Botan  1.11.15
src/lib/cert/cvc/cvc_gen_cert.h
Go to the documentation of this file.
00001 /*
00002 * EAC1_1 general CVC
00003 * (C) 2008 Falko Strenzke
00004 *     2008-2010 Jack Lloyd
00005 *
00006 * Botan is released under the Simplified BSD License (see license.txt)
00007 */
00008 
00009 #ifndef BOTAN_EAC_CVC_GEN_CERT_H__
00010 #define BOTAN_EAC_CVC_GEN_CERT_H__
00011 
00012 #include <botan/eac_obj.h>
00013 #include <botan/eac_asn_obj.h>
00014 #include <botan/ecdsa.h>
00015 #include <botan/pubkey.h>
00016 
00017 namespace Botan {
00018 
00019 /**
00020 *  This class represents TR03110 (EAC) v1.1 generalized CV Certificates
00021 */
00022 template<typename Derived>
00023 class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1_1_obj
00024    {
00025       friend class EAC1_1_obj<EAC1_1_gen_CVC>;
00026 
00027    public:
00028 
00029       /**
00030       * Get this certificates public key.
00031       * @result this certificates public key
00032       */
00033       Public_Key* subject_public_key() const;
00034 
00035       /**
00036       * Find out whether this object is self signed.
00037       * @result true if this object is self signed
00038       */
00039       bool is_self_signed() const;
00040 
00041       /**
00042       * Get the CHR of the certificate.
00043       * @result the CHR of the certificate
00044       */
00045       ASN1_Chr get_chr() const;
00046 
00047       /**
00048       * Put the DER encoded version of this object into a pipe. PEM
00049       * is not supported.
00050       * @param out the pipe to push the DER encoded version into
00051       * @param encoding the encoding to use. Must be DER.
00052       */
00053       void encode(Pipe& out, X509_Encoding encoding) const;
00054 
00055       /**
00056       * Get the to-be-signed (TBS) data of this object.
00057       * @result the TBS data of this object
00058       */
00059       std::vector<byte> tbs_data() const;
00060 
00061       /**
00062       * Build the DER encoded certifcate body of an object
00063       * @param tbs the data to be signed
00064       * @result the correctly encoded body of the object
00065       */
00066       static std::vector<byte> build_cert_body(const std::vector<byte>& tbs);
00067 
00068       /**
00069       * Create a signed generalized CVC object.
00070       * @param signer the signer used to sign this object
00071       * @param tbs_bits the body the generalized CVC object to be signed
00072       * @param rng a random number generator
00073       * @result the DER encoded signed generalized CVC object
00074       */
00075       static std::vector<byte> make_signed(
00076          PK_Signer& signer,
00077          const std::vector<byte>& tbs_bits,
00078          RandomNumberGenerator& rng);
00079 
00080       EAC1_1_gen_CVC() { m_pk = 0; }
00081 
00082       virtual ~EAC1_1_gen_CVC<Derived>()
00083          { delete m_pk; }
00084 
00085    protected:
00086       ECDSA_PublicKey* m_pk;
00087       ASN1_Chr m_chr;
00088       bool self_signed;
00089 
00090       static void decode_info(DataSource& source,
00091                               std::vector<byte> & res_tbs_bits,
00092                               ECDSA_Signature & res_sig);
00093 
00094    };
00095 
00096 template<typename Derived> ASN1_Chr EAC1_1_gen_CVC<Derived>::get_chr() const
00097    {
00098    return m_chr;
00099    }
00100 
00101 template<typename Derived> bool EAC1_1_gen_CVC<Derived>::is_self_signed() const
00102    {
00103    return self_signed;
00104    }
00105 
00106 template<typename Derived>
00107 std::vector<byte> EAC1_1_gen_CVC<Derived>::make_signed(
00108    PK_Signer& signer,
00109    const std::vector<byte>& tbs_bits,
00110    RandomNumberGenerator& rng) // static
00111    {
00112    const auto concat_sig = signer.sign_message(tbs_bits, rng);
00113 
00114    return DER_Encoder()
00115       .start_cons(ASN1_Tag(33), APPLICATION)
00116       .raw_bytes(tbs_bits)
00117       .encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
00118       .end_cons()
00119       .get_contents_unlocked();
00120    }
00121 
00122 template<typename Derived>
00123 Public_Key* EAC1_1_gen_CVC<Derived>::subject_public_key() const
00124    {
00125    return new ECDSA_PublicKey(*m_pk);
00126    }
00127 
00128 template<typename Derived> std::vector<byte> EAC1_1_gen_CVC<Derived>::build_cert_body(const std::vector<byte>& tbs)
00129    {
00130    return DER_Encoder()
00131       .start_cons(ASN1_Tag(78), APPLICATION)
00132       .raw_bytes(tbs)
00133       .end_cons().get_contents_unlocked();
00134    }
00135 
00136 template<typename Derived> std::vector<byte> EAC1_1_gen_CVC<Derived>::tbs_data() const
00137    {
00138    return build_cert_body(EAC1_1_obj<Derived>::tbs_bits);
00139    }
00140 
00141 template<typename Derived> void EAC1_1_gen_CVC<Derived>::encode(Pipe& out, X509_Encoding encoding) const
00142    {
00143    std::vector<byte> concat_sig(EAC1_1_obj<Derived>::m_sig.get_concatenation());
00144    std::vector<byte> der = DER_Encoder()
00145       .start_cons(ASN1_Tag(33), APPLICATION)
00146       .start_cons(ASN1_Tag(78), APPLICATION)
00147       .raw_bytes(EAC1_1_obj<Derived>::tbs_bits)
00148       .end_cons()
00149       .encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
00150       .end_cons()
00151       .get_contents_unlocked();
00152 
00153    if (encoding == PEM)
00154       throw Invalid_Argument("EAC1_1_gen_CVC::encode() cannot PEM encode an EAC object");
00155    else
00156       out.write(der);
00157    }
00158 
00159 template<typename Derived>
00160 void EAC1_1_gen_CVC<Derived>::decode_info(
00161    DataSource& source,
00162    std::vector<byte> & res_tbs_bits,
00163    ECDSA_Signature & res_sig)
00164    {
00165    std::vector<byte> concat_sig;
00166    BER_Decoder(source)
00167       .start_cons(ASN1_Tag(33))
00168       .start_cons(ASN1_Tag(78))
00169       .raw_bytes(res_tbs_bits)
00170       .end_cons()
00171       .decode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
00172       .end_cons();
00173    res_sig = decode_concatenation(concat_sig);
00174    }
00175 
00176 }
00177 
00178 #endif
00179 
00180