { try { Derived::decode_info(in, tbs_bits, m_sig); } catch(Decoding_Error) { throw Decoding_Error(PEM_label_pref + " decoding failed"); } } template bool EAC1_1_obj::check_signature(Public_Key& pub_key) const { try { std::vector sig_info = split_on(OIDS::lookup(sig_algo.oid), '/'); if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name()) { return false; } std::string padding = sig_info[1]; Signature_Format format = (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363; if(!dynamic_cast(&pub_key)) return false; std::unique_ptr enc(new ECDSA_Signature_Encoder(&m_sig)); SecureVector seq_sig = enc->signature_bits(); SecureVector to_sign = tbs_data(); PK_Verifying_wo_MR_Key& sig_key = dynamic_cast(pub_key); std::unique_ptr verifier(get_pk_verifier(sig_key, padding, format)); return verifier->verify_message(to_sign, seq_sig); } catch(...) { return false; } } } #endif