https://fedorahosted.org/pki/ticket/304

TMS ECC infrastructure (enrollment with client-side and server-side key generation, and key archival)

1 files changed, 7 insertions, 3 deletions

diff --git a/base/tps/src/include/cms/CertEnroll.h b/base/tps/src/include/cms/CertEnroll.h
index 442e28e8c..4f06961d5 100644
--- a/base/tps/src/include/cms/CertEnroll.h
+++ b/base/tps/src/include/cms/CertEnroll.h
@@ -55,8 +55,9 @@ class CertEnroll
   TOKENDB_PUBLIC CertEnroll();
   TOKENDB_PUBLIC ~CertEnroll();
 
+
   SECKEYPublicKey *ParsePublicKeyBlob(unsigned char * /*blob*/,
-			 Buffer * /*challenge*/);
+      Buffer * /*challenge*/, bool isECC);
   Buffer *EnrollCertificate(SECKEYPublicKey * /*pk_parsed*/,
 		            const char *profileId,
 			    const char * /*uid*/,
@@ -64,12 +65,15 @@ class CertEnroll
                             char *error_msg,
 			    	SECItem** encodedPublicKeyInfo = NULL);
   ReturnStatus verifyProof(SECKEYPublicKey* /*pk*/, SECItem* /*siProof*/,
-			   unsigned short /*pkeyb_len*/, unsigned char* /*pkeyb*/,
-			   Buffer* /*challenge*/);
+          unsigned short /*pkeyb_len*/, unsigned char* /*pkeyb*/,
+           Buffer* /*challenge*/, bool /*isECC*/);
   TOKENDB_PUBLIC Buffer *RenewCertificate(PRUint64 serialno, const char *connid, const char *profileId, char *error_msg);
   TOKENDB_PUBLIC int RevokeCertificate(const char *reason, const char *serialno, const char *connid, char *&status);
   TOKENDB_PUBLIC int UnrevokeCertificate(const char *serialno, const char *connid, char *&status);
   PSHttpResponse * sendReqToCA(const char *servlet, const char *parameters, const char *connid);
   Buffer * parseResponse(PSHttpResponse * /*resp*/);
+
+  SECKEYECParams * encode_ec_params(char *curve);
+
 };
 #endif /* CERTENROLL_H */