Botan
1.11.15
|
00001 /* 00002 * (C) 2007 FlexSecure GmbH 00003 * 2008-2010 Jack Lloyd 00004 * 00005 * Botan is released under the Simplified BSD License (see license.txt) 00006 */ 00007 00008 #include <botan/cvc_cert.h> 00009 #include <botan/oids.h> 00010 00011 namespace Botan { 00012 00013 ASN1_Car EAC1_1_CVC::get_car() const 00014 { 00015 return m_car; 00016 } 00017 00018 ASN1_Ced EAC1_1_CVC::get_ced() const 00019 { 00020 return m_ced; 00021 } 00022 ASN1_Cex EAC1_1_CVC::get_cex() const 00023 { 00024 return m_cex; 00025 } 00026 u32bit EAC1_1_CVC::get_chat_value() const 00027 { 00028 return m_chat_val; 00029 } 00030 00031 /* 00032 * Decode the TBSCertificate data 00033 */ 00034 void EAC1_1_CVC::force_decode() 00035 { 00036 std::vector<byte> enc_pk; 00037 std::vector<byte> enc_chat_val; 00038 size_t cpi; 00039 BER_Decoder tbs_cert(tbs_bits); 00040 tbs_cert.decode(cpi, ASN1_Tag(41), APPLICATION) 00041 .decode(m_car) 00042 .start_cons(ASN1_Tag(73)) 00043 .raw_bytes(enc_pk) 00044 .end_cons() 00045 .decode(m_chr) 00046 .start_cons(ASN1_Tag(76)) 00047 .decode(m_chat_oid) 00048 .decode(enc_chat_val, OCTET_STRING, ASN1_Tag(19), APPLICATION) 00049 .end_cons() 00050 .decode(m_ced) 00051 .decode(m_cex) 00052 .verify_end(); 00053 00054 if(enc_chat_val.size() != 1) 00055 throw Decoding_Error("CertificateHolderAuthorizationValue was not of length 1"); 00056 00057 if(cpi != 0) 00058 throw Decoding_Error("EAC1_1 certificate's cpi was not 0"); 00059 00060 m_pk = decode_eac1_1_key(enc_pk, sig_algo); 00061 00062 m_chat_val = enc_chat_val[0]; 00063 00064 self_signed = (m_car.iso_8859() == m_chr.iso_8859()); 00065 } 00066 00067 /* 00068 * CVC Certificate Constructor 00069 */ 00070 EAC1_1_CVC::EAC1_1_CVC(DataSource& in) 00071 { 00072 init(in); 00073 self_signed = false; 00074 do_decode(); 00075 } 00076 00077 EAC1_1_CVC::EAC1_1_CVC(const std::string& in) 00078 { 00079 DataSource_Stream stream(in, true); 00080 init(stream); 00081 self_signed = false; 00082 do_decode(); 00083 } 00084 00085 bool EAC1_1_CVC::operator==(EAC1_1_CVC const& rhs) const 00086 { 00087 return (tbs_data() == rhs.tbs_data() 00088 && get_concat_sig() == rhs.get_concat_sig()); 00089 } 00090 00091 ECDSA_PublicKey* decode_eac1_1_key(const std::vector<byte>&, 00092 AlgorithmIdentifier&) 00093 { 00094 throw Internal_Error("decode_eac1_1_key: Unimplemented"); 00095 return 0; 00096 } 00097 00098 EAC1_1_CVC make_cvc_cert(PK_Signer& signer, 00099 const std::vector<byte>& public_key, 00100 ASN1_Car const& car, 00101 ASN1_Chr const& chr, 00102 byte holder_auth_templ, 00103 ASN1_Ced ced, 00104 ASN1_Cex cex, 00105 RandomNumberGenerator& rng) 00106 { 00107 OID chat_oid(OIDS::lookup("CertificateHolderAuthorizationTemplate")); 00108 std::vector<byte> enc_chat_val; 00109 enc_chat_val.push_back(holder_auth_templ); 00110 00111 std::vector<byte> enc_cpi; 00112 enc_cpi.push_back(0x00); 00113 std::vector<byte> tbs = DER_Encoder() 00114 .encode(enc_cpi, OCTET_STRING, ASN1_Tag(41), APPLICATION) // cpi 00115 .encode(car) 00116 .raw_bytes(public_key) 00117 .encode(chr) 00118 .start_cons(ASN1_Tag(76), APPLICATION) 00119 .encode(chat_oid) 00120 .encode(enc_chat_val, OCTET_STRING, ASN1_Tag(19), APPLICATION) 00121 .end_cons() 00122 .encode(ced) 00123 .encode(cex) 00124 .get_contents_unlocked(); 00125 00126 std::vector<byte> signed_cert = 00127 EAC1_1_CVC::make_signed(signer, 00128 EAC1_1_CVC::build_cert_body(tbs), 00129 rng); 00130 00131 DataSource_Memory source(signed_cert); 00132 return EAC1_1_CVC(source); 00133 } 00134 00135 }