diff options
| author | lloyd <[email protected]> | 2010-03-09 02:39:31 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2010-03-09 02:39:31 +0000 |
| commit | 4a9afbb99bb73e43bcb3a30379d6a2dd59dae76a (patch) | |
| tree | 4f7a362be278ed63828afeae56444afcbf0b2dac /checks/pk.cpp | |
| parent | a4df64935b788e541206547d5d85665c191e2f5f (diff) | |
Deconstify PK_Ops. It's quite reasonable that some op will want to
precompute only as needed, or will want to access some other expensive
resource or etc.
Change how the secret for generating blinding is done in cases where a
PRNG isn't available. Use the operations public op to hide the secret,
for instance the seed for a DH blinding variable is 2^x mod p.
Make use of being able to mutate internal structures in the RW signer,
since that does have access to a PRNG, so use it to initialize the
blinder on first call to sign().
Diffstat (limited to 'checks/pk.cpp')
| -rw-r--r-- | checks/pk.cpp | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/checks/pk.cpp b/checks/pk.cpp index f0343afec..bc1308f1c 100644 --- a/checks/pk.cpp +++ b/checks/pk.cpp @@ -161,14 +161,14 @@ void validate_encryption(PK_Encryptor& e, PK_Decryptor& d, } void validate_signature(PK_Verifier& v, PK_Signer& s, const std::string& algo, - const std::string& input, const std::string& random, + const std::string& input, + RandomNumberGenerator& rng, const std::string& exp, bool& failure) { SecureVector<byte> message = decode_hex(input); SecureVector<byte> expected = decode_hex(exp); - Fixed_Output_RNG rng(decode_hex(random)); SecureVector<byte> sig = s.sign_message(message, message.size(), rng); if(sig != expected) @@ -194,6 +194,16 @@ void validate_signature(PK_Verifier& v, PK_Signer& s, const std::string& algo, } } +void validate_signature(PK_Verifier& v, PK_Signer& s, const std::string& algo, + const std::string& input, + const std::string& random, + const std::string& exp, bool& failure) + { + Fixed_Output_RNG rng(decode_hex(random)); + + validate_signature(v, s, algo, input, rng, exp, failure); + } + void validate_kas(PK_Key_Agreement& kas, const std::string& algo, const SecureVector<byte>& pubkey, const std::string& output, u32bit keylen, bool& failure) @@ -397,8 +407,6 @@ u32bit validate_rw_ver(const std::string& algo, if(str.size() != 5) throw std::runtime_error("Invalid input from pk_valid.dat"); - - #if defined(BOTAN_HAS_RW) RW_PublicKey key(to_bigint(str[1]), to_bigint(str[0])); @@ -421,10 +429,9 @@ u32bit validate_rw_sig(const std::string& algo, const std::vector<std::string>& str, RandomNumberGenerator& rng) { - if(str.size() != 6) + if(str.size() != 5) throw std::runtime_error("Invalid input from pk_valid.dat"); - #if defined(BOTAN_HAS_RW) RW_PrivateKey privkey(rng, to_bigint(str[1]), to_bigint(str[2]), to_bigint(str[0])); @@ -436,7 +443,7 @@ u32bit validate_rw_sig(const std::string& algo, PK_Signer s(privkey, emsa); bool failure = false; - validate_signature(v, s, algo, str[3], str[4], str[5], failure); + validate_signature(v, s, algo, str[3], rng, str[4], failure); return (failure ? 1 : 0); #endif |