ViewMTN: Diff from [695f5995..] to [11a5f681..]

The unified diff between revisions [695f5995..] and [11a5f681..] is displayed below. It can also be downloaded as a raw diff.
This diff has been restricted to the following files: 'checks/x509.cpp'
#
#
# patch "checks/x509.cpp"
#  from [b7b1f29116d8adf8338ebc0a604b57cc86a05313]
#    to [a34b23426d474040aad713b8f9e3a22c5588c036]
#
============================================================
--- checks/x509.cpp	b7b1f29116d8adf8338ebc0a604b57cc86a05313
+++ checks/x509.cpp	a34b23426d474040aad713b8f9e3a22c5588c036
@@ -1,4 +1,5 @@
-/* This file is in the public domain */
+
+#include <botan/filters.h>
 #include <botan/x509self.h>
 #include <botan/x509stor.h>
 #include <botan/x509_ca.h>
@@ -8,24 +9,49 @@ using namespace Botan;
 using namespace Botan;

 #include <iostream>
+#include <memory>

 X509_Cert_Options ca_opts();
 X509_Cert_Options req_opts1();
 X509_Cert_Options req_opts2();

-u32bit check_against_copy(const PKCS8_PrivateKey& orig)
+u64bit key_id(const Public_Key* key)
    {
-   PKCS8_PrivateKey* copy_priv = PKCS8::copy_key(orig);
-   X509_PublicKey* copy_pub = X509::copy_key(orig);
+   std::auto_ptr<X509_Encoder> encoder(key->x509_encoder());
+   if(!encoder.get())
+      throw Internal_Error("Public_Key:key_id: No encoder found");

+   Pipe pipe(new Hash_Filter("SHA-1", 8));
+   pipe.start_msg();
+   pipe.write(key->algo_name());
+   pipe.write(encoder->alg_id().parameters);
+   pipe.write(encoder->key_bits());
+   pipe.end_msg();
+
+   SecureVector<byte> output = pipe.read_all();
+
+   if(output.size() != 8)
+      throw Internal_Error("Public_Key::key_id: Incorrect output size");
+
+   u64bit id = 0;
+   for(u32bit j = 0; j != 8; ++j)
+      id = (id << 8) | output[j];
+   return id;
+   }
+
+u32bit check_against_copy(const Private_Key& orig)
+   {
+   Private_Key* copy_priv = PKCS8::copy_key(orig);
+   Public_Key* copy_pub = X509::copy_key(orig);
+
    const std::string passphrase= "I need work! -Mr. T"; // Me too...
    DataSource_Memory enc_source(PKCS8::PEM_encode(orig, passphrase));
-   PKCS8_PrivateKey* copy_priv_enc = PKCS8::load_key(enc_source, passphrase);
+   Private_Key* copy_priv_enc = PKCS8::load_key(enc_source, passphrase);

-   u64bit orig_id = orig.key_id();
-   u64bit pub_id = copy_pub->key_id();
-   u64bit priv_id = copy_priv->key_id();
-   u64bit priv_enc_id = copy_priv_enc->key_id();
+   u64bit orig_id = key_id(&orig);
+   u64bit pub_id = key_id(copy_pub);
+   u64bit priv_id = key_id(copy_priv);
+   u64bit priv_enc_id = key_id(copy_priv_enc);

    delete copy_pub;
    delete copy_priv;
@@ -33,7 +59,7 @@ u32bit check_against_copy(const PKCS8_Pr

    if(orig_id != pub_id || orig_id != priv_id || orig_id != priv_enc_id)
       {
-      printf("FAILED!!\n");
+      std::cout << "Failed copy check\n";
       return 1;
       }
    return 0;
@@ -70,9 +96,14 @@ void do_x509_tests()

    /* Sign the requests to create the certs */
    std::cout << '.' << std::flush;
-   X509_Certificate user1_cert = ca.sign_request(user1_req);
+   X509_Certificate user1_cert =
+      ca.sign_request(user1_req, X509_Time("2008-01-01"),
+                                 X509_Time("2100-01-01"));
+
    std::cout << '.' << std::flush;
-   X509_Certificate user2_cert = ca.sign_request(user2_req);
+   X509_Certificate user2_cert = ca.sign_request(user2_req,
+                                                 X509_Time("2008-01-01"),
+                                                 X509_Time("2100-01-01"));
    std::cout << '.' << std::flush;

    X509_CRL crl1 = ca.new_crl();