ed_key c_netuser::get_public_key_resp(ip::tcp::socket &socket_) {
DBG_MTX(dbg_mtx, "START");
assert(socket_.is_open());
boost::system::error_code ec;
char header[2];
DBG_MTX(dbg_mtx, "read header");
size_t pkresp = socket_.read_some(buffer(header, 2), ec);
DBG_MTX(dbg_mtx, "pk: " << pkresp << ":[" <<header[0] << header[1] << "]");
DBG_MTX(dbg_mtx, "read public key size");
size_t pub_key_size = 4;
uint32_t key_size = 0;
size_t recieved_bytes = socket_.read_some(buffer(&key_size, pub_key_size), ec);
DBG_MTX(dbg_mtx, "size:" << recieved_bytes << ":[" <<key_size << "]");
assert(recieved_bytes == pub_key_size);
const std::unique_ptr<unsigned char[]> pub_key_data(new unsigned char[key_size]);
DBG_MTX(dbg_mtx, "read public key data");
recieved_bytes = socket_.read_some(buffer(pub_key_data.get(), key_size), ec);
DBG_MTX(dbg_mtx, "data:" << recieved_bytes << ":[" << ed_key(pub_key_data.get(),recieved_bytes) << "]");
assert(recieved_bytes == key_size);
ed_key pub_key(pub_key_data.get(), key_size);
DBG_MTX(dbg_mtx, "END");
return pub_key;
}
Certificate_Status_Code Response::verify_signature(const X509_Certificate& issuer) const
{
if (m_responses.empty())
return m_dummy_response_status;
try
{
std::unique_ptr<Public_Key> pub_key(issuer.subject_public_key());
const std::vector<std::string> sig_info =
split_on(OIDS::lookup(m_sig_algo.get_oid()), '/');
if(sig_info.size() != 2 || sig_info[0] != pub_key->algo_name())
return Certificate_Status_Code::OCSP_RESPONSE_INVALID;
std::string padding = sig_info[1];
Signature_Format format = (pub_key->message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
PK_Verifier verifier(*pub_key, padding, format);
if(verifier.verify_message(ASN1::put_in_sequence(m_tbs_bits), m_signature))
return Certificate_Status_Code::OCSP_SIGNATURE_OK;
else
return Certificate_Status_Code::OCSP_SIGNATURE_ERROR;
}
catch(Exception&)
{
return Certificate_Status_Code::OCSP_SIGNATURE_ERROR;
}
}
void PublicBank::WriteBIO(BIO *bio)
{
DumpNumber(bio,"g=",g());
DumpNumber(bio,"p=",p());
DumpNumber(bio,"public=",pub_key());
}
