Rename the various pubkey padding schemes to match the common names.

Way back when, following IEEE 1363 naming seemed like a good idea. But not so much.
author: lloyd <[email protected]> 2014-01-18 22:07:57 +0000
committer: lloyd <[email protected]> 2014-01-18 22:07:57 +0000
commit: 97da227cbde0257f14b7cde001680bc69cf941c9 (patch)
tree: afe16b54a0192835f3d6284516df1747fbd10954 /src/lib/pk_pad/emsa_x931
parent: b3bffeff3553f4b609afe634c8c8b56ca0a2384c (diff)
3 files changed, 148 insertions, 0 deletions
diff --git a/src/lib/pk_pad/emsa_x931/emsa_x931.cpp b/src/lib/pk_pad/emsa_x931/emsa_x931.cpp
new file mode 100644
index 000000000..20571fe61
--- /dev/null
+++ b/src/lib/pk_pad/emsa_x931/emsa_x931.cpp
@@ -0,0 +1,96 @@
+/*
+* EMSA_X931
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/emsa_x931.h>
+#include <botan/hash_id.h>
+
+namespace Botan {
+
+namespace {
+
+secure_vector<byte> emsa2_encoding(const secure_vector<byte>& msg,
+                                   size_t output_bits,
+                                   const secure_vector<byte>& empty_hash,
+                                   byte hash_id)
+   {
+   const size_t HASH_SIZE = empty_hash.size();
+
+   size_t output_length = (output_bits + 1) / 8;
+
+   if(msg.size() != HASH_SIZE)
+      throw Encoding_Error("EMSA_X931::encoding_of: Bad input length");
+   if(output_length < HASH_SIZE + 4)
+      throw Encoding_Error("EMSA_X931::encoding_of: Output length is too small");
+
+   const bool empty_input = (msg == empty_hash);
+
+   secure_vector<byte> output(output_length);
+
+   output[0] = (empty_input ? 0x4B : 0x6B);
+   output[output_length - 3 - HASH_SIZE] = 0xBA;
+   set_mem(&output[1], output_length - 4 - HASH_SIZE, 0xBB);
+   buffer_insert(output, output_length - (HASH_SIZE + 2), &msg[0], msg.size());
+   output[output_length-2] = hash_id;
+   output[output_length-1] = 0xCC;
+
+   return output;
+   }
+
+}
+
+void EMSA_X931::update(const byte input[], size_t length)
+   {
+   m_hash->update(input, length);
+   }
+
+secure_vector<byte> EMSA_X931::raw_data()
+   {
+   return m_hash->final();
+   }
+
+/*
+* EMSA_X931 Encode Operation
+*/
+secure_vector<byte> EMSA_X931::encoding_of(const secure_vector<byte>& msg,
+                                      size_t output_bits,
+                                      RandomNumberGenerator&)
+   {
+   return emsa2_encoding(msg, output_bits, m_empty_hash, m_hash_id);
+   }
+
+/*
+* EMSA_X931 Verify Operation
+*/
+bool EMSA_X931::verify(const secure_vector<byte>& coded,
+                   const secure_vector<byte>& raw,
+                   size_t key_bits)
+   {
+   try
+      {
+      return (coded == emsa2_encoding(raw, key_bits,
+                                      m_empty_hash, m_hash_id));
+      }
+   catch(...)
+      {
+      return false;
+      }
+   }
+
+/*
+* EMSA_X931 Constructor
+*/
+EMSA_X931::EMSA_X931(HashFunction* hash) : m_hash(hash)
+   {
+   m_empty_hash = m_hash->final();
+
+   m_hash_id = ieee1363_hash_id(hash->name());
+
+   if(!m_hash_id)
+      throw Encoding_Error("EMSA_X931 no hash identifier for " + hash->name());
+   }
+
+}
diff --git a/src/lib/pk_pad/emsa_x931/emsa_x931.h b/src/lib/pk_pad/emsa_x931/emsa_x931.h
new file mode 100644
index 000000000..1436f27eb
--- /dev/null
+++ b/src/lib/pk_pad/emsa_x931/emsa_x931.h
@@ -0,0 +1,46 @@
+/*
+* X9.31 EMSA
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_EMSA_X931_H__
+#define BOTAN_EMSA_X931_H__
+
+#include <botan/emsa.h>
+#include <botan/hash.h>
+#include <memory>
+
+namespace Botan {
+
+/**
+* EMSA from X9.31 (EMSA2 in IEEE 1363)
+* Useful for Rabin-Williams, also sometimes used with RSA in
+* odd protocols.
+*/
+class BOTAN_DLL EMSA_X931 : public EMSA
+   {
+   public:
+      /**
+      * @param hash the hash object to use
+      */
+      EMSA_X931(HashFunction* hash);
+   private:
+      void update(const byte[], size_t);
+      secure_vector<byte> raw_data();
+
+      secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t,
+                                     RandomNumberGenerator& rng);
+
+      bool verify(const secure_vector<byte>&, const secure_vector<byte>&,
+                  size_t);
+
+      secure_vector<byte> m_empty_hash;
+      std::unique_ptr<HashFunction> m_hash;
+      byte m_hash_id;
+   };
+
+}
+
+#endif
diff --git a/src/lib/pk_pad/emsa_x931/info.txt b/src/lib/pk_pad/emsa_x931/info.txt
new file mode 100644
index 000000000..57ff1d2b3
--- /dev/null
+++ b/src/lib/pk_pad/emsa_x931/info.txt
@@ -0,0 +1,6 @@
+define EMSA_X931 20140118
+
+<requires>
+hash
+hash_id
+</requires>
author	lloyd <[email protected]>	2014-01-18 22:07:57 +0000
committer	lloyd <[email protected]>	2014-01-18 22:07:57 +0000
commit	97da227cbde0257f14b7cde001680bc69cf941c9 (patch)
tree	afe16b54a0192835f3d6284516df1747fbd10954 /src/lib/pk_pad/emsa_x931
parent	b3bffeff3553f4b609afe634c8c8b56ca0a2384c (diff)