Botan  1.11.15
Functions
Botan::CVC_EAC Namespace Reference

Functions

EAC1_1_ADO create_ado_req (Private_Key const &key, EAC1_1_Req const &req, ASN1_Car const &car, RandomNumberGenerator &rng)
EAC1_1_Req create_cvc_req (Private_Key const &key, ASN1_Chr const &chr, std::string const &hash_alg, RandomNumberGenerator &rng)
EAC1_1_CVC create_self_signed_cert (Private_Key const &key, EAC1_1_CVC_Options const &opt, RandomNumberGenerator &rng)

Detailed Description

This namespace represents general EAC 1.1 convenience functions.


Function Documentation

EAC1_1_ADO BOTAN_DLL Botan::CVC_EAC::create_ado_req ( Private_Key const &  priv_key,
EAC1_1_Req const &  req,
ASN1_Car const &  car,
RandomNumberGenerator &  rng 
)

Create an ADO from a request object.

Parameters:
priv_keythe private key used to sign the ADO
reqthe request forming the body of the ADO
carthe CAR forming the body of the ADO, i.e. the CHR of the entity associated with the provided private key
rngthe rng to use

Definition at line 154 of file cvc_self.cpp.

References Botan::EAC_Signed_Object::BER_encode(), Botan::DER_Encoder::encode(), Botan::DER_Encoder::get_contents(), Botan::EAC1_1_ADO::make_signed(), Botan::AlgorithmIdentifier::oid, and Botan::EAC_Signed_Object::signature_algorithm().

   {

   ECDSA_PrivateKey const* priv_key = dynamic_cast<ECDSA_PrivateKey const*>(&key);
   if (priv_key == 0)
      {
      throw Invalid_Argument("CVC_EAC::create_self_signed_cert(): unsupported key type");
      }

   std::string padding_and_hash = padding_and_hash_from_oid(req.signature_algorithm().oid);
   PK_Signer signer(*priv_key, padding_and_hash);
   std::vector<byte> tbs_bits = req.BER_encode();
   tbs_bits += DER_Encoder().encode(car).get_contents();

   std::vector<byte> signed_cert =
      EAC1_1_ADO::make_signed(signer, tbs_bits, rng);

   DataSource_Memory source(signed_cert);
   return EAC1_1_ADO(source);
   }
EAC1_1_Req BOTAN_DLL Botan::CVC_EAC::create_cvc_req ( Private_Key const &  priv_key,
ASN1_Chr const &  chr,
std::string const &  hash_alg,
RandomNumberGenerator &  rng 
)

Create a CVC request. The key encoding will be according to the provided private key.

Parameters:
priv_keythe private key associated with the requesting entity
chrthe chr to appear in the certificate (to be provided without sequence number)
hash_algthe string defining the hash algorithm to be used for the creation of the signature
rngthe rng to use
Returns:
the new request

Definition at line 117 of file cvc_self.cpp.

References Botan::ECDSA_PublicKey::algo_name(), Botan::APPLICATION, Botan::DER_Encoder::encode(), Botan::DER_Encoder::get_contents_unlocked(), Botan::OIDS::lookup(), Botan::OCTET_STRING, Botan::AlgorithmIdentifier::oid, Botan::DER_Encoder::raw_bytes(), and Botan::AlgorithmIdentifier::USE_NULL_PARAM.

   {

   ECDSA_PrivateKey const* priv_key = dynamic_cast<ECDSA_PrivateKey const*>(&key);
   if (priv_key == 0)
      {
      throw Invalid_Argument("CVC_EAC::create_self_signed_cert(): unsupported key type");
      }
   AlgorithmIdentifier sig_algo;
   std::string padding_and_hash("EMSA1_BSI(" + hash_alg + ")");
   sig_algo.oid = OIDS::lookup(priv_key->algo_name() + "/" + padding_and_hash);
   sig_algo = AlgorithmIdentifier(sig_algo.oid, AlgorithmIdentifier::USE_NULL_PARAM);

   PK_Signer signer(*priv_key, padding_and_hash);

   std::vector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);

   std::vector<byte> enc_cpi;
   enc_cpi.push_back(0x00);
   std::vector<byte> tbs = DER_Encoder()
      .encode(enc_cpi, OCTET_STRING, ASN1_Tag(41), APPLICATION)
      .raw_bytes(enc_public_key)
      .encode(chr)
      .get_contents_unlocked();

   std::vector<byte> signed_cert =
      EAC1_1_gen_CVC<EAC1_1_Req>::make_signed(signer,
                                              EAC1_1_gen_CVC<EAC1_1_Req>::build_cert_body(tbs),
                                              rng);

   DataSource_Memory source(signed_cert);
   return EAC1_1_Req(source);
   }
EAC1_1_CVC BOTAN_DLL Botan::CVC_EAC::create_self_signed_cert ( Private_Key const &  key,
EAC1_1_CVC_Options const &  opts,
RandomNumberGenerator &  rng 
)

Create a selfsigned CVCA

Parameters:
rngthe rng to use
keythe ECDSA private key to be used to sign the certificate
optsused to set several parameters. Necessary are: car, holder_auth_templ, hash_alg, ced, cex and hash_alg
Returns:
the self signed certificate

Definition at line 88 of file cvc_self.cpp.

References Botan::ECDSA_PublicKey::algo_name(), Botan::EAC1_1_CVC_Options::car, Botan::EAC1_1_CVC_Options::ced, Botan::EAC1_1_CVC_Options::cex, Botan::EAC1_1_CVC_Options::hash_alg, Botan::EAC1_1_CVC_Options::holder_auth_templ, Botan::OIDS::lookup(), Botan::make_cvc_cert(), Botan::AlgorithmIdentifier::USE_NULL_PARAM, and Botan::ASN1_EAC_String::value().

Referenced by Botan::DE_EAC::create_cvca().

   {
   // NOTE: we ignore the value of opt.chr

   const ECDSA_PrivateKey* priv_key = dynamic_cast<const ECDSA_PrivateKey*>(&key);

   if(priv_key == 0)
      throw Invalid_Argument("CVC_EAC::create_self_signed_cert(): unsupported key type");

   ASN1_Chr chr(opt.car.value());

   AlgorithmIdentifier sig_algo;
   std::string padding_and_hash("EMSA1_BSI(" + opt.hash_alg + ")");
   sig_algo.oid = OIDS::lookup(priv_key->algo_name() + "/" + padding_and_hash);
   sig_algo = AlgorithmIdentifier(sig_algo.oid, AlgorithmIdentifier::USE_NULL_PARAM);

   PK_Signer signer(*priv_key, padding_and_hash);

   std::vector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);

   return make_cvc_cert(signer,
                        enc_public_key,
                        opt.car, chr,
                        opt.holder_auth_templ,
                        opt.ced, opt.cex, rng);
   }