diff options
Diffstat (limited to 'base/tps/src/include')
| -rw-r--r-- | base/tps/src/include/cms/CertEnroll.h | 10 | ||||
| -rw-r--r-- | base/tps/src/include/engine/RA.h | 14 | ||||
| -rw-r--r-- | base/tps/src/include/main/Buffer.h | 3 | ||||
| -rw-r--r-- | base/tps/src/include/processor/RA_Enroll_Processor.h | 68 |
4 files changed, 55 insertions, 40 deletions
diff --git a/base/tps/src/include/cms/CertEnroll.h b/base/tps/src/include/cms/CertEnroll.h index 442e28e8c..4f06961d5 100644 --- a/base/tps/src/include/cms/CertEnroll.h +++ b/base/tps/src/include/cms/CertEnroll.h @@ -55,8 +55,9 @@ class CertEnroll TOKENDB_PUBLIC CertEnroll(); TOKENDB_PUBLIC ~CertEnroll(); + SECKEYPublicKey *ParsePublicKeyBlob(unsigned char * /*blob*/, - Buffer * /*challenge*/); + Buffer * /*challenge*/, bool isECC); Buffer *EnrollCertificate(SECKEYPublicKey * /*pk_parsed*/, const char *profileId, const char * /*uid*/, @@ -64,12 +65,15 @@ class CertEnroll char *error_msg, SECItem** encodedPublicKeyInfo = NULL); ReturnStatus verifyProof(SECKEYPublicKey* /*pk*/, SECItem* /*siProof*/, - unsigned short /*pkeyb_len*/, unsigned char* /*pkeyb*/, - Buffer* /*challenge*/); + unsigned short /*pkeyb_len*/, unsigned char* /*pkeyb*/, + Buffer* /*challenge*/, bool /*isECC*/); TOKENDB_PUBLIC Buffer *RenewCertificate(PRUint64 serialno, const char *connid, const char *profileId, char *error_msg); TOKENDB_PUBLIC int RevokeCertificate(const char *reason, const char *serialno, const char *connid, char *&status); TOKENDB_PUBLIC int UnrevokeCertificate(const char *serialno, const char *connid, char *&status); PSHttpResponse * sendReqToCA(const char *servlet, const char *parameters, const char *connid); Buffer * parseResponse(PSHttpResponse * /*resp*/); + + SECKEYECParams * encode_ec_params(char *curve); + }; #endif /* CERTENROLL_H */ diff --git a/base/tps/src/include/engine/RA.h b/base/tps/src/include/engine/RA.h index ea04aa4d5..3ec0143d8 100644 --- a/base/tps/src/include/engine/RA.h +++ b/base/tps/src/include/engine/RA.h @@ -80,6 +80,13 @@ enum RA_Log_Level { LL_ALL_DATA_IN_PDU = 9 }; +enum RA_Algs { + ALG_RSA = 1, + ALG_RSA_CRT = 2, + ALG_DSA = 3, + ALG_EC_F2M = 4, + ALG_EC_FP = 5 +}; #ifdef XP_WIN32 #define TPS_PUBLIC __declspec(dllexport) @@ -125,12 +132,12 @@ class RA char** kek_kekSessionKey_s, char **keycheck_s, const char *connId); - static void ServerSideKeyGen(RA_Session *session, const char* cuid, + static void ServerSideKeyGen(RA_Session *session, const char* cuid, const char *userid, char* kekSessionKey_s, - char **publickey_s, + char **publickey_s, char **wrappedPrivateKey_s, char **ivParam_s, const char *connId, - bool archive, int keysize); + bool archive, int keysize, bool isECC); static void RecoverKey(RA_Session *session, const char* cuid, const char *userid, char* kekSessionKey_s, char *cert_s, char **publickey_s, @@ -368,6 +375,7 @@ class RA static void CleanupPublishers(); static int Failover(HttpConnection *&conn, int len); + static bool isAlgorithmECC(BYTE algorithm); TPS_PUBLIC static SECCertificateUsage getCertificateUsage(const char *certusage); TPS_PUBLIC static bool verifySystemCertByNickname(const char *nickname, const char *certUsage); TPS_PUBLIC static bool verifySystemCerts(); diff --git a/base/tps/src/include/main/Buffer.h b/base/tps/src/include/main/Buffer.h index 4fa7af6df..e3f08925e 100644 --- a/base/tps/src/include/main/Buffer.h +++ b/base/tps/src/include/main/Buffer.h @@ -167,6 +167,9 @@ class Buffer { */ TPS_PUBLIC void replace(unsigned int i, const BYTE* cpy, unsigned int n); + TPS_PUBLIC unsigned char* getBuf(); + TPS_PUBLIC unsigned int getLen(); + /** * returns a hex version of the buffer */ diff --git a/base/tps/src/include/processor/RA_Enroll_Processor.h b/base/tps/src/include/processor/RA_Enroll_Processor.h index b78d33f36..373465064 100644 --- a/base/tps/src/include/processor/RA_Enroll_Processor.h +++ b/base/tps/src/include/processor/RA_Enroll_Processor.h @@ -50,40 +50,40 @@ class RA_Enroll_Processor : public RA_Processor { - public: - TPS_PUBLIC RA_Enroll_Processor(); - TPS_PUBLIC ~RA_Enroll_Processor(); - public: - int ParsePublicKeyBlob(unsigned char *blob, - unsigned char *challenge, - SECKEYPublicKey *pk); - RA_Status DoEnrollment(AuthParams *login, RA_Session *session, - CERTCertificate **certificates, - char **origins, - char **ktypes, - int pkcs11obj, - PKCS11Obj * pkcs_objx, - NameValueSet *extensions, - int index, int keyTypeNum, - int start_progress, - int end_progress, - Secure_Channel *channel, Buffer *wrapped_challenge, - const char *tokenType, - const char *keyType, - Buffer *key_check, - Buffer *plaintext_challenge, - const char *cuid, - const char *msn, - const char *khex, - TokenKeyType key_type, - const char *profileId, - const char *userid, - const char *cert_id, - const char *publisher_id, - const char *cert_attr_id, - const char *pri_attr_id, - const char *pub_attr_id, - BYTE se_p1, BYTE se_p2, int keysize, const char *connid, const char *keyTypePrefix,char * applet_version); + public: + TPS_PUBLIC RA_Enroll_Processor(); + TPS_PUBLIC ~RA_Enroll_Processor(); + public: + int ParsePublicKeyBlob(unsigned char *blob, + unsigned char *challenge, + SECKEYPublicKey *pk); + RA_Status DoEnrollment(AuthParams *login, RA_Session *session, + CERTCertificate **certificates, + char **origins, + char **ktypes, + int pkcs11obj, + PKCS11Obj * pkcs_objx, + NameValueSet *extensions, + int index, int keyTypeNum, + int start_progress, + int end_progress, + Secure_Channel *channel, Buffer *wrapped_challenge, + const char *tokenType, + const char *keyType, + Buffer *key_check, + Buffer *plaintext_challenge, + const char *cuid, + const char *msn, + const char *khex, + TokenKeyType key_type, + const char *profileId, + const char *userid, + const char *cert_id, + const char *publisher_id, + const char *cert_attr_id, + const char *pri_attr_id, + const char *pub_attr_id, + BYTE se_p1, BYTE se_p2, BYTE algorithm, int keysize, const char *connid, const char *keyTypePrefix,char * applet_version); bool DoRenewal(const char *connid, const char *profileId, |