Botan  1.11.15
src/lib/cert/cvc/cvc_self.h
Go to the documentation of this file.
00001 /*
00002 * CVC Self-Signed Certificate
00003 * (C) 2007 FlexSecure GmbH
00004 *     2008 Jack Lloyd
00005 *
00006 * Botan is released under the Simplified BSD License (see license.txt)
00007 */
00008 
00009 #ifndef BOTAN_CVC_EAC_SELF_H__
00010 #define BOTAN_CVC_EAC_SELF_H__
00011 
00012 #include <botan/pkcs8.h>
00013 #include <botan/cvc_cert.h>
00014 #include <botan/ecdsa.h>
00015 #include <botan/asn1_obj.h>
00016 #include <botan/cvc_req.h>
00017 #include <botan/cvc_ado.h>
00018 
00019 namespace Botan {
00020 
00021 /**
00022 * This class represents a set of options used for the creation of CVC certificates
00023 */
00024 class BOTAN_DLL EAC1_1_CVC_Options
00025    {
00026    public:
00027 
00028       ASN1_Car car;
00029       ASN1_Chr chr;
00030       byte holder_auth_templ;
00031       ASN1_Ced ced;
00032       ASN1_Cex cex;
00033       std::string hash_alg;
00034    };
00035 
00036 /**
00037 * This namespace represents general EAC 1.1 convenience functions.
00038 */
00039 namespace CVC_EAC {
00040 
00041 /**
00042 * Create a selfsigned CVCA
00043 * @param rng the rng to use
00044 * @param key the ECDSA private key to be used to sign the certificate
00045 * @param opts used to set several parameters. Necessary are:
00046 * car, holder_auth_templ, hash_alg, ced, cex and hash_alg
00047 * @result the self signed certificate
00048 */
00049 
00050 EAC1_1_CVC BOTAN_DLL create_self_signed_cert(Private_Key const& key,
00051                                              EAC1_1_CVC_Options const& opts,
00052                                              RandomNumberGenerator& rng);
00053 /**
00054 * Create a CVC request. The key encoding will be according to the provided private key.
00055 * @param priv_key the private key associated with the requesting entity
00056 * @param chr the chr to appear in the certificate (to be provided without
00057 * sequence number)
00058 * @param hash_alg the string defining the hash algorithm to be used for the creation
00059 * of the signature
00060 * @param rng the rng to use
00061 * @result the new request
00062 */
00063 EAC1_1_Req BOTAN_DLL create_cvc_req(Private_Key const& priv_key,
00064                                     ASN1_Chr const& chr,
00065                                     std::string const& hash_alg,
00066                                     RandomNumberGenerator& rng);
00067 
00068 /**
00069 * Create an ADO from a request object.
00070 * @param priv_key the private key used to sign the ADO
00071 * @param req the request forming the body of the ADO
00072 * @param car the CAR forming the body of the ADO, i.e. the
00073 * CHR of the entity associated with the provided private key
00074 * @param rng the rng to use
00075 */
00076 EAC1_1_ADO BOTAN_DLL create_ado_req(Private_Key const& priv_key,
00077                                     EAC1_1_Req const& req,
00078                                     ASN1_Car const& car,
00079                                     RandomNumberGenerator& rng);
00080 }
00081 /**
00082 * This namespace represents EAC 1.1 CVC convenience functions
00083 * following the specific german requirements.
00084 */
00085 
00086 namespace DE_EAC {
00087 
00088 /**
00089 * Create a CVCA certificate.
00090 * @param priv_key the private key associated with the CVCA certificate
00091 * to be created
00092 * @param hash the string identifying the hash algorithm to be used
00093 * for signing the certificate to be created
00094 * @param car the CAR of the certificate to be created
00095 * @param iris indicates whether the entity associated with the certificate
00096 * shall be entitled to read the biometrical iris image
00097 * @param fingerpr indicates whether the entity associated with the certificate
00098 * shall be entitled to read the biometrical fingerprint image
00099 * @param cvca_validity_months length of time in months this will be valid
00100 * @param rng a random number generator
00101 * @result the CVCA certificate created
00102 */
00103 EAC1_1_CVC BOTAN_DLL create_cvca(Private_Key const& priv_key,
00104                                  std::string const& hash,
00105                                  ASN1_Car const& car,
00106                                  bool iris,
00107                                  bool fingerpr,
00108                                  u32bit cvca_validity_months,
00109                                  RandomNumberGenerator& rng);
00110 
00111 /**
00112 * Create a link certificate between two CVCA certificates. The key
00113 * encoding will be implicitCA.
00114 * @param signer the cvca certificate associated with the signing
00115 * entity
00116 * @param priv_key the private key associated with the signer
00117 * @param to_be_signed the certificate which whose CAR/CHR will be
00118 * the holder of the link certificate
00119 * @param rng a random number generator
00120 */
00121 EAC1_1_CVC BOTAN_DLL link_cvca(EAC1_1_CVC const& signer,
00122                                Private_Key const& priv_key,
00123                                EAC1_1_CVC const& to_be_signed,
00124                                RandomNumberGenerator& rng);
00125 
00126 /**
00127 * Create a CVC request. The key encoding will be implicitCA.
00128 * @param priv_key the private key associated with the requesting entity
00129 * @param chr the chr to appear in the certificate (to be provided without
00130 * sequence number)
00131 * @param hash_alg the string defining the hash algorithm to be used for the creation
00132 * of the signature
00133 * @param rng a random number generator
00134 * @result the new request
00135 */
00136 EAC1_1_Req BOTAN_DLL create_cvc_req(Private_Key const& priv_key,
00137                                     ASN1_Chr const& chr,
00138                                     std::string const& hash_alg,
00139                                     RandomNumberGenerator& rng);
00140 
00141 /**
00142 * Sign a CVC request.
00143 * @param signer_cert the certificate of the signing entity
00144 * @param priv_key the private key of the signing entity
00145 * @param req the request to be signed
00146 * @param seqnr the sequence number of the certificate to be created
00147 * @param seqnr_len the number of digits the sequence number will be
00148 * encoded in
00149 * @param domestic indicates whether to sign a domestic or a foreign
00150 * certificate: set to true for domestic
00151 * @param dvca_validity_months validity period in months
00152 * @param ca_is_validity_months validity period in months
00153 * @param rng a random number generator
00154 * @result the new certificate
00155 *
00156 **/
00157 EAC1_1_CVC BOTAN_DLL sign_request(EAC1_1_CVC const& signer_cert,
00158                                   Private_Key const& priv_key,
00159                                   EAC1_1_Req const& req,
00160                                   u32bit seqnr,
00161                                   u32bit seqnr_len,
00162                                   bool domestic,
00163                                   u32bit dvca_validity_months,
00164                                   u32bit ca_is_validity_months,
00165                                   RandomNumberGenerator& rng);
00166 }
00167 
00168 }
00169 
00170 #endif