Certificates

Author lloyd@randombit.net
Branch net.randombit.botan.insito-bib
Changelog This is a dump into Montone of a zip file sent to me on May 20 2008 by
Falko Strenzke <strenzke@flexitrust.de>. That version removed a number
of algorithms, and moved several files into other directories. All of
these changes have been reverted for simplicity of merging. This
initial commit is based against the same version they used (1.7.2)
The Cmake modifications were moved because they caused problems
with the existing build. They will be checked in / eval'ed in
a different branch, most likely.
Here is some text from an email sent directly to me by Falko:
Yesterday, we finished our project "InSiTo-Bib". The name is an
abbreviation for "Innovative Sicherheitstoken - Bibliothek", which
means "Innovative Security Tokens - Library". We made this library by
order and account of the German Federal Office for Information
Security i(BSI) (http://www.bsi.bund.de/).
"We" are
- FlexSecure GmbH (http://www.flexsecure.de) and
- Technische Universit?t Darmstadt, especially the team of Prof. Buchmann
(http://www.cdc.informatik.tu-darmstadt.de/mitarbeiter/buchmann.html).
Since we had to contribute to the project (i.e. by nature of the
project we did not receive full payment for our efforts), we retain
the full rights over the product.
From the beginning, the idea was to release the library as open
source. The way of "releasing" the library favored by the BSI would be
to merge it again with Botan. Now you see where you come into
play. Unless you strictly say "no" anyway, you surely need a lot of
information in order you will be able to decide whether you want to
integrate our product into Botan.
(1) we changed almost all occurrences of "plain" pointers to smart
pointers: std::auto_ptr and std::tr1::shared_ptr (where we use boost in
case the plattform doesn't support tr1/memory).
(2) we removed many algorithms the BSI did not want
(3) we added algorithms. Basically, these are
- ECDSA and ECKAEG (which is essentially EC-DH) over GF(p)
- PRNGs: BBS and SHA1PRNG
(3) we incorporated countermeasures against timing-attacks on ECDSA and ECKAEG
(4) we created a tool for tests of the resistance against timings attacks against
the above EC-algorithms (not part of library)
(5) we added support for Card-Verifiable-Certificates (CVC) according to EAC 1.1
(http://www.befreite-dokumente.de/eingereichte-akten/tr-03110-eac-1.0/). These
are used in the context of the european projects for machine readable travel documents
(http://ec.europa.eu/justice_home/doc_centre/freetravel/documents/wai/doc_freetravel_documents_en.htm)
(6) we changed the build system to CMake
(7) our own unit tests use the boost.test framework
Date 2008-05-25T21:10:12

Revision Details

Oldrevision Old revision is: [395d2422..] (diff)
Adddir Add directory: checks/messages
Add directory: checks/temp
Add directory: checks/testdata
Addfile Add file: checks/Makefile
Add file: checks/aada_test.cpp
Add file: checks/bbs_tests.cpp
Add file: checks/cbcmac_tests.cpp
Add file: checks/create_ec_request.cpp
Add file: checks/create_x509.cpp
Add file: checks/cvc_tests.cpp
Add file: checks/dh_tests.cpp
Add file: checks/ec_tests.cpp
Add file: checks/ec_x509_tests.cpp
Add file: checks/ecdsa_tests.cpp
Add file: checks/eckaeg_tests.cpp
Add file: checks/gfp_Element_tests.cpp
Add file: checks/hex_tests.cpp
Add file: checks/messages/ec_for_flex_mes
Add file: checks/messages/ec_test_mes1
Add file: checks/messages/flex_mes
Add file: checks/messages/flex_mes.sig
Add file: checks/messages/flex_mes.sig.hex
Add file: checks/pk_valid.dat.botan170
Add file: checks/sha1prng_tests.cpp
Add file: checks/sign_verify_tests.cpp
Add file: checks/testdata/CSCA.CSCA.csca-germany.1.crt
Add file: checks/testdata/CSCA.CSCA.csca-germany.1.pem
Add file: checks/testdata/DE1_flen_chars_cvcRequest_ECDSA.der
Add file: checks/testdata/Lidia.cer
Add file: checks/testdata/Lidia.pem
Add file: checks/testdata/ado.cvcreq
Add file: checks/testdata/cvca01.cv.crt
Add file: checks/testdata/cvca_illegal_chars.cv.crt
Add file: checks/testdata/cvca_illegal_chars2.cv.crt
Add file: checks/testdata/ec_oid_not_in_reg_private.pkcs8.pem
Add file: checks/testdata/flex_cert.crt
Add file: checks/testdata/flex_mes
Add file: checks/testdata/flex_mes.sig
Add file: checks/testdata/link_SHA1.166.crt
Add file: checks/testdata/link_SHA256.cer
Add file: checks/testdata/nodompar_private.pkcs8.pem
Add file: checks/testdata/root1_SHA256.cer
Add file: checks/testdata/root2_SHA256.cer
Add file: checks/testdata/root_SHA1.163.crt
Add file: checks/testdata/withdompar_private.pkcs8.pem
Add file: checks/tests.cpp
Add file: checks/thread_tests.cpp
Add file: doxyfile
Add file: include/bbs.h
Add file: include/bigintfuncs.h
Add file: include/curve_gfp.h
Add file: include/cvc_ado.h
Add file: include/cvc_ca.h
Add file: include/cvc_cert.h
Add file: include/cvc_gen_cert.h
Add file: include/cvc_key.h
Add file: include/cvc_req.h
Add file: include/cvc_self.h
Add file: include/eac_obj.h
Add file: include/ec.h
Add file: include/ec_dompar.h
Add file: include/ecdsa.h
Add file: include/freestore.h
Add file: include/gfp_element.h
Add file: include/gfp_modulus.h
Add file: include/point_gfp.h
Add file: include/pointers.h
Add file: include/sha1prng.h
Add file: include/signed_obj.h
Add file: include/ta.h
Add file: insito.diff
Add file: insito.txt
Add file: misc/Botan-1.7.2.spec
Add file: src/asn1_eac_str.cpp
Add file: src/asn1_eac_tm.cpp
Add file: src/bbs.cpp
Add file: src/bigintfuncs.cpp
Add file: src/curve_gfp.cpp
Add file: src/cvc_ado.cpp
Add file: src/cvc_ca.cpp
Add file: src/cvc_cert.cpp
Add file: src/cvc_req.cpp
Add file: src/cvc_self.cpp
Add file: src/ec.cpp
Add file: src/ec_dompar.cpp
Add file: src/ecdsa.cpp
Add file: src/emsa1_bsi.cpp
Add file: src/gfp_element.cpp
Add file: src/point_gfp.cpp
Add file: src/sha1prng.cpp
Add file: src/signed_obj.cpp
Add file: src/ta.cpp
Patch Patch file checks/algos.cpp (diff)
Patch file checks/bench.cpp (diff)
Patch file checks/bigint.cpp (diff)
Patch file checks/block.cpp (diff)
Patch file checks/check.cpp (diff)
Patch file checks/common.h (diff)
Patch file checks/dolook.cpp (diff)
Patch file checks/dolook2.cpp (diff)
Patch file checks/misc.cpp (diff)
Patch file checks/pk.cpp (diff)
Patch file checks/pk_bench.cpp (diff)
Patch file checks/validate.cpp (diff)
Patch file checks/validate.dat (diff)
Patch file checks/x509.cpp (diff)
Patch file doc/credits.txt (diff)
Patch file doc/license.txt (diff)
Patch file include/adler32.h (diff)
Patch file include/aes.h (diff)
Patch file include/allocate.h (diff)
Patch file include/arc4.h (diff)
Patch file include/asn1_int.h (diff)
Patch file include/asn1_obj.h (diff)
Patch file include/base.h (diff)
Patch file include/basefilt.h (diff)
Patch file include/ber_dec.h (diff)
Patch file include/bigint.h (diff)
Patch file include/blinding.h (diff)
Patch file include/cbc.h (diff)
Patch file include/cbc_mac.h (diff)
Patch file include/certstor.h (diff)
Patch file include/cmac.h (diff)
Patch file include/config.h (diff)
Patch file include/crc24.h (diff)
Patch file include/crc32.h (diff)
Patch file include/data_snk.h (diff)
Patch file include/data_src.h (diff)
Patch file include/def_powm.h (diff)
Patch file include/der_enc.h (diff)
Patch file include/des.h (diff)
Patch file include/dh.h (diff)
Patch file include/dl_algo.h (diff)
Patch file include/dl_group.h (diff)
Patch file include/eax.h (diff)
Patch file include/ecb.h (diff)
Patch file include/eme.h (diff)
Patch file include/emsa.h (diff)
Patch file include/eng_def.h (diff)
Patch file include/engine.h (diff)
Patch file include/enums.h (diff)
Patch file include/exceptn.h (diff)
Patch file include/filter.h (diff)
Patch file include/filters.h (diff)
Patch file include/hmac.h (diff)
Patch file include/if_algo.h (diff)
Patch file include/keypair.h (diff)
Patch file include/libstate.h (diff)
Patch file include/look_pk.h (diff)
Patch file include/lookup.h (diff)
Patch file include/mem_pool.h (diff)
Patch file include/modebase.h (diff)
Patch file include/modules.h (diff)
Patch file include/mp_core.h (diff)
Patch file include/mp_types.h (diff)
Patch file include/mutex.h (diff)
Patch file include/oids.h (diff)
Patch file include/out_buf.h (diff)
Patch file include/par_hash.h (diff)
Patch file include/pbe.h (diff)
Patch file include/pbe_pkcs.h (diff)
Patch file include/pem.h (diff)
Patch file include/pipe.h (diff)
Patch file include/pk_algs.h (diff)
Patch file include/pk_core.h (diff)
Patch file include/pk_filts.h (diff)
Patch file include/pk_keys.h (diff)
Patch file include/pk_ops.h (diff)
Patch file include/pkcs10.h (diff)
Patch file include/pkcs5.h (diff)
Patch file include/pkcs8.h (diff)
Patch file include/pow_mod.h (diff)
Patch file include/pubkey.h (diff)
Patch file include/randpool.h (diff)
Patch file include/reducer.h (diff)
Patch file include/rmd160.h (diff)
Patch file include/rng.h (diff)
Patch file include/rsa.h (diff)
Patch file include/s2k.h (diff)
Patch file include/secmem.h (diff)
Patch file include/secqueue.h (diff)
Patch file include/seed.h (diff)
Patch file include/sha160.h (diff)
Patch file include/sha256.h (diff)
Patch file include/sha_64.h (diff)
Patch file include/util.h (diff)
Patch file include/x509_ca.h (diff)
Patch file include/x509_crl.h (diff)
Patch file include/x509_ext.h (diff)
Patch file include/x509_key.h (diff)
Patch file include/x509_obj.h (diff)
Patch file include/x509cert.h (diff)
Patch file include/x509self.h (diff)
Patch file include/x509stat.h (diff)
Patch file include/x509stor.h (diff)
Patch file include/x919_mac.h (diff)
Patch file include/x931_rng.h (diff)
Patch file misc/python/src/block.cpp (diff)
Patch file misc/python/src/hash.cpp (diff)
Patch file misc/python/src/macs.cpp (diff)
Patch file misc/python/src/stream.cpp (diff)
Patch file misc/python/src/x509.cpp (diff)
Patch file modules/es_unix/unix_cmd.cpp (diff)
Patch file modules/es_unix/unix_cmd.h (diff)
Patch file modules/mux_pthr/mux_pthr.cpp (diff)
Patch file modules/mux_pthr/mux_pthr.h (diff)
Patch file modules/mux_qt/mux_qt.cpp (diff)
Patch file modules/mux_qt/mux_qt.h (diff)
Patch file modules/mux_win32/mux_win32.cpp (diff)
Patch file modules/mux_win32/mux_win32.h (diff)
Patch file src/asn1_int.cpp (diff)
Patch file src/basefilt.cpp (diff)
Patch file src/ber_dec.cpp (diff)
Patch file src/blinding.cpp (diff)
Patch file src/cbc_mac.cpp (diff)
Patch file src/cmac.cpp (diff)
Patch file src/config.cpp (diff)
Patch file src/crl_ent.cpp (diff)
Patch file src/data_snk.cpp (diff)
Patch file src/data_src.cpp (diff)
Patch file src/datastor.cpp (diff)
Patch file src/def_alg.cpp (diff)
Patch file src/def_char.cpp (diff)
Patch file src/def_mode.cpp (diff)
Patch file src/def_ops.cpp (diff)
Patch file src/def_powm.cpp (diff)
Patch file src/defalloc.cpp (diff)
Patch file src/der_enc.cpp (diff)
Patch file src/dh.cpp (diff)
Patch file src/dl_algo.cpp (diff)
Patch file src/dl_group.cpp (diff)
Patch file src/dsa_gen.cpp (diff)
Patch file src/eax.cpp (diff)
Patch file src/eme1.cpp (diff)
Patch file src/emsa1.cpp (diff)
Patch file src/emsa2.cpp (diff)
Patch file src/emsa3.cpp (diff)
Patch file src/emsa4.cpp (diff)
Patch file src/eng_base.cpp (diff)
Patch file src/engine.cpp (diff)
Patch file src/filter.cpp (diff)
Patch file src/filters.cpp (diff)
Patch file src/fips140.cpp (diff)
Patch file src/get_algo.cpp (diff)
Patch file src/get_enc.cpp (diff)
Patch file src/get_pbe.cpp (diff)
Patch file src/hash_id.cpp (diff)
Patch file src/hmac.cpp (diff)
Patch file src/if_algo.cpp (diff)
Patch file src/init_def.cpp (diff)
Patch file src/jacobi.cpp (diff)
Patch file src/kdf.cpp (diff)
Patch file src/keypair.cpp (diff)
Patch file src/libstate.cpp (diff)
Patch file src/look_pk.cpp (diff)
Patch file src/make_prm.cpp (diff)
Patch file src/mem_pool.cpp (diff)
Patch file src/mgf1.cpp (diff)
Patch file src/modebase.cpp (diff)
Patch file src/modules.cpp (diff)
Patch file src/mp_mul.cpp (diff)
Patch file src/mp_numth.cpp (diff)
Patch file src/mutex.cpp (diff)
Patch file src/oids.cpp (diff)
Patch file src/out_buf.cpp (diff)
Patch file src/par_hash.cpp (diff)
Patch file src/pbes1.cpp (diff)
Patch file src/pbes2.cpp (diff)
Patch file src/pem.cpp (diff)
Patch file src/pipe.cpp (diff)
Patch file src/pipe_io.cpp (diff)
Patch file src/pk_algs.cpp (diff)
Patch file src/pk_core.cpp (diff)
Patch file src/pk_filts.cpp (diff)
Patch file src/pk_keys.cpp (diff)
Patch file src/pkcs10.cpp (diff)
Patch file src/pkcs5.cpp (diff)
Patch file src/pkcs8.cpp (diff)
Patch file src/policy.cpp (diff)
Patch file src/pow_mod.cpp (diff)
Patch file src/powm_fw.cpp (diff)
Patch file src/powm_mnt.cpp (diff)
Patch file src/prf_x942.cpp (diff)
Patch file src/pubkey.cpp (diff)
Patch file src/randpool.cpp (diff)
Patch file src/reducer.cpp (diff)
Patch file src/rmd160.cpp (diff)
Patch file src/rng.cpp (diff)
Patch file src/rsa.cpp (diff)
Patch file src/secqueue.cpp (diff)
Patch file src/sha160.cpp (diff)
Patch file src/sha256.cpp (diff)
Patch file src/symkey.cpp (diff)
Patch file src/x509_ca.cpp (diff)
Patch file src/x509_crl.cpp (diff)
Patch file src/x509_ext.cpp (diff)
Patch file src/x509_key.cpp (diff)
Patch file src/x509_obj.cpp (diff)
Patch file src/x509cert.cpp (diff)
Patch file src/x509self.cpp (diff)
Patch file src/x509stat.cpp (diff)
Patch file src/x509stor.cpp (diff)
Patch file src/x919_mac.cpp (diff)
Patch file src/x931_rng.cpp (diff)
Set Set attribute 'mtn:execute' to 'true' upon checks/testdata/DE1_flen_chars_cvcRequest_ECDSA.der
Set attribute 'mtn:execute' to 'true' upon checks/testdata/Lidia.cer
Set attribute 'mtn:execute' to 'true' upon checks/testdata/ado.cvcreq
Set attribute 'mtn:execute' to 'true' upon checks/testdata/cvca01.cv.crt
Set attribute 'mtn:execute' to 'true' upon checks/testdata/cvca_illegal_chars.cv.crt
Set attribute 'mtn:execute' to 'true' upon checks/testdata/cvca_illegal_chars2.cv.crt
Set attribute 'mtn:execute' to 'true' upon checks/testdata/link_SHA1.166.crt
Set attribute 'mtn:execute' to 'true' upon checks/testdata/root2_SHA256.cer
Set attribute 'mtn:execute' to 'true' upon checks/testdata/root_SHA1.163.crt
Ancestry of 0eaaacfbc011e31384d5f634704793d82ca42859
reading this graph