Botan  1.11.15
src/lib/cert/cvc/cvc_cert.cpp
Go to the documentation of this file.
00001 /*
00002 * (C) 2007 FlexSecure GmbH
00003 *     2008-2010 Jack Lloyd
00004 *
00005 * Botan is released under the Simplified BSD License (see license.txt)
00006 */
00007 
00008 #include <botan/cvc_cert.h>
00009 #include <botan/oids.h>
00010 
00011 namespace Botan {
00012 
00013 ASN1_Car EAC1_1_CVC::get_car() const
00014    {
00015    return m_car;
00016    }
00017 
00018 ASN1_Ced EAC1_1_CVC::get_ced() const
00019    {
00020    return m_ced;
00021    }
00022 ASN1_Cex EAC1_1_CVC::get_cex() const
00023    {
00024    return m_cex;
00025    }
00026 u32bit EAC1_1_CVC::get_chat_value() const
00027    {
00028    return m_chat_val;
00029    }
00030 
00031 /*
00032 * Decode the TBSCertificate data
00033 */
00034 void EAC1_1_CVC::force_decode()
00035    {
00036    std::vector<byte> enc_pk;
00037    std::vector<byte> enc_chat_val;
00038    size_t cpi;
00039    BER_Decoder tbs_cert(tbs_bits);
00040    tbs_cert.decode(cpi, ASN1_Tag(41), APPLICATION)
00041       .decode(m_car)
00042       .start_cons(ASN1_Tag(73))
00043       .raw_bytes(enc_pk)
00044       .end_cons()
00045       .decode(m_chr)
00046       .start_cons(ASN1_Tag(76))
00047       .decode(m_chat_oid)
00048       .decode(enc_chat_val, OCTET_STRING, ASN1_Tag(19), APPLICATION)
00049       .end_cons()
00050       .decode(m_ced)
00051       .decode(m_cex)
00052       .verify_end();
00053 
00054    if(enc_chat_val.size() != 1)
00055       throw Decoding_Error("CertificateHolderAuthorizationValue was not of length 1");
00056 
00057    if(cpi != 0)
00058       throw Decoding_Error("EAC1_1 certificate's cpi was not 0");
00059 
00060    m_pk = decode_eac1_1_key(enc_pk, sig_algo);
00061 
00062    m_chat_val = enc_chat_val[0];
00063 
00064    self_signed = (m_car.iso_8859() == m_chr.iso_8859());
00065    }
00066 
00067 /*
00068 * CVC Certificate Constructor
00069 */
00070 EAC1_1_CVC::EAC1_1_CVC(DataSource& in)
00071    {
00072    init(in);
00073    self_signed = false;
00074    do_decode();
00075    }
00076 
00077 EAC1_1_CVC::EAC1_1_CVC(const std::string& in)
00078    {
00079    DataSource_Stream stream(in, true);
00080    init(stream);
00081    self_signed = false;
00082    do_decode();
00083    }
00084 
00085 bool EAC1_1_CVC::operator==(EAC1_1_CVC const& rhs) const
00086    {
00087    return (tbs_data() == rhs.tbs_data()
00088            && get_concat_sig() == rhs.get_concat_sig());
00089    }
00090 
00091 ECDSA_PublicKey* decode_eac1_1_key(const std::vector<byte>&,
00092                                    AlgorithmIdentifier&)
00093    {
00094    throw Internal_Error("decode_eac1_1_key: Unimplemented");
00095    return 0;
00096    }
00097 
00098 EAC1_1_CVC make_cvc_cert(PK_Signer& signer,
00099                          const std::vector<byte>& public_key,
00100                          ASN1_Car const& car,
00101                          ASN1_Chr const& chr,
00102                          byte holder_auth_templ,
00103                          ASN1_Ced ced,
00104                          ASN1_Cex cex,
00105                          RandomNumberGenerator& rng)
00106    {
00107    OID chat_oid(OIDS::lookup("CertificateHolderAuthorizationTemplate"));
00108    std::vector<byte> enc_chat_val;
00109    enc_chat_val.push_back(holder_auth_templ);
00110 
00111    std::vector<byte> enc_cpi;
00112    enc_cpi.push_back(0x00);
00113    std::vector<byte> tbs = DER_Encoder()
00114       .encode(enc_cpi, OCTET_STRING, ASN1_Tag(41), APPLICATION) // cpi
00115       .encode(car)
00116       .raw_bytes(public_key)
00117       .encode(chr)
00118       .start_cons(ASN1_Tag(76), APPLICATION)
00119       .encode(chat_oid)
00120       .encode(enc_chat_val, OCTET_STRING, ASN1_Tag(19), APPLICATION)
00121       .end_cons()
00122       .encode(ced)
00123       .encode(cex)
00124       .get_contents_unlocked();
00125 
00126    std::vector<byte> signed_cert =
00127       EAC1_1_CVC::make_signed(signer,
00128                               EAC1_1_CVC::build_cert_body(tbs),
00129                               rng);
00130 
00131    DataSource_Memory source(signed_cert);
00132    return EAC1_1_CVC(source);
00133    }
00134 
00135 }