Botan
1.11.15
|
00001 /* 00002 * EAC1_1 general CVC 00003 * (C) 2008 Falko Strenzke 00004 * 2008-2010 Jack Lloyd 00005 * 00006 * Botan is released under the Simplified BSD License (see license.txt) 00007 */ 00008 00009 #ifndef BOTAN_EAC_CVC_GEN_CERT_H__ 00010 #define BOTAN_EAC_CVC_GEN_CERT_H__ 00011 00012 #include <botan/eac_obj.h> 00013 #include <botan/eac_asn_obj.h> 00014 #include <botan/ecdsa.h> 00015 #include <botan/pubkey.h> 00016 00017 namespace Botan { 00018 00019 /** 00020 * This class represents TR03110 (EAC) v1.1 generalized CV Certificates 00021 */ 00022 template<typename Derived> 00023 class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1_1_obj 00024 { 00025 friend class EAC1_1_obj<EAC1_1_gen_CVC>; 00026 00027 public: 00028 00029 /** 00030 * Get this certificates public key. 00031 * @result this certificates public key 00032 */ 00033 Public_Key* subject_public_key() const; 00034 00035 /** 00036 * Find out whether this object is self signed. 00037 * @result true if this object is self signed 00038 */ 00039 bool is_self_signed() const; 00040 00041 /** 00042 * Get the CHR of the certificate. 00043 * @result the CHR of the certificate 00044 */ 00045 ASN1_Chr get_chr() const; 00046 00047 /** 00048 * Put the DER encoded version of this object into a pipe. PEM 00049 * is not supported. 00050 * @param out the pipe to push the DER encoded version into 00051 * @param encoding the encoding to use. Must be DER. 00052 */ 00053 void encode(Pipe& out, X509_Encoding encoding) const; 00054 00055 /** 00056 * Get the to-be-signed (TBS) data of this object. 00057 * @result the TBS data of this object 00058 */ 00059 std::vector<byte> tbs_data() const; 00060 00061 /** 00062 * Build the DER encoded certifcate body of an object 00063 * @param tbs the data to be signed 00064 * @result the correctly encoded body of the object 00065 */ 00066 static std::vector<byte> build_cert_body(const std::vector<byte>& tbs); 00067 00068 /** 00069 * Create a signed generalized CVC object. 00070 * @param signer the signer used to sign this object 00071 * @param tbs_bits the body the generalized CVC object to be signed 00072 * @param rng a random number generator 00073 * @result the DER encoded signed generalized CVC object 00074 */ 00075 static std::vector<byte> make_signed( 00076 PK_Signer& signer, 00077 const std::vector<byte>& tbs_bits, 00078 RandomNumberGenerator& rng); 00079 00080 EAC1_1_gen_CVC() { m_pk = 0; } 00081 00082 virtual ~EAC1_1_gen_CVC<Derived>() 00083 { delete m_pk; } 00084 00085 protected: 00086 ECDSA_PublicKey* m_pk; 00087 ASN1_Chr m_chr; 00088 bool self_signed; 00089 00090 static void decode_info(DataSource& source, 00091 std::vector<byte> & res_tbs_bits, 00092 ECDSA_Signature & res_sig); 00093 00094 }; 00095 00096 template<typename Derived> ASN1_Chr EAC1_1_gen_CVC<Derived>::get_chr() const 00097 { 00098 return m_chr; 00099 } 00100 00101 template<typename Derived> bool EAC1_1_gen_CVC<Derived>::is_self_signed() const 00102 { 00103 return self_signed; 00104 } 00105 00106 template<typename Derived> 00107 std::vector<byte> EAC1_1_gen_CVC<Derived>::make_signed( 00108 PK_Signer& signer, 00109 const std::vector<byte>& tbs_bits, 00110 RandomNumberGenerator& rng) // static 00111 { 00112 const auto concat_sig = signer.sign_message(tbs_bits, rng); 00113 00114 return DER_Encoder() 00115 .start_cons(ASN1_Tag(33), APPLICATION) 00116 .raw_bytes(tbs_bits) 00117 .encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION) 00118 .end_cons() 00119 .get_contents_unlocked(); 00120 } 00121 00122 template<typename Derived> 00123 Public_Key* EAC1_1_gen_CVC<Derived>::subject_public_key() const 00124 { 00125 return new ECDSA_PublicKey(*m_pk); 00126 } 00127 00128 template<typename Derived> std::vector<byte> EAC1_1_gen_CVC<Derived>::build_cert_body(const std::vector<byte>& tbs) 00129 { 00130 return DER_Encoder() 00131 .start_cons(ASN1_Tag(78), APPLICATION) 00132 .raw_bytes(tbs) 00133 .end_cons().get_contents_unlocked(); 00134 } 00135 00136 template<typename Derived> std::vector<byte> EAC1_1_gen_CVC<Derived>::tbs_data() const 00137 { 00138 return build_cert_body(EAC1_1_obj<Derived>::tbs_bits); 00139 } 00140 00141 template<typename Derived> void EAC1_1_gen_CVC<Derived>::encode(Pipe& out, X509_Encoding encoding) const 00142 { 00143 std::vector<byte> concat_sig(EAC1_1_obj<Derived>::m_sig.get_concatenation()); 00144 std::vector<byte> der = DER_Encoder() 00145 .start_cons(ASN1_Tag(33), APPLICATION) 00146 .start_cons(ASN1_Tag(78), APPLICATION) 00147 .raw_bytes(EAC1_1_obj<Derived>::tbs_bits) 00148 .end_cons() 00149 .encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION) 00150 .end_cons() 00151 .get_contents_unlocked(); 00152 00153 if (encoding == PEM) 00154 throw Invalid_Argument("EAC1_1_gen_CVC::encode() cannot PEM encode an EAC object"); 00155 else 00156 out.write(der); 00157 } 00158 00159 template<typename Derived> 00160 void EAC1_1_gen_CVC<Derived>::decode_info( 00161 DataSource& source, 00162 std::vector<byte> & res_tbs_bits, 00163 ECDSA_Signature & res_sig) 00164 { 00165 std::vector<byte> concat_sig; 00166 BER_Decoder(source) 00167 .start_cons(ASN1_Tag(33)) 00168 .start_cons(ASN1_Tag(78)) 00169 .raw_bytes(res_tbs_bits) 00170 .end_cons() 00171 .decode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION) 00172 .end_cons(); 00173 res_sig = decode_concatenation(concat_sig); 00174 } 00175 00176 } 00177 00178 #endif 00179 00180