mirrors/nstool
1
0
Fork 0
mirror of https://github.com/jakcron/nstool.git synced 2024-12-22 10:45:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Prepared for future ecc signature support.

Browse source
This commit is contained in:
jakcron 2021-09-30 19:40:27 +08:00
parent 0f16231638
commit 5c970a2986
2 changed files with 12 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/KeyBag.cpp
View file

@ -417,7 +417,7 @@ void nstool::KeyBagInitializer::importBaseKeyFile(const tc::io::Path& keyfile_pa
// Save PKI Root Key
if (pki_root_sign_key.isSet())
{
broadon_rsa_signer["Root"] = { tc::ByteData(), pki_root_sign_key.get() };
broadon_signer["Root"] = { tc::ByteData(), nn::pki::sign::SIGN_ALGO_RSA4096, pki_root_sign_key.get() };
}
}
@ -465,12 +465,13 @@ void nstool::KeyBagInitializer::importCertificateChain(const tc::io::Path& cert_
switch (cert.getBody().getPublicKeyType()) {
case nn::pki::cert::PublicKeyType::RSA2048:
broadon_rsa_signer[cert_identity] = { cert.getBytes(), cert.getBody().getRsa2048PublicKey() };
broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_RSA2048, cert.getBody().getRsa2048PublicKey() };
break;
case nn::pki::cert::PublicKeyType::RSA4096:
broadon_rsa_signer[cert_identity] = { cert.getBytes(), cert.getBody().getRsa4096PublicKey() };
broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_RSA4096, cert.getBody().getRsa4096PublicKey() };
break;
case nn::pki::cert::PublicKeyType::ECDSA240:
// broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_ECDSA240, cert.getBody().getRsa4096PublicKey() };
fmt::print("[WARNING] Certificate {:s} will not be imported. ecc233 public keys are not supported yet.\n", cert_identity);
break;
default:

12
src/KeyBag.h
View file

@ -15,6 +15,7 @@ struct KeyBag
using aes128_key_t = nn::hac::detail::aes128_key_t;
using aes128_xtskey_t = nn::hac::detail::aes128_xtskey_t;
using rsa_key_t = tc::crypto::RsaKey;
//using ecc_key_t = tc::crypto::EccKey;
using rights_id_t = nn::hac::detail::rights_id_t;
using key_generation_t = byte_t;
using broadon_issuer_t = std::string;
@ -51,13 +52,16 @@ struct KeyBag
std::map<key_generation_t, aes128_key_t> etik_common_key;
// BroadOn signer profiles (for es cert and es tik)
// BroadOn RSA Keys
struct BroadOnRsaSignerProfile
// BroadOn Keys
struct BroadOnSignerProfile
{
tc::ByteData certificate;
rsa_key_t key;
nn::pki::sign::SignatureAlgo key_type;
rsa_key_t rsa_key;
// ecc_key_t ecc_key;
};
std::map<broadon_issuer_t, BroadOnRsaSignerProfile> broadon_rsa_signer;
std::map<broadon_issuer_t, BroadOnSignerProfile> broadon_signer;
};
class KeyBagInitializer : public KeyBag