Coverage Report

Created: 2021-02-21 07:20

/src/botan/src/lib/pubkey/pk_ops.cpp
Line
Count
Source (jump to first uncovered line)
1
/*
2
* PK Operation Types
3
* (C) 2010,2015 Jack Lloyd
4
*
5
* Botan is released under the Simplified BSD License (see license.txt)
6
*/
7
8
#include <botan/internal/pk_ops_impl.h>
9
#include <botan/internal/bit_ops.h>
10
#include <botan/rng.h>
11
12
namespace Botan {
13
14
PK_Ops::Encryption_with_EME::Encryption_with_EME(const std::string& eme)
15
53
   {
16
53
   m_eme.reset(get_eme(eme));
17
53
   if(!m_eme.get())
18
0
      throw Algorithm_Not_Found(eme);
19
53
   }
20
21
size_t PK_Ops::Encryption_with_EME::max_input_bits() const
22
0
   {
23
0
   return 8 * m_eme->maximum_input_size(max_raw_input_bits());
24
0
   }
25
26
secure_vector<uint8_t> PK_Ops::Encryption_with_EME::encrypt(const uint8_t msg[], size_t msg_len,
27
                                                         RandomNumberGenerator& rng)
28
53
   {
29
53
   const size_t max_raw = max_raw_input_bits();
30
53
   const std::vector<uint8_t> encoded = unlock(m_eme->encode(msg, msg_len, max_raw, rng));
31
53
   return raw_encrypt(encoded.data(), encoded.size(), rng);
32
53
   }
33
34
PK_Ops::Decryption_with_EME::Decryption_with_EME(const std::string& eme)
35
0
   {
36
0
   m_eme.reset(get_eme(eme));
37
0
   if(!m_eme.get())
38
0
      throw Algorithm_Not_Found(eme);
39
0
   }
40
41
secure_vector<uint8_t>
42
PK_Ops::Decryption_with_EME::decrypt(uint8_t& valid_mask,
43
                                     const uint8_t ciphertext[],
44
                                     size_t ciphertext_len)
45
0
   {
46
0
   const secure_vector<uint8_t> raw = raw_decrypt(ciphertext, ciphertext_len);
47
0
   return m_eme->unpad(valid_mask, raw.data(), raw.size());
48
0
   }
49
50
PK_Ops::Key_Agreement_with_KDF::Key_Agreement_with_KDF(const std::string& kdf)
51
9.94k
   {
52
9.94k
   if(kdf != "Raw")
53
0
      m_kdf.reset(get_kdf(kdf));
54
9.94k
   }
55
56
secure_vector<uint8_t> PK_Ops::Key_Agreement_with_KDF::agree(size_t key_len,
57
                                                          const uint8_t w[], size_t w_len,
58
                                                          const uint8_t salt[], size_t salt_len)
59
9.94k
   {
60
9.94k
   secure_vector<uint8_t> z = raw_agree(w, w_len);
61
9.94k
   if(m_kdf)
62
0
      return m_kdf->derive_key(key_len, z, salt, salt_len);
63
9.94k
   return z;
64
9.94k
  }
65
66
PK_Ops::Signature_with_EMSA::Signature_with_EMSA(const std::string& emsa) :
67
   Signature(),
68
   m_emsa(get_emsa(emsa)),
69
   m_hash(hash_for_emsa(emsa)),
70
   m_prefix_used(false)
71
0
   {
72
0
   if(!m_emsa)
73
0
      throw Algorithm_Not_Found(emsa);
74
0
   }
75
76
void PK_Ops::Signature_with_EMSA::update(const uint8_t msg[], size_t msg_len)
77
0
   {
78
0
   if(has_prefix() && !m_prefix_used)
79
0
      {
80
0
      m_prefix_used = true;
81
0
      secure_vector<uint8_t> prefix = message_prefix();
82
0
      m_emsa->update(prefix.data(), prefix.size());
83
0
      }
84
0
   m_emsa->update(msg, msg_len);
85
0
   }
86
87
secure_vector<uint8_t> PK_Ops::Signature_with_EMSA::sign(RandomNumberGenerator& rng)
88
0
   {
89
0
   m_prefix_used = false;
90
0
   const secure_vector<uint8_t> msg = m_emsa->raw_data();
91
0
   const auto padded = m_emsa->encoding_of(msg, this->max_input_bits(), rng);
92
0
   return raw_sign(padded.data(), padded.size(), rng);
93
0
   }
94
95
PK_Ops::Verification_with_EMSA::Verification_with_EMSA(const std::string& emsa) :
96
   Verification(),
97
   m_emsa(get_emsa(emsa)),
98
   m_hash(hash_for_emsa(emsa)),
99
   m_prefix_used(false)
100
7.54k
   {
101
7.54k
   if(!m_emsa)
102
0
      throw Algorithm_Not_Found(emsa);
103
7.54k
   }
104
105
void PK_Ops::Verification_with_EMSA::update(const uint8_t msg[], size_t msg_len)
106
7.54k
   {
107
7.54k
   if(has_prefix() && !m_prefix_used)
108
0
      {
109
0
      m_prefix_used = true;
110
0
      secure_vector<uint8_t> prefix = message_prefix();
111
0
      m_emsa->update(prefix.data(), prefix.size());
112
0
      }
113
7.54k
   m_emsa->update(msg, msg_len);
114
7.54k
   }
115
116
bool PK_Ops::Verification_with_EMSA::is_valid_signature(const uint8_t sig[], size_t sig_len)
117
6.71k
   {
118
6.71k
   m_prefix_used = false;
119
6.71k
   const secure_vector<uint8_t> msg = m_emsa->raw_data();
120
121
6.71k
   if(with_recovery())
122
6.22k
      {
123
6.22k
      secure_vector<uint8_t> output_of_key = verify_mr(sig, sig_len);
124
6.22k
      return m_emsa->verify(output_of_key, msg, max_input_bits());
125
6.22k
      }
126
491
   else
127
491
      {
128
491
      Null_RNG rng;
129
491
      secure_vector<uint8_t> encoded = m_emsa->encoding_of(msg, max_input_bits(), rng);
130
491
      return verify(encoded.data(), encoded.size(), sig, sig_len);
131
491
      }
132
6.71k
   }
133
134
void PK_Ops::KEM_Encryption_with_KDF::kem_encrypt(secure_vector<uint8_t>& out_encapsulated_key,
135
                                                  secure_vector<uint8_t>& out_shared_key,
136
                                                  size_t desired_shared_key_len,
137
                                                  Botan::RandomNumberGenerator& rng,
138
                                                  const uint8_t salt[],
139
                                                  size_t salt_len)
140
0
   {
141
0
   secure_vector<uint8_t> raw_shared;
142
0
   this->raw_kem_encrypt(out_encapsulated_key, raw_shared, rng);
143
144
0
   out_shared_key = m_kdf->derive_key(desired_shared_key_len,
145
0
                                      raw_shared.data(), raw_shared.size(),
146
0
                                      salt, salt_len);
147
0
   }
148
149
PK_Ops::KEM_Encryption_with_KDF::KEM_Encryption_with_KDF(const std::string& kdf)
150
0
   {
151
0
   m_kdf.reset(get_kdf(kdf));
152
0
   }
153
154
secure_vector<uint8_t>
155
PK_Ops::KEM_Decryption_with_KDF::kem_decrypt(const uint8_t encap_key[],
156
                                             size_t len,
157
                                             size_t desired_shared_key_len,
158
                                             const uint8_t salt[],
159
                                             size_t salt_len)
160
0
   {
161
0
   secure_vector<uint8_t> raw_shared = this->raw_kem_decrypt(encap_key, len);
162
163
0
   return m_kdf->derive_key(desired_shared_key_len,
164
0
                            raw_shared.data(), raw_shared.size(),
165
0
                            salt, salt_len);
166
0
   }
167
168
PK_Ops::KEM_Decryption_with_KDF::KEM_Decryption_with_KDF(const std::string& kdf)
169
0
   {
170
0
   m_kdf.reset(get_kdf(kdf));
171
0
   }
172
173
}