/src/botan/src/lib/pubkey/pk_ops.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * PK Operation Types |
3 | | * (C) 2010,2015 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/internal/pk_ops_impl.h> |
9 | | #include <botan/internal/bit_ops.h> |
10 | | #include <botan/rng.h> |
11 | | |
12 | | namespace Botan { |
13 | | |
14 | | PK_Ops::Encryption_with_EME::Encryption_with_EME(const std::string& eme) |
15 | 59 | { |
16 | 59 | m_eme.reset(get_eme(eme)); |
17 | 59 | if(!m_eme.get()) |
18 | 0 | throw Algorithm_Not_Found(eme); |
19 | 59 | } |
20 | | |
21 | | size_t PK_Ops::Encryption_with_EME::max_input_bits() const |
22 | 0 | { |
23 | 0 | return 8 * m_eme->maximum_input_size(max_raw_input_bits()); |
24 | 0 | } |
25 | | |
26 | | secure_vector<uint8_t> PK_Ops::Encryption_with_EME::encrypt(const uint8_t msg[], size_t msg_len, |
27 | | RandomNumberGenerator& rng) |
28 | 59 | { |
29 | 59 | const size_t max_raw = max_raw_input_bits(); |
30 | 59 | const std::vector<uint8_t> encoded = unlock(m_eme->encode(msg, msg_len, max_raw, rng)); |
31 | 59 | return raw_encrypt(encoded.data(), encoded.size(), rng); |
32 | 59 | } |
33 | | |
34 | | PK_Ops::Decryption_with_EME::Decryption_with_EME(const std::string& eme) |
35 | 0 | { |
36 | 0 | m_eme.reset(get_eme(eme)); |
37 | 0 | if(!m_eme.get()) |
38 | 0 | throw Algorithm_Not_Found(eme); |
39 | 0 | } |
40 | | |
41 | | secure_vector<uint8_t> |
42 | | PK_Ops::Decryption_with_EME::decrypt(uint8_t& valid_mask, |
43 | | const uint8_t ciphertext[], |
44 | | size_t ciphertext_len) |
45 | 0 | { |
46 | 0 | const secure_vector<uint8_t> raw = raw_decrypt(ciphertext, ciphertext_len); |
47 | 0 | return m_eme->unpad(valid_mask, raw.data(), raw.size()); |
48 | 0 | } |
49 | | |
50 | | PK_Ops::Key_Agreement_with_KDF::Key_Agreement_with_KDF(const std::string& kdf) |
51 | 14.3k | { |
52 | 14.3k | if(kdf != "Raw") |
53 | 0 | m_kdf.reset(get_kdf(kdf)); |
54 | 14.3k | } |
55 | | |
56 | | secure_vector<uint8_t> PK_Ops::Key_Agreement_with_KDF::agree(size_t key_len, |
57 | | const uint8_t w[], size_t w_len, |
58 | | const uint8_t salt[], size_t salt_len) |
59 | 14.3k | { |
60 | 14.3k | secure_vector<uint8_t> z = raw_agree(w, w_len); |
61 | 14.3k | if(m_kdf) |
62 | 0 | return m_kdf->derive_key(key_len, z, salt, salt_len); |
63 | 14.3k | return z; |
64 | 14.3k | } |
65 | | |
66 | | PK_Ops::Signature_with_EMSA::Signature_with_EMSA(const std::string& emsa) : |
67 | | Signature(), |
68 | | m_emsa(get_emsa(emsa)), |
69 | | m_hash(hash_for_emsa(emsa)), |
70 | | m_prefix_used(false) |
71 | 0 | { |
72 | 0 | if(!m_emsa) |
73 | 0 | throw Algorithm_Not_Found(emsa); |
74 | 0 | } |
75 | | |
76 | | void PK_Ops::Signature_with_EMSA::update(const uint8_t msg[], size_t msg_len) |
77 | 0 | { |
78 | 0 | if(has_prefix() && !m_prefix_used) |
79 | 0 | { |
80 | 0 | m_prefix_used = true; |
81 | 0 | secure_vector<uint8_t> prefix = message_prefix(); |
82 | 0 | m_emsa->update(prefix.data(), prefix.size()); |
83 | 0 | } |
84 | 0 | m_emsa->update(msg, msg_len); |
85 | 0 | } |
86 | | |
87 | | secure_vector<uint8_t> PK_Ops::Signature_with_EMSA::sign(RandomNumberGenerator& rng) |
88 | 0 | { |
89 | 0 | m_prefix_used = false; |
90 | 0 | const secure_vector<uint8_t> msg = m_emsa->raw_data(); |
91 | 0 | const auto padded = m_emsa->encoding_of(msg, this->max_input_bits(), rng); |
92 | 0 | return raw_sign(padded.data(), padded.size(), rng); |
93 | 0 | } |
94 | | |
95 | | PK_Ops::Verification_with_EMSA::Verification_with_EMSA(const std::string& emsa) : |
96 | | Verification(), |
97 | | m_emsa(get_emsa(emsa)), |
98 | | m_hash(hash_for_emsa(emsa)), |
99 | | m_prefix_used(false) |
100 | 7.61k | { |
101 | 7.61k | if(!m_emsa) |
102 | 0 | throw Algorithm_Not_Found(emsa); |
103 | 7.61k | } |
104 | | |
105 | | void PK_Ops::Verification_with_EMSA::update(const uint8_t msg[], size_t msg_len) |
106 | 7.61k | { |
107 | 7.61k | if(has_prefix() && !m_prefix_used) |
108 | 0 | { |
109 | 0 | m_prefix_used = true; |
110 | 0 | secure_vector<uint8_t> prefix = message_prefix(); |
111 | 0 | m_emsa->update(prefix.data(), prefix.size()); |
112 | 0 | } |
113 | 7.61k | m_emsa->update(msg, msg_len); |
114 | 7.61k | } |
115 | | |
116 | | bool PK_Ops::Verification_with_EMSA::is_valid_signature(const uint8_t sig[], size_t sig_len) |
117 | 6.79k | { |
118 | 6.79k | m_prefix_used = false; |
119 | 6.79k | const secure_vector<uint8_t> msg = m_emsa->raw_data(); |
120 | 6.79k | |
121 | 6.79k | if(with_recovery()) |
122 | 6.35k | { |
123 | 6.35k | secure_vector<uint8_t> output_of_key = verify_mr(sig, sig_len); |
124 | 6.35k | return m_emsa->verify(output_of_key, msg, max_input_bits()); |
125 | 6.35k | } |
126 | 442 | else |
127 | 442 | { |
128 | 442 | Null_RNG rng; |
129 | 442 | secure_vector<uint8_t> encoded = m_emsa->encoding_of(msg, max_input_bits(), rng); |
130 | 442 | return verify(encoded.data(), encoded.size(), sig, sig_len); |
131 | 442 | } |
132 | 6.79k | } |
133 | | |
134 | | void PK_Ops::KEM_Encryption_with_KDF::kem_encrypt(secure_vector<uint8_t>& out_encapsulated_key, |
135 | | secure_vector<uint8_t>& out_shared_key, |
136 | | size_t desired_shared_key_len, |
137 | | Botan::RandomNumberGenerator& rng, |
138 | | const uint8_t salt[], |
139 | | size_t salt_len) |
140 | 0 | { |
141 | 0 | secure_vector<uint8_t> raw_shared; |
142 | 0 | this->raw_kem_encrypt(out_encapsulated_key, raw_shared, rng); |
143 | 0 |
|
144 | 0 | out_shared_key = m_kdf->derive_key(desired_shared_key_len, |
145 | 0 | raw_shared.data(), raw_shared.size(), |
146 | 0 | salt, salt_len); |
147 | 0 | } |
148 | | |
149 | | PK_Ops::KEM_Encryption_with_KDF::KEM_Encryption_with_KDF(const std::string& kdf) |
150 | 0 | { |
151 | 0 | m_kdf.reset(get_kdf(kdf)); |
152 | 0 | } |
153 | | |
154 | | secure_vector<uint8_t> |
155 | | PK_Ops::KEM_Decryption_with_KDF::kem_decrypt(const uint8_t encap_key[], |
156 | | size_t len, |
157 | | size_t desired_shared_key_len, |
158 | | const uint8_t salt[], |
159 | | size_t salt_len) |
160 | 0 | { |
161 | 0 | secure_vector<uint8_t> raw_shared = this->raw_kem_decrypt(encap_key, len); |
162 | 0 |
|
163 | 0 | return m_kdf->derive_key(desired_shared_key_len, |
164 | 0 | raw_shared.data(), raw_shared.size(), |
165 | 0 | salt, salt_len); |
166 | 0 | } |
167 | | |
168 | | PK_Ops::KEM_Decryption_with_KDF::KEM_Decryption_with_KDF(const std::string& kdf) |
169 | 0 | { |
170 | 0 | m_kdf.reset(get_kdf(kdf)); |
171 | 0 | } |
172 | | |
173 | | } |