mirror of
https://github.com/jakcron/nstool.git
synced 2025-01-08 19:05:28 +00:00
Prepared for future ecc signature support.
This commit is contained in:
parent
0f16231638
commit
5c970a2986
|
@ -417,7 +417,7 @@ void nstool::KeyBagInitializer::importBaseKeyFile(const tc::io::Path& keyfile_pa
|
||||||
// Save PKI Root Key
|
// Save PKI Root Key
|
||||||
if (pki_root_sign_key.isSet())
|
if (pki_root_sign_key.isSet())
|
||||||
{
|
{
|
||||||
broadon_rsa_signer["Root"] = { tc::ByteData(), pki_root_sign_key.get() };
|
broadon_signer["Root"] = { tc::ByteData(), nn::pki::sign::SIGN_ALGO_RSA4096, pki_root_sign_key.get() };
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -465,12 +465,13 @@ void nstool::KeyBagInitializer::importCertificateChain(const tc::io::Path& cert_
|
||||||
|
|
||||||
switch (cert.getBody().getPublicKeyType()) {
|
switch (cert.getBody().getPublicKeyType()) {
|
||||||
case nn::pki::cert::PublicKeyType::RSA2048:
|
case nn::pki::cert::PublicKeyType::RSA2048:
|
||||||
broadon_rsa_signer[cert_identity] = { cert.getBytes(), cert.getBody().getRsa2048PublicKey() };
|
broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_RSA2048, cert.getBody().getRsa2048PublicKey() };
|
||||||
break;
|
break;
|
||||||
case nn::pki::cert::PublicKeyType::RSA4096:
|
case nn::pki::cert::PublicKeyType::RSA4096:
|
||||||
broadon_rsa_signer[cert_identity] = { cert.getBytes(), cert.getBody().getRsa4096PublicKey() };
|
broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_RSA4096, cert.getBody().getRsa4096PublicKey() };
|
||||||
break;
|
break;
|
||||||
case nn::pki::cert::PublicKeyType::ECDSA240:
|
case nn::pki::cert::PublicKeyType::ECDSA240:
|
||||||
|
// broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_ECDSA240, cert.getBody().getRsa4096PublicKey() };
|
||||||
fmt::print("[WARNING] Certificate {:s} will not be imported. ecc233 public keys are not supported yet.\n", cert_identity);
|
fmt::print("[WARNING] Certificate {:s} will not be imported. ecc233 public keys are not supported yet.\n", cert_identity);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
|
12
src/KeyBag.h
12
src/KeyBag.h
|
@ -15,6 +15,7 @@ struct KeyBag
|
||||||
using aes128_key_t = nn::hac::detail::aes128_key_t;
|
using aes128_key_t = nn::hac::detail::aes128_key_t;
|
||||||
using aes128_xtskey_t = nn::hac::detail::aes128_xtskey_t;
|
using aes128_xtskey_t = nn::hac::detail::aes128_xtskey_t;
|
||||||
using rsa_key_t = tc::crypto::RsaKey;
|
using rsa_key_t = tc::crypto::RsaKey;
|
||||||
|
//using ecc_key_t = tc::crypto::EccKey;
|
||||||
using rights_id_t = nn::hac::detail::rights_id_t;
|
using rights_id_t = nn::hac::detail::rights_id_t;
|
||||||
using key_generation_t = byte_t;
|
using key_generation_t = byte_t;
|
||||||
using broadon_issuer_t = std::string;
|
using broadon_issuer_t = std::string;
|
||||||
|
@ -51,13 +52,16 @@ struct KeyBag
|
||||||
std::map<key_generation_t, aes128_key_t> etik_common_key;
|
std::map<key_generation_t, aes128_key_t> etik_common_key;
|
||||||
|
|
||||||
// BroadOn signer profiles (for es cert and es tik)
|
// BroadOn signer profiles (for es cert and es tik)
|
||||||
// BroadOn RSA Keys
|
// BroadOn Keys
|
||||||
struct BroadOnRsaSignerProfile
|
struct BroadOnSignerProfile
|
||||||
{
|
{
|
||||||
tc::ByteData certificate;
|
tc::ByteData certificate;
|
||||||
rsa_key_t key;
|
|
||||||
|
nn::pki::sign::SignatureAlgo key_type;
|
||||||
|
rsa_key_t rsa_key;
|
||||||
|
// ecc_key_t ecc_key;
|
||||||
};
|
};
|
||||||
std::map<broadon_issuer_t, BroadOnRsaSignerProfile> broadon_rsa_signer;
|
std::map<broadon_issuer_t, BroadOnSignerProfile> broadon_signer;
|
||||||
};
|
};
|
||||||
|
|
||||||
class KeyBagInitializer : public KeyBag
|
class KeyBagInitializer : public KeyBag
|
||||||
|
|
Loading…
Reference in a new issue