mirrors/nstool
1
0
Fork 0
mirror of https://github.com/jakcron/nstool.git synced 2024-10-18 13:31:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Prepared for future ecc signature support.

Browse source
This commit is contained in:
jakcron 2021-09-30 19:40:27 +08:00
parent 0f16231638
commit 5c970a2986
2 changed files with 12 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/KeyBag.cpp
View file

@ -417,7 +417,7 @@ void nstool::KeyBagInitializer::importBaseKeyFile(const tc::io::Path& keyfile_pa
// Save PKI Root Key // Save PKI Root Key
if (pki_root_sign_key.isSet()) if (pki_root_sign_key.isSet())
{ {
broadon_rsa_signer["Root"] = { tc::ByteData(), pki_root_sign_key.get() }; broadon_signer["Root"] = { tc::ByteData(), nn::pki::sign::SIGN_ALGO_RSA4096, pki_root_sign_key.get() };
} }
} }
@ -465,12 +465,13 @@ void nstool::KeyBagInitializer::importCertificateChain(const tc::io::Path& cert_
switch (cert.getBody().getPublicKeyType()) { switch (cert.getBody().getPublicKeyType()) {
case nn::pki::cert::PublicKeyType::RSA2048: case nn::pki::cert::PublicKeyType::RSA2048:
broadon_rsa_signer[cert_identity] = { cert.getBytes(), cert.getBody().getRsa2048PublicKey() }; broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_RSA2048, cert.getBody().getRsa2048PublicKey() };
break; break;
case nn::pki::cert::PublicKeyType::RSA4096: case nn::pki::cert::PublicKeyType::RSA4096:
broadon_rsa_signer[cert_identity] = { cert.getBytes(), cert.getBody().getRsa4096PublicKey() }; broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_RSA4096, cert.getBody().getRsa4096PublicKey() };
break; break;
case nn::pki::cert::PublicKeyType::ECDSA240: case nn::pki::cert::PublicKeyType::ECDSA240:
// broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_ECDSA240, cert.getBody().getRsa4096PublicKey() };
fmt::print("[WARNING] Certificate {:s} will not be imported. ecc233 public keys are not supported yet.\n", cert_identity); fmt::print("[WARNING] Certificate {:s} will not be imported. ecc233 public keys are not supported yet.\n", cert_identity);
break; break;
default: default:

12
src/KeyBag.h
View file

@ -15,6 +15,7 @@ struct KeyBag
using aes128_key_t = nn::hac::detail::aes128_key_t; using aes128_key_t = nn::hac::detail::aes128_key_t;
using aes128_xtskey_t = nn::hac::detail::aes128_xtskey_t; using aes128_xtskey_t = nn::hac::detail::aes128_xtskey_t;
using rsa_key_t = tc::crypto::RsaKey; using rsa_key_t = tc::crypto::RsaKey;
//using ecc_key_t = tc::crypto::EccKey;
using rights_id_t = nn::hac::detail::rights_id_t; using rights_id_t = nn::hac::detail::rights_id_t;
using key_generation_t = byte_t; using key_generation_t = byte_t;
using broadon_issuer_t = std::string; using broadon_issuer_t = std::string;
@ -51,13 +52,16 @@ struct KeyBag
std::map<key_generation_t, aes128_key_t> etik_common_key; std::map<key_generation_t, aes128_key_t> etik_common_key;
// BroadOn signer profiles (for es cert and es tik) // BroadOn signer profiles (for es cert and es tik)
// BroadOn RSA Keys // BroadOn Keys
struct BroadOnRsaSignerProfile struct BroadOnSignerProfile
{ {
tc::ByteData certificate; tc::ByteData certificate;
rsa_key_t key;
nn::pki::sign::SignatureAlgo key_type;
rsa_key_t rsa_key;
// ecc_key_t ecc_key;
}; };
std::map<broadon_issuer_t, BroadOnRsaSignerProfile> broadon_rsa_signer; std::map<broadon_issuer_t, BroadOnSignerProfile> broadon_signer;
}; };
class KeyBagInitializer : public KeyBag class KeyBagInitializer : public KeyBag