Botan  1.10.9
cvc_gen_cert.h
Go to the documentation of this file.
1 /*
2 * EAC1_1 general CVC
3 * (C) 2008 Falko Strenzke
4 * 2008-2010 Jack Lloyd
5 *
6 * Distributed under the terms of the Botan license
7 */
8 
9 #ifndef BOTAN_EAC_CVC_GEN_CERT_H__
10 #define BOTAN_EAC_CVC_GEN_CERT_H__
11 
12 #include <botan/eac_obj.h>
13 #include <botan/eac_asn_obj.h>
14 #include <botan/ecdsa.h>
15 #include <botan/pubkey.h>
16 
17 namespace Botan {
18 
19 /**
20 * This class represents TR03110 (EAC) v1.1 generalized CV Certificates
21 */
22 template<typename Derived>
23 class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1_1_obj
24  {
25  friend class EAC1_1_obj<EAC1_1_gen_CVC>;
26 
27  public:
28 
29  /**
30  * Get this certificates public key.
31  * @result this certificates public key
32  */
34 
35  /**
36  * Find out whether this object is self signed.
37  * @result true if this object is self signed
38  */
39  bool is_self_signed() const;
40 
41  /**
42  * Get the CHR of the certificate.
43  * @result the CHR of the certificate
44  */
45  ASN1_Chr get_chr() const;
46 
47  /**
48  * Put the DER encoded version of this object into a pipe. PEM
49  * is not supported.
50  * @param out the pipe to push the DER encoded version into
51  * @param encoding the encoding to use. Must be DER.
52  */
53  void encode(Pipe& out, X509_Encoding encoding) const;
54 
55  /**
56  * Get the to-be-signed (TBS) data of this object.
57  * @result the TBS data of this object
58  */
60 
61  /**
62  * Build the DER encoded certifcate body of an object
63  * @param tbs the data to be signed
64  * @result the correctly encoded body of the object
65  */
67 
68  /**
69  * Create a signed generalized CVC object.
70  * @param signer the signer used to sign this object
71  * @param tbs_bits the body the generalized CVC object to be signed
72  * @param rng a random number generator
73  * @result the DER encoded signed generalized CVC object
74  */
76  PK_Signer& signer,
79 
80  EAC1_1_gen_CVC() { m_pk = 0; }
81 
83  { delete m_pk; }
84 
85  protected:
89 
90  static void decode_info(DataSource& source,
91  SecureVector<byte> & res_tbs_bits,
92  ECDSA_Signature & res_sig);
93 
94  };
95 
96 template<typename Derived> ASN1_Chr EAC1_1_gen_CVC<Derived>::get_chr() const
97  {
98  return m_chr;
99  }
100 
101 template<typename Derived> bool EAC1_1_gen_CVC<Derived>::is_self_signed() const
102  {
103  return self_signed;
104  }
105 
106 template<typename Derived>
108  PK_Signer& signer,
109  const MemoryRegion<byte>& tbs_bits,
110  RandomNumberGenerator& rng) // static
111  {
112  SecureVector<byte> concat_sig = signer.sign_message(tbs_bits, rng);
113 
114  return DER_Encoder()
116  .raw_bytes(tbs_bits)
117  .encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
118  .end_cons()
119  .get_contents();
120  }
121 
122 template<typename Derived>
124  {
125  return new ECDSA_PublicKey(*m_pk);
126  }
127 
129  {
130  return DER_Encoder()
132  .raw_bytes(tbs)
133  .end_cons().get_contents();
134  }
135 
136 template<typename Derived> SecureVector<byte> EAC1_1_gen_CVC<Derived>::tbs_data() const
137  {
138  return build_cert_body(EAC1_1_obj<Derived>::tbs_bits);
139  }
140 
141 template<typename Derived> void EAC1_1_gen_CVC<Derived>::encode(Pipe& out, X509_Encoding encoding) const
142  {
143  SecureVector<byte> concat_sig(EAC1_1_obj<Derived>::m_sig.get_concatenation());
148  .end_cons()
149  .encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
150  .end_cons()
151  .get_contents();
152 
153  if (encoding == PEM)
154  throw Invalid_Argument("EAC1_1_gen_CVC::encode() cannot PEM encode an EAC object");
155  else
156  out.write(der);
157  }
158 
159 template<typename Derived>
161  DataSource& source,
162  SecureVector<byte> & res_tbs_bits,
163  ECDSA_Signature & res_sig)
164  {
165  SecureVector<byte> concat_sig;
166  BER_Decoder(source)
167  .start_cons(ASN1_Tag(33))
168  .start_cons(ASN1_Tag(78))
169  .raw_bytes(res_tbs_bits)
170  .end_cons()
171  .decode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
172  .end_cons();
173  res_sig = decode_concatenation(concat_sig);
174  }
175 
176 }
177 
178 #endif
179 
180 
SecureVector< byte > get_contents()
Definition: der_enc.cpp:122
bool is_self_signed() const
Definition: cvc_gen_cert.h:101
void encode(Pipe &out, X509_Encoding encoding) const
Definition: cvc_gen_cert.h:141
DER_Encoder & raw_bytes(const byte val[], size_t len)
Definition: der_enc.cpp:188
void write(const byte in[], size_t length)
Definition: pipe_rw.cpp:34
BER_Decoder & decode(bool &)
Definition: ber_dec.cpp:338
X509_Encoding
Definition: pubkey_enums.h:67
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
DER_Encoder & end_cons()
Definition: der_enc.cpp:145
BER_Decoder start_cons(ASN1_Tag, ASN1_Tag=UNIVERSAL)
Definition: ber_dec.cpp:232
DER_Encoder & encode(bool b)
Definition: der_enc.cpp:209
RandomNumberGenerator * rng
Definition: global_rng.cpp:165
SecureVector< byte > sign_message(const byte in[], size_t length, RandomNumberGenerator &rng)
Definition: pubkey.cpp:160
BER_Decoder & end_cons()
Definition: ber_dec.cpp:246
static MemoryVector< byte > make_signed(PK_Signer &signer, const MemoryRegion< byte > &tbs_bits, RandomNumberGenerator &rng)
Definition: cvc_gen_cert.h:107
ASN1_Tag
Definition: asn1_int.h:19
ASN1_Chr get_chr() const
Definition: cvc_gen_cert.h:96
SecureVector< byte > tbs_data() const
Definition: cvc_gen_cert.h:136
ECDSA_Signature decode_concatenation(const MemoryRegion< byte > &concat)
Definition: ecdsa_sig.cpp:46
Public_Key * subject_public_key() const
Definition: cvc_gen_cert.h:123
BER_Decoder & raw_bytes(MemoryRegion< byte > &)
Definition: ber_dec.cpp:170
DER_Encoder & start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
Definition: der_enc.cpp:135
static SecureVector< byte > build_cert_body(MemoryRegion< byte > const &tbs)
Definition: cvc_gen_cert.h:128
SecureVector< byte > tbs_bits
Definition: signed_obj.h:86
static void decode_info(DataSource &source, SecureVector< byte > &res_tbs_bits, ECDSA_Signature &res_sig)
Definition: cvc_gen_cert.h:160
ECDSA_PublicKey * m_pk
Definition: cvc_gen_cert.h:86