diff options
| author | Jack Lloyd <[email protected]> | 2016-11-12 01:53:56 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2016-11-12 01:53:56 -0500 |
| commit | 9c72dabc9dc73e2603c22dfce48611b5b626238b (patch) | |
| tree | bda4f84f78bfbdd28e2199ee8f9998b08cc3c634 /src/lib/prov/pkcs11 | |
| parent | 618f890fd7ede74c728612ca8bc590c72ee353f1 (diff) | |
Pubkey cleanups
Add Public_Key::key_length usable for policy checking (as in
TLS::Policy::check_peer_key_acceptable)
Remove Public_Key::max_input_bits because it didn't make much sense
for most algorithms actually.
Remove message_parts and message_part_size from PK_Ops
Diffstat (limited to 'src/lib/prov/pkcs11')
| -rw-r--r-- | src/lib/prov/pkcs11/p11_ecc_key.cpp | 9 | ||||
| -rw-r--r-- | src/lib/prov/pkcs11/p11_ecc_key.h | 6 | ||||
| -rw-r--r-- | src/lib/prov/pkcs11/p11_ecdsa.cpp | 25 | ||||
| -rw-r--r-- | src/lib/prov/pkcs11/p11_ecdsa.h | 10 | ||||
| -rw-r--r-- | src/lib/prov/pkcs11/p11_rsa.cpp | 20 |
5 files changed, 4 insertions, 66 deletions
diff --git a/src/lib/prov/pkcs11/p11_ecc_key.cpp b/src/lib/prov/pkcs11/p11_ecc_key.cpp index 6ab713d3a..52f98b079 100644 --- a/src/lib/prov/pkcs11/p11_ecc_key.cpp +++ b/src/lib/prov/pkcs11/p11_ecc_key.cpp @@ -48,11 +48,6 @@ PKCS11_EC_PublicKey::PKCS11_EC_PublicKey(Session& session, ObjectHandle handle) m_domain_encoding = EC_DOMPAR_ENC_EXPLICIT; } -size_t PKCS11_EC_PublicKey::max_input_bits() const - { - return domain().get_order().bits(); - } - PKCS11_EC_PublicKey::PKCS11_EC_PublicKey(Session& session, const EC_PublicKeyImportProperties& props) : Object(session, props) { @@ -106,7 +101,7 @@ PKCS11_EC_PrivateKey::PKCS11_EC_PrivateKey(Session& session, const std::vector<b m_public_key = decode_public_point(public_key.get_attribute_value(AttributeType::EcPoint), m_domain_params.get_curve()); } -size_t PKCS11_EC_PrivateKey::max_input_bits() const +size_t PKCS11_EC_PrivateKey::key_length() const { return m_domain_params.get_order().bits(); } @@ -118,7 +113,7 @@ std::vector<byte> PKCS11_EC_PrivateKey::x509_subject_public_key() const size_t PKCS11_EC_PrivateKey::estimated_strength() const { - return ecp_work_factor(domain().get_curve().get_p().bits()); + return ecp_work_factor(key_length()); } bool PKCS11_EC_PrivateKey::check_key(RandomNumberGenerator&, bool) const diff --git a/src/lib/prov/pkcs11/p11_ecc_key.h b/src/lib/prov/pkcs11/p11_ecc_key.h index 151feed37..0a222cb79 100644 --- a/src/lib/prov/pkcs11/p11_ecc_key.h +++ b/src/lib/prov/pkcs11/p11_ecc_key.h @@ -89,8 +89,6 @@ class BOTAN_DLL PKCS11_EC_PublicKey : public virtual EC_PublicKey, * @param props the attributes of the public key */ PKCS11_EC_PublicKey(Session& session, const EC_PublicKeyImportProperties& props); - - size_t max_input_bits() const override; }; /// Properties for generating a PKCS#11 EC private key @@ -203,10 +201,10 @@ class BOTAN_DLL PKCS11_EC_PrivateKey : public virtual Private_Key, // Private_Key methods - std::size_t max_input_bits() const override; - std::vector<byte> x509_subject_public_key() const override; + std::size_t key_length() const override; + std::size_t estimated_strength() const override; bool check_key(RandomNumberGenerator&, bool) const override; diff --git a/src/lib/prov/pkcs11/p11_ecdsa.cpp b/src/lib/prov/pkcs11/p11_ecdsa.cpp index 44f116f88..c2ba02e0f 100644 --- a/src/lib/prov/pkcs11/p11_ecdsa.cpp +++ b/src/lib/prov/pkcs11/p11_ecdsa.cpp @@ -61,16 +61,6 @@ class PKCS11_ECDSA_Signature_Operation : public PK_Ops::Signature : PK_Ops::Signature(), m_key(key), m_order(key.domain().get_order()), m_mechanism(MechanismWrapper::create_ecdsa_mechanism(emsa)) {} - size_t message_parts() const override - { - return 2; - } - - size_t message_part_size() const override - { - return m_order.bytes(); - } - void update(const byte msg[], size_t msg_len) override { if(!m_initialized) @@ -126,21 +116,6 @@ class PKCS11_ECDSA_Verification_Operation : public PK_Ops::Verification : PK_Ops::Verification(), m_key(key), m_order(key.domain().get_order()), m_mechanism(MechanismWrapper::create_ecdsa_mechanism(emsa)) {} - size_t message_parts() const override - { - return 2; - } - - size_t message_part_size() const override - { - return m_order.bytes(); - } - - size_t max_input_bits() const override - { - return m_order.bits(); - } - void update(const byte msg[], size_t msg_len) override { if(!m_initialized) diff --git a/src/lib/prov/pkcs11/p11_ecdsa.h b/src/lib/prov/pkcs11/p11_ecdsa.h index aab56f1f2..a4c3df3ea 100644 --- a/src/lib/prov/pkcs11/p11_ecdsa.h +++ b/src/lib/prov/pkcs11/p11_ecdsa.h @@ -48,11 +48,6 @@ class BOTAN_DLL PKCS11_ECDSA_PublicKey final : public PKCS11_EC_PublicKey, publi return "ECDSA"; } - inline std::size_t max_input_bits() const override - { - return domain().get_order().bits(); - } - /// @return the exported ECDSA public key ECDSA_PublicKey export_key() const; @@ -100,11 +95,6 @@ class BOTAN_DLL PKCS11_ECDSA_PrivateKey final : public PKCS11_EC_PrivateKey return "ECDSA"; } - inline size_t message_parts() const override - { - return 2; - } - /// @return the exported ECDSA private key ECDSA_PrivateKey export_key() const; diff --git a/src/lib/prov/pkcs11/p11_rsa.cpp b/src/lib/prov/pkcs11/p11_rsa.cpp index 1e5f3341f..0312f76bf 100644 --- a/src/lib/prov/pkcs11/p11_rsa.cpp +++ b/src/lib/prov/pkcs11/p11_rsa.cpp @@ -128,11 +128,6 @@ class PKCS11_RSA_Decryption_Operation final : public PK_Ops::Decryption m_bits = m_key.get_n().bits() - 1; } - size_t max_input_bits() const override - { - return m_bits; - } - secure_vector<byte> decrypt(byte& valid_mask, const byte ciphertext[], size_t ciphertext_len) override { valid_mask = 0; @@ -208,11 +203,6 @@ class PKCS11_RSA_Signature_Operation : public PK_Ops::Signature : m_key(key), m_mechanism(MechanismWrapper::create_rsa_sign_mechanism(padding)) {} - size_t message_part_size() const override - { - return m_key.get_n().bytes(); - } - void update(const byte msg[], size_t msg_len) override { if(!m_initialized) @@ -268,16 +258,6 @@ class PKCS11_RSA_Verification_Operation : public PK_Ops::Verification : m_key(key), m_mechanism(MechanismWrapper::create_rsa_sign_mechanism(padding)) {} - size_t message_part_size() const override - { - return m_key.get_n().bytes(); - } - - size_t max_input_bits() const override - { - return m_key.get_n().bits() - 1; - } - void update(const byte msg[], size_t msg_len) override { if(!m_initialized) |