mirror of
https://github.com/jakcron/nstool
synced 2024-12-26 22:51:11 +00:00
Prepared for future ecc signature support.
This commit is contained in:
parent
0f16231638
commit
5c970a2986
2 changed files with 12 additions and 7 deletions
|
@ -417,7 +417,7 @@ void nstool::KeyBagInitializer::importBaseKeyFile(const tc::io::Path& keyfile_pa
|
|||
// Save PKI Root Key
|
||||
if (pki_root_sign_key.isSet())
|
||||
{
|
||||
broadon_rsa_signer["Root"] = { tc::ByteData(), pki_root_sign_key.get() };
|
||||
broadon_signer["Root"] = { tc::ByteData(), nn::pki::sign::SIGN_ALGO_RSA4096, pki_root_sign_key.get() };
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -465,12 +465,13 @@ void nstool::KeyBagInitializer::importCertificateChain(const tc::io::Path& cert_
|
|||
|
||||
switch (cert.getBody().getPublicKeyType()) {
|
||||
case nn::pki::cert::PublicKeyType::RSA2048:
|
||||
broadon_rsa_signer[cert_identity] = { cert.getBytes(), cert.getBody().getRsa2048PublicKey() };
|
||||
broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_RSA2048, cert.getBody().getRsa2048PublicKey() };
|
||||
break;
|
||||
case nn::pki::cert::PublicKeyType::RSA4096:
|
||||
broadon_rsa_signer[cert_identity] = { cert.getBytes(), cert.getBody().getRsa4096PublicKey() };
|
||||
broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_RSA4096, cert.getBody().getRsa4096PublicKey() };
|
||||
break;
|
||||
case nn::pki::cert::PublicKeyType::ECDSA240:
|
||||
// broadon_signer[cert_identity] = { cert.getBytes(), nn::pki::sign::SIGN_ALGO_ECDSA240, cert.getBody().getRsa4096PublicKey() };
|
||||
fmt::print("[WARNING] Certificate {:s} will not be imported. ecc233 public keys are not supported yet.\n", cert_identity);
|
||||
break;
|
||||
default:
|
||||
|
|
12
src/KeyBag.h
12
src/KeyBag.h
|
@ -15,6 +15,7 @@ struct KeyBag
|
|||
using aes128_key_t = nn::hac::detail::aes128_key_t;
|
||||
using aes128_xtskey_t = nn::hac::detail::aes128_xtskey_t;
|
||||
using rsa_key_t = tc::crypto::RsaKey;
|
||||
//using ecc_key_t = tc::crypto::EccKey;
|
||||
using rights_id_t = nn::hac::detail::rights_id_t;
|
||||
using key_generation_t = byte_t;
|
||||
using broadon_issuer_t = std::string;
|
||||
|
@ -51,13 +52,16 @@ struct KeyBag
|
|||
std::map<key_generation_t, aes128_key_t> etik_common_key;
|
||||
|
||||
// BroadOn signer profiles (for es cert and es tik)
|
||||
// BroadOn RSA Keys
|
||||
struct BroadOnRsaSignerProfile
|
||||
// BroadOn Keys
|
||||
struct BroadOnSignerProfile
|
||||
{
|
||||
tc::ByteData certificate;
|
||||
rsa_key_t key;
|
||||
|
||||
nn::pki::sign::SignatureAlgo key_type;
|
||||
rsa_key_t rsa_key;
|
||||
// ecc_key_t ecc_key;
|
||||
};
|
||||
std::map<broadon_issuer_t, BroadOnRsaSignerProfile> broadon_rsa_signer;
|
||||
std::map<broadon_issuer_t, BroadOnSignerProfile> broadon_signer;
|
||||
};
|
||||
|
||||
class KeyBagInitializer : public KeyBag
|
||||
|
|
Loading…
Reference in a new issue