When encrypting McEliece or Curve25519 keys, default to GCM instead of CBC.

Add OIDS for OCB mode with various ciphers.
author: lloyd <[email protected]> 2014-12-27 18:05:03 +0000
committer: lloyd <[email protected]> 2014-12-27 18:05:03 +0000
commit: 223ef5ef234a9534e7b71c4738788299755b654e (patch)
tree: c9a3314a31df65c9c58c2e7caa2f7d1bf7ff8abe
parent: d0daf875978848c3edf65c7b3683a21605f72e64 (diff)
4 files changed, 31 insertions, 14 deletions
diff --git a/doc/relnotes/1_11_12.rst b/doc/relnotes/1_11_12.rst
index 344dc95dc..516f41e81 100644
--- a/doc/relnotes/1_11_12.rst
+++ b/doc/relnotes/1_11_12.rst
@@ -2,6 +2,12 @@ Version 1.11.12, Not Yet Released
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
 * Add Curve25519. The implementation is based on curve25519-donna-c64.c
-  by Adam Langley. New (completely non-standard) OIDs and
-  formats for encrypting Curve25519 keys under PKCS #8 and including
-  them in certificates and CRLs have been defined.
+  by Adam Langley. New (completely non-standard) OIDs and formats for
+  encrypting Curve25519 keys under PKCS #8 and including them in
+  certificates and CRLs have been defined.
+
+* When encrypted as PKCS #8 structures, Curve25519 and McEliece
+  private keys default to using AES-256/GCM instead of AES-256/CBC
+
+* Define OIDs for OCB mode with AES, Serpent and Twofish.
+
diff --git a/src/lib/asn1/oid_lookup/default.cpp b/src/lib/asn1/oid_lookup/default.cpp
index 54e834439..03b1be99f 100644
--- a/src/lib/asn1/oid_lookup/default.cpp
+++ b/src/lib/asn1/oid_lookup/default.cpp
@@ -1,6 +1,6 @@
 /*
 * OID Registry
-* (C) 1999-2010,2013 Jack Lloyd
+* (C) 1999-2010,2013,2014 Jack Lloyd
 *
 * Distributed under the terms of the Botan license
 */
@@ -24,7 +24,8 @@ void set_defaults()
    OIDS::add_oidstr("1.3.6.1.4.1.3029.1.2.1", "ElGamal");
    OIDS::add_oidstr("1.3.6.1.4.1.25258.1.1", "RW");
    OIDS::add_oidstr("1.3.6.1.4.1.25258.1.2", "NR");
-   OIDS::add_oidstr("1.3.6.1.4.1.25258.1.3", "McEliece/BIGGF2M");
+   OIDS::add_oidstr("1.3.6.1.4.1.25258.1.3", "McEliece");
+   OIDS::add_oidstr("1.3.6.1.4.1.25258.1.4", "Curve25519");
 
    // X9.62 ecPublicKey, valid for ECDSA and ECDH (RFC 3279 sec 2.3.5)
    OIDS::add_oidstr("1.2.840.10045.2.1", "ECDSA");
@@ -59,6 +60,12 @@ void set_defaults()
    OIDS::add_oidstr("1.3.6.1.4.1.25258.3.101", "Serpent/GCM");
    OIDS::add_oidstr("1.3.6.1.4.1.25258.3.102", "Twofish/GCM");
 
+   OIDS::add_oidstr("1.3.6.1.4.1.25258.3.2.1", "AES-128/OCB");
+   OIDS::add_oidstr("1.3.6.1.4.1.25258.3.2.2", "AES-192/OCB");
+   OIDS::add_oidstr("1.3.6.1.4.1.25258.3.2.3", "AES-256/OCB");
+   OIDS::add_oidstr("1.3.6.1.4.1.25258.3.2.4", "Serpent/OCB");
+   OIDS::add_oidstr("1.3.6.1.4.1.25258.3.2.5", "Twofish/OCB");
+
    /* Hash Functions */
    OIDS::add_oidstr("1.2.840.113549.2.5", "MD5");
    OIDS::add_oidstr("1.3.6.1.4.1.11591.12.2", "Tiger(24,3)");
diff --git a/src/lib/pubkey/mce/mceliece_key.h b/src/lib/pubkey/mce/mceliece_key.h
index cb9412c05..d8b4b59ce 100644
--- a/src/lib/pubkey/mce/mceliece_key.h
+++ b/src/lib/pubkey/mce/mceliece_key.h
@@ -32,7 +32,7 @@ class BOTAN_DLL McEliece_PublicKey : public virtual Public_Key
 
       McEliece_PublicKey(const McEliece_PublicKey & other);
 
-      std::string algo_name() const { return "McEliece/BIGGF2M"; }
+      std::string algo_name() const { return "McEliece"; }
 
       /**
       * Get the maximum number of bits allowed to be fed to this key.
diff --git a/src/lib/pubkey/pkcs8.cpp b/src/lib/pubkey/pkcs8.cpp
index 15f0c4539..298cea064 100644
--- a/src/lib/pubkey/pkcs8.cpp
+++ b/src/lib/pubkey/pkcs8.cpp
@@ -153,17 +153,21 @@ std::string PEM_encode(const Private_Key& key)
 namespace {
 
 std::pair<std::string, std::string>
-choose_pbe_params(const std::string& pbe_algo)
+choose_pbe_params(const std::string& pbe_algo, const std::string& key_algo)
    {
-   if(!pbe_algo.empty())
+   if(pbe_algo == "")
       {
-      SCAN_Name request(pbe_algo);
-      if(request.algo_name() != "PBE-PKCS5v20")
-         throw std::runtime_error("Unsupported PBE " + pbe_algo);
-      return std::make_pair(request.arg(1), request.arg(0));
+      // Defaults:
+      if(key_algo == "Curve25519" || key_algo == "McEliece")
+         return std::make_pair("AES-256/GCM", "SHA-512");
+      else // for everything else (RSA, DSA, ECDSA, GOST, ...)
+         return std::make_pair("AES-256/CBC", "SHA-256");
       }
 
-   return std::make_pair("AES-256/CBC", "SHA-256");
+   SCAN_Name request(pbe_algo);
+   if(request.algo_name() != "PBE-PKCS5v20" || request.arg_count() != 2)
+      throw std::runtime_error("Unsupported PBE " + pbe_algo);
+   return std::make_pair(request.arg(1), request.arg(0));
    }
 
 }
@@ -177,7 +181,7 @@ std::vector<byte> BER_encode(const Private_Key& key,
                              std::chrono::milliseconds msec,
                              const std::string& pbe_algo)
    {
-   const auto pbe_params = choose_pbe_params(pbe_algo);
+   const auto pbe_params = choose_pbe_params(pbe_algo, key.algo_name());
 
    const std::pair<AlgorithmIdentifier, std::vector<byte>> pbe_info =
       pbes2_encrypt(PKCS8::BER_encode(key), pass, msec,
author	lloyd <[email protected]>	2014-12-27 18:05:03 +0000
committer	lloyd <[email protected]>	2014-12-27 18:05:03 +0000
commit	223ef5ef234a9534e7b71c4738788299755b654e (patch)
tree	c9a3314a31df65c9c58c2e7caa2f7d1bf7ff8abe
parent	d0daf875978848c3edf65c7b3683a21605f72e64 (diff)