Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
ITS - Intelligent Transport Systems
ITS
Commits
26277d48
Commit
26277d48
authored
Sep 14, 2018
by
Denis Filatov
Browse files
fix usage of pre-defined public keys for certificate
parent
999abd07
Changes
2
Hide whitespace changes
Inline
Side-by-side
tools/itscertgen/asn1certgen/asn1certgen.c
View file @
26277d48
...
...
@@ -17,10 +17,9 @@ static const char * _certName = NULL;
static
char
*
_profileName
=
NULL
;
static
char
*
_signerName
=
NULL
;
static
ecc_format
_outKeyFormat
=
ecc_bin
;
static
const
char
*
_verificationKey
=
NULL
;
static
const
char
*
_decriptionKey
=
NULL
;
static
const
char
*
_keyPath
=
NULL
;
static
int
_force
=
0
;
static
int
_no_gen
=
0
;
static
const
char
*
_cfgFile
=
NULL
;
static
int
_debug
=
0
;
static
int
_xer
=
0
;
...
...
@@ -70,10 +69,9 @@ static copt_t _options [] = {
{
"k"
,
"key-format"
,
COPT_STRENUM
,
(
void
*
)
_key_formats
,
"Keys output format (bin|hex|pem)[binary by default]"
},
{
"S"
,
"certs"
,
COPT_STR
,
(
void
*
)
&
_searchPath
,
"Certificates search path [Output path by default]"
},
{
"K"
,
"keys"
,
COPT_STR
,
(
void
*
)
&
_keyPath
,
"Private key storage path [Output path by default]"
},
{
"f"
,
"force"
,
COPT_BOOL
,
(
void
*
)
&
_force
,
"Force regenerate existing certificate and keys"
},
{
"n"
,
"name"
,
COPT_STR
,
(
void
*
)
&
_certName
,
"Certificate name (take from profile by default)"
},
{
"v"
,
"vkey"
,
COPT_STR
,
(
void
*
)
&
_verificationKey
,
"Verification public key (generate key pair by default)"
},
{
"e"
,
"ekey"
,
COPT_STR
,
(
void
*
)
&
_decriptionKey
,
"Encription public key (generate key pair if neccessary)"
},
{
"f"
,
"force"
,
COPT_BOOL
,
(
void
*
)
&
_force
,
"Force regenerate existing certificate and keys. [use existing by default]"
},
{
"e"
,
"no-generate"
,
COPT_BOOL
,
(
void
*
)
&
_no_gen
,
"Do not generate keys. [generate if necessary by default]"
},
{
"n"
,
"name"
,
COPT_STR
,
(
void
*
)
&
_certName
,
"Certificate name (take from profile by default)"
},
{
"s"
,
"signer"
,
COPT_STR
,
(
void
*
)
&
_signerName
,
"Signer certificate name [take from profile by default]"
},
{
"D"
,
"debug"
,
COPT_BOOL
,
(
void
*
)
&
_debug
,
"Dump hashes and other values [false]"
},
{
"x"
,
"oxer"
,
COPT_BOOL
,
(
void
*
)
&
_xer
,
"Decode OER certificate to XER [false]"
},
...
...
@@ -84,8 +82,8 @@ char * _bin2hex(char * hex, size_t hlen, const char * bin, size_t blen);
static
int
is_CurvePoint_empty
(
EccP256CurvePoint_t
*
point
);
static
void
fill_curve_point_eccP256
(
EccP256CurvePoint_t
*
point
,
ecc_curve_id
curveType
,
char
*
keyPath
);
static
void
fill_curve_point_eccP384
(
EccP384CurvePoint_t
*
point
,
ecc_curve_id
curveType
,
char
*
keyPath
);
static
int
fill_curve_point_eccP256
(
EccP256CurvePoint_t
*
point
,
ecc_curve_id
curveType
,
char
*
keyPath
);
static
int
fill_curve_point_eccP384
(
EccP384CurvePoint_t
*
point
,
ecc_curve_id
curveType
,
char
*
keyPath
);
static
int
_issuer_parser_cb
(
pxml_chunk_type_e
_type
,
const
void
*
_chunk_data
,
size_t
_chunk_size
,
void
*
_key
)
...
...
@@ -403,46 +401,54 @@ int main(int argc, char ** argv)
// generate keys if necessary
// buf = name of private key file
int
rc
=
-
1
;
cvstrncpy
(
buf
,
CERT_MAX_SIZE
,
_keyPath
,
"/"
,
_profileName
,
EXT_VKEY
,
NULL
);
switch
(
cert
->
toBeSigned
.
verifyKeyIndicator
.
present
){
case
VerificationKeyIndicator_PR_verificationKey
:
switch
(
cert
->
toBeSigned
.
verifyKeyIndicator
.
choice
.
verificationKey
.
present
){
case
PublicVerificationKey_PR_ecdsaNistP256
:
fill_curve_point_eccP256
(
&
cert
->
toBeSigned
.
verifyKeyIndicator
.
choice
.
verificationKey
.
choice
.
ecdsaNistP256
,
ecies_nistp256
,
buf
);
rc
=
fill_curve_point_eccP256
(
&
cert
->
toBeSigned
.
verifyKeyIndicator
.
choice
.
verificationKey
.
choice
.
ecdsaNistP256
,
ecies_nistp256
,
buf
);
break
;
case
PublicVerificationKey_PR_ecdsaBrainpoolP256r1
:
fill_curve_point_eccP256
(
&
cert
->
toBeSigned
.
verifyKeyIndicator
.
choice
.
verificationKey
.
choice
.
ecdsaBrainpoolP256r1
,
ecies_brainpoolp256r
,
buf
);
rc
=
fill_curve_point_eccP256
(
&
cert
->
toBeSigned
.
verifyKeyIndicator
.
choice
.
verificationKey
.
choice
.
ecdsaBrainpoolP256r1
,
ecies_brainpoolp256r
,
buf
);
break
;
case
PublicVerificationKey_PR_ecdsaBrainpoolP384r1
:
fill_curve_point_eccP384
(
&
cert
->
toBeSigned
.
verifyKeyIndicator
.
choice
.
verificationKey
.
choice
.
ecdsaBrainpoolP384r1
,
ecies_brainpoolp384r
,
buf
);
rc
=
fill_curve_point_eccP384
(
&
cert
->
toBeSigned
.
verifyKeyIndicator
.
choice
.
verificationKey
.
choice
.
ecdsaBrainpoolP384r1
,
ecies_brainpoolp384r
,
buf
);
break
;
default:
fprintf
(
stderr
,
"Unknown verification key curve type
\n
"
);
return
-
1
;
}
break
;
case
VerificationKeyIndicator_PR_reconstructionValue
:
fprintf
(
stderr
,
"TODO: reconstruction value generation is unsupported yet
\n
"
);
re
turn
-
1
;
b
re
ak
;
case
VerificationKeyIndicator_PR_NOTHING
:
default:
fprintf
(
stderr
,
"Unknown verification key indicator type
\n
"
);
break
;
}
if
(
rc
<
0
){
return
-
1
;
}
if
(
cert
->
toBeSigned
.
encryptionKey
){
rc
=
-
1
;
cvstrncpy
(
buf
,
CERT_MAX_SIZE
,
_keyPath
,
"/"
,
_profileName
,
EXT_EKEY
,
NULL
);
switch
(
cert
->
toBeSigned
.
encryptionKey
->
publicKey
.
present
){
case
BasePublicEncryptionKey_PR_NOTHING
:
cert
->
toBeSigned
.
encryptionKey
->
publicKey
.
present
=
BasePublicEncryptionKey_PR_eciesNistP256
;
case
BasePublicEncryptionKey_PR_eciesNistP256
:
fill_curve_point_eccP256
(
&
cert
->
toBeSigned
.
encryptionKey
->
publicKey
.
choice
.
eciesNistP256
,
ecies_nistp256
,
buf
);
rc
=
fill_curve_point_eccP256
(
&
cert
->
toBeSigned
.
encryptionKey
->
publicKey
.
choice
.
eciesNistP256
,
ecies_nistp256
,
buf
);
break
;
case
BasePublicEncryptionKey_PR_eciesBrainpoolP256r1
:
fill_curve_point_eccP256
(
&
cert
->
toBeSigned
.
encryptionKey
->
publicKey
.
choice
.
eciesBrainpoolP256r1
,
ecies_brainpoolp256r
,
buf
);
rc
=
fill_curve_point_eccP256
(
&
cert
->
toBeSigned
.
encryptionKey
->
publicKey
.
choice
.
eciesBrainpoolP256r1
,
ecies_brainpoolp256r
,
buf
);
break
;
default:
fprintf
(
stderr
,
"Unknown encryption key curve type
\n
"
);
break
;
}
if
(
rc
<
0
){
return
-
1
;
}
}
cvstrncpy
(
buf
,
CERT_MAX_SIZE
,
_outPath
,
"/"
,
_profileName
,
EXT_CERT
,
NULL
);
...
...
@@ -483,17 +489,18 @@ static int is_CurvePoint_empty(EccP256CurvePoint_t* point)
}
return
1
;
}
static
void
fill_curve_point_eccP256
(
EccP256CurvePoint_t
*
point
,
ecc_curve_id
curveType
,
char
*
keyPath
)
static
int
fill_curve_point_eccP256
(
EccP256CurvePoint_t
*
point
,
ecc_curve_id
curveType
,
char
*
keyPath
)
{
fill_curve_point_eccP384
((
EccP384CurvePoint_t
*
)
point
,
curveType
,
keyPath
);
return
fill_curve_point_eccP384
((
EccP384CurvePoint_t
*
)
point
,
curveType
,
keyPath
);
}
static
void
fill_curve_point_eccP384
(
EccP384CurvePoint_t
*
point
,
ecc_curve_id
curveType
,
char
*
keyPath
)
static
int
fill_curve_point_eccP384
(
EccP384CurvePoint_t
*
point
,
ecc_curve_id
curveType
,
char
*
keyPath
)
{
void
*
key
=
NULL
;
char
x
[
48
],
y
[
48
];
int
compressed_y
;
int
fsize
;
int
rc
=
-
1
;
char
*
e_pub
=
keyPath
+
strlen
(
keyPath
);
if
(
!
_force
){
// check for public key
...
...
@@ -509,6 +516,10 @@ static void fill_curve_point_eccP384(EccP384CurvePoint_t* point, ecc_curve_id cu
if
(
key
==
NULL
){
key
=
ecc_key_private_load
(
keyPath
,
curveType
);
if
(
key
==
NULL
){
if
(
_no_gen
){
fprintf
(
stderr
,
"ERROR: Key %s or %s%s not found
\n
"
,
keyPath
,
keyPath
,
EXT_PUB
);
return
rc
;
}
if
(
_debug
){
fprintf
(
stderr
,
"DEBUG: generate key %s
\n
"
,
keyPath
);
}
...
...
@@ -538,6 +549,8 @@ static void fill_curve_point_eccP384(EccP384CurvePoint_t* point, ecc_curve_id cu
*
_bin2hex
(
hex
,
sizeof
(
hex
),
y
,
fsize
)
=
0
;
fprintf
(
stderr
,
"DEBUG: %s_pub.y=%s
\n
"
,
keyPath
,
hex
);
}
rc
=
0
;
}
ecc_key_free
(
key
);
return
rc
;
}
tools/itscertgen/cshared/copts.c
View file @
26277d48
...
...
@@ -613,8 +613,9 @@ static const char* valnames[] = {
"num"
,
/* COPT_USHORT */
"chr"
,
/* COPT_CHAR */
"str"
,
/* COPT_STR */
"addr"
,
/* COPT_HOST */
"str"
,
/* COPT_STRLIST*/
"addr"
,
/* COPT_HOST */
"path"
,
/* COPT_PATH */
"str"
,
/* COPT_STRLIST*/
"str"
,
/* COPT_STRENUM*/
"file"
,
/* COPT_CFGFILE*/
NULL
,
/* COPT_HELP */
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment