diff options
author | Jack Lloyd <[email protected]> | 2016-07-30 12:18:30 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2016-09-02 05:29:09 -0400 |
commit | c44fbd04739f530eaae8005bb72ea685034430fc (patch) | |
tree | cfa42235f325578dbb4b144ccda1a183c41f9c6e /src/lib/pubkey | |
parent | d365e37c504ae884af325f4e21de2e9f85e05e82 (diff) |
Remove IF_Scheme_{Public,Private}Key
With the removal of Rabin-Williams, RSA is the only remaining subclass,
And it's very unlikely any new integer factorization based scheme would be
added in the future.
Diffstat (limited to 'src/lib/pubkey')
-rw-r--r-- | src/lib/pubkey/if_algo/if_algo.cpp | 140 | ||||
-rw-r--r-- | src/lib/pubkey/if_algo/if_algo.h | 107 | ||||
-rw-r--r-- | src/lib/pubkey/if_algo/info.txt | 9 | ||||
-rw-r--r-- | src/lib/pubkey/rsa/info.txt | 3 | ||||
-rw-r--r-- | src/lib/pubkey/rsa/rsa.cpp | 130 | ||||
-rw-r--r-- | src/lib/pubkey/rsa/rsa.h | 80 |
6 files changed, 186 insertions, 283 deletions
diff --git a/src/lib/pubkey/if_algo/if_algo.cpp b/src/lib/pubkey/if_algo/if_algo.cpp deleted file mode 100644 index e5f3ae20f..000000000 --- a/src/lib/pubkey/if_algo/if_algo.cpp +++ /dev/null @@ -1,140 +0,0 @@ -/* -* IF Scheme -* (C) 1999-2007 Jack Lloyd -* -* Botan is released under the Simplified BSD License (see license.txt) -*/ - -#include <botan/if_algo.h> -#include <botan/numthry.h> -#include <botan/workfactor.h> -#include <botan/der_enc.h> -#include <botan/ber_dec.h> - -namespace Botan { - -size_t IF_Scheme_PublicKey::estimated_strength() const - { - return if_work_factor(m_n.bits()); - } - -AlgorithmIdentifier IF_Scheme_PublicKey::algorithm_identifier() const - { - return AlgorithmIdentifier(get_oid(), - AlgorithmIdentifier::USE_NULL_PARAM); - } - -std::vector<byte> IF_Scheme_PublicKey::x509_subject_public_key() const - { - return DER_Encoder() - .start_cons(SEQUENCE) - .encode(m_n) - .encode(m_e) - .end_cons() - .get_contents_unlocked(); - } - -IF_Scheme_PublicKey::IF_Scheme_PublicKey(const AlgorithmIdentifier&, - const secure_vector<byte>& key_bits) - { - BER_Decoder(key_bits) - .start_cons(SEQUENCE) - .decode(m_n) - .decode(m_e) - .verify_end() - .end_cons(); - } - -/* -* Check IF Scheme Public Parameters -*/ -bool IF_Scheme_PublicKey::check_key(RandomNumberGenerator&, bool) const - { - if(m_n < 35 || m_n.is_even() || m_e < 2) - return false; - return true; - } - -secure_vector<byte> IF_Scheme_PrivateKey::pkcs8_private_key() const - { - return DER_Encoder() - .start_cons(SEQUENCE) - .encode(static_cast<size_t>(0)) - .encode(m_n) - .encode(m_e) - .encode(m_d) - .encode(m_p) - .encode(m_q) - .encode(m_d1) - .encode(m_d2) - .encode(m_c) - .end_cons() - .get_contents(); - } - -IF_Scheme_PrivateKey::IF_Scheme_PrivateKey(RandomNumberGenerator& rng, - const AlgorithmIdentifier&, - const secure_vector<byte>& key_bits) - { - BER_Decoder(key_bits) - .start_cons(SEQUENCE) - .decode_and_check<size_t>(0, "Unknown PKCS #1 key format version") - .decode(m_n) - .decode(m_e) - .decode(m_d) - .decode(m_p) - .decode(m_q) - .decode(m_d1) - .decode(m_d2) - .decode(m_c) - .end_cons(); - - load_check(rng); - } - -IF_Scheme_PrivateKey::IF_Scheme_PrivateKey(RandomNumberGenerator& rng, - const BigInt& prime1, - const BigInt& prime2, - const BigInt& exp, - const BigInt& d_exp, - const BigInt& mod) : - m_d{ d_exp }, m_p{ prime1 }, m_q{ prime2 }, m_d1{}, m_d2{}, m_c{ inverse_mod( m_q, m_p ) } - { - m_n = mod.is_nonzero() ? mod : m_p * m_q; - m_e = exp; - - if(m_d == 0) - { - BigInt inv_for_d = lcm(m_p - 1, m_q - 1); - if(m_e.is_even()) - inv_for_d >>= 1; - - m_d = inverse_mod(m_e, inv_for_d); - } - - m_d1 = m_d % (m_p - 1); - m_d2 = m_d % (m_q - 1); - - load_check(rng); - } - -/* -* Check IF Scheme Private Parameters -*/ -bool IF_Scheme_PrivateKey::check_key(RandomNumberGenerator& rng, - bool strong) const - { - if(m_n < 35 || m_n.is_even() || m_e < 2 || m_d < 2 || m_p < 3 || m_q < 3 || m_p*m_q != m_n) - return false; - - if(m_d1 != m_d % (m_p - 1) || m_d2 != m_d % (m_q - 1) || m_c != inverse_mod(m_q, m_p)) - return false; - - const size_t prob = (strong) ? 56 : 12; - - if(!is_prime(m_p, rng, prob) || !is_prime(m_q, rng, prob)) - return false; - return true; - } - -} diff --git a/src/lib/pubkey/if_algo/if_algo.h b/src/lib/pubkey/if_algo/if_algo.h deleted file mode 100644 index 46dbd51a9..000000000 --- a/src/lib/pubkey/if_algo/if_algo.h +++ /dev/null @@ -1,107 +0,0 @@ -/* -* IF Scheme -* (C) 1999-2007 Jack Lloyd -* -* Botan is released under the Simplified BSD License (see license.txt) -*/ - -#ifndef BOTAN_IF_ALGO_H__ -#define BOTAN_IF_ALGO_H__ - -#include <botan/bigint.h> -#include <botan/x509_key.h> - -namespace Botan { - -/** -* This class represents public keys -* of integer factorization based (IF) public key schemes. -*/ -class BOTAN_DLL IF_Scheme_PublicKey : public virtual Public_Key - { - public: - IF_Scheme_PublicKey(const AlgorithmIdentifier& alg_id, - const secure_vector<byte>& key_bits); - - IF_Scheme_PublicKey(const BigInt& n, const BigInt& e) : - m_n(n), m_e(e) {} - - bool check_key(RandomNumberGenerator& rng, bool) const override; - - AlgorithmIdentifier algorithm_identifier() const override; - - std::vector<byte> x509_subject_public_key() const override; - - /** - * @return public modulus - */ - const BigInt& get_n() const { return m_n; } - - /** - * @return public exponent - */ - const BigInt& get_e() const { return m_e; } - - size_t max_input_bits() const override { return (m_n.bits() - 1); } - - size_t estimated_strength() const override; - - protected: - IF_Scheme_PublicKey() {} - - BigInt m_n, m_e; - }; - -/** -* This class represents public keys -* of integer factorization based (IF) public key schemes. -*/ -class BOTAN_DLL IF_Scheme_PrivateKey : public virtual IF_Scheme_PublicKey, - public virtual Private_Key - { - public: - - IF_Scheme_PrivateKey(RandomNumberGenerator& rng, - const BigInt& prime1, const BigInt& prime2, - const BigInt& exp, const BigInt& d_exp, - const BigInt& mod); - - IF_Scheme_PrivateKey(RandomNumberGenerator& rng, - const AlgorithmIdentifier& alg_id, - const secure_vector<byte>& key_bits); - - bool check_key(RandomNumberGenerator& rng, bool) const override; - - /** - * Get the first prime p. - * @return prime p - */ - const BigInt& get_p() const { return m_p; } - - /** - * Get the second prime q. - * @return prime q - */ - const BigInt& get_q() const { return m_q; } - - /** - * Get d with exp * d = 1 mod (p - 1, q - 1). - * @return d - */ - const BigInt& get_d() const { return m_d; } - - const BigInt& get_c() const { return m_c; } - const BigInt& get_d1() const { return m_d1; } - const BigInt& get_d2() const { return m_d2; } - - secure_vector<byte> pkcs8_private_key() const override; - - protected: - IF_Scheme_PrivateKey() {} - - BigInt m_d, m_p, m_q, m_d1, m_d2, m_c; - }; - -} - -#endif diff --git a/src/lib/pubkey/if_algo/info.txt b/src/lib/pubkey/if_algo/info.txt deleted file mode 100644 index 5ceec0a89..000000000 --- a/src/lib/pubkey/if_algo/info.txt +++ /dev/null @@ -1,9 +0,0 @@ -define IF_PUBLIC_KEY_FAMILY 20131128 - -load_on dep - -<requires> -asn1 -bigint -numbertheory -</requires> diff --git a/src/lib/pubkey/rsa/info.txt b/src/lib/pubkey/rsa/info.txt index 91eec565a..6df380696 100644 --- a/src/lib/pubkey/rsa/info.txt +++ b/src/lib/pubkey/rsa/info.txt @@ -1,7 +1,6 @@ -define RSA 20131128 +define RSA 20160730 <requires> -if_algo keypair numbertheory emsa_pssr diff --git a/src/lib/pubkey/rsa/rsa.cpp b/src/lib/pubkey/rsa/rsa.cpp index 6a645ec88..7f72ba210 100644 --- a/src/lib/pubkey/rsa/rsa.cpp +++ b/src/lib/pubkey/rsa/rsa.cpp @@ -1,6 +1,6 @@ /* * RSA -* (C) 1999-2010,2015 Jack Lloyd +* (C) 1999-2010,2015,2016 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -11,10 +11,118 @@ #include <botan/keypair.h> #include <botan/blinding.h> #include <botan/reducer.h> +#include <botan/workfactor.h> +#include <botan/der_enc.h> +#include <botan/ber_dec.h> #include <future> namespace Botan { +size_t RSA_PublicKey::estimated_strength() const + { + return if_work_factor(m_n.bits()); + } + +AlgorithmIdentifier RSA_PublicKey::algorithm_identifier() const + { + return AlgorithmIdentifier(get_oid(), + AlgorithmIdentifier::USE_NULL_PARAM); + } + +std::vector<byte> RSA_PublicKey::x509_subject_public_key() const + { + return DER_Encoder() + .start_cons(SEQUENCE) + .encode(m_n) + .encode(m_e) + .end_cons() + .get_contents_unlocked(); + } + +RSA_PublicKey::RSA_PublicKey(const AlgorithmIdentifier&, + const secure_vector<byte>& key_bits) + { + BER_Decoder(key_bits) + .start_cons(SEQUENCE) + .decode(m_n) + .decode(m_e) + .verify_end() + .end_cons(); + } + +/* +* Check RSA Public Parameters +*/ +bool RSA_PublicKey::check_key(RandomNumberGenerator&, bool) const + { + if(m_n < 35 || m_n.is_even() || m_e < 2) + return false; + return true; + } + +secure_vector<byte> RSA_PrivateKey::pkcs8_private_key() const + { + return DER_Encoder() + .start_cons(SEQUENCE) + .encode(static_cast<size_t>(0)) + .encode(m_n) + .encode(m_e) + .encode(m_d) + .encode(m_p) + .encode(m_q) + .encode(m_d1) + .encode(m_d2) + .encode(m_c) + .end_cons() + .get_contents(); + } + +RSA_PrivateKey::RSA_PrivateKey(const AlgorithmIdentifier&, + const secure_vector<byte>& key_bits, + RandomNumberGenerator& rng) + { + BER_Decoder(key_bits) + .start_cons(SEQUENCE) + .decode_and_check<size_t>(0, "Unknown PKCS #1 key format version") + .decode(m_n) + .decode(m_e) + .decode(m_d) + .decode(m_p) + .decode(m_q) + .decode(m_d1) + .decode(m_d2) + .decode(m_c) + .end_cons(); + + load_check(rng); + } + +RSA_PrivateKey::RSA_PrivateKey(RandomNumberGenerator& rng, + const BigInt& prime1, + const BigInt& prime2, + const BigInt& exp, + const BigInt& d_exp, + const BigInt& mod) : + m_d{ d_exp }, m_p{ prime1 }, m_q{ prime2 }, m_d1{}, m_d2{}, m_c{ inverse_mod( m_q, m_p ) } + { + m_n = mod.is_nonzero() ? mod : m_p * m_q; + m_e = exp; + + if(m_d == 0) + { + BigInt inv_for_d = lcm(m_p - 1, m_q - 1); + if(m_e.is_even()) + inv_for_d >>= 1; + + m_d = inverse_mod(m_e, inv_for_d); + } + + m_d1 = m_d % (m_p - 1); + m_d2 = m_d % (m_q - 1); + + load_check(rng); + } + /* * Create a RSA private key */ @@ -49,16 +157,26 @@ RSA_PrivateKey::RSA_PrivateKey(RandomNumberGenerator& rng, */ bool RSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const { - if(!IF_Scheme_PrivateKey::check_key(rng, strong)) + if(m_n < 35 || m_n.is_even() || m_e < 2 || m_d < 2 || m_p < 3 || m_q < 3 || m_p*m_q != m_n) return false; - if(!strong) - return true; + if(m_d1 != m_d % (m_p - 1) || m_d2 != m_d % (m_q - 1) || m_c != inverse_mod(m_q, m_p)) + return false; + + const size_t prob = (strong) ? 56 : 12; - if((m_e * m_d) % lcm(m_p - 1, m_q - 1) != 1) + if(!is_prime(m_p, rng, prob) || !is_prime(m_q, rng, prob)) return false; - return KeyPair::signature_consistency_check(rng, *this, "EMSA4(SHA-256)"); + if(strong) + { + if((m_e * m_d) % lcm(m_p - 1, m_q - 1) != 1) + return false; + + return KeyPair::signature_consistency_check(rng, *this, "EMSA4(SHA-256)"); + } + + return true; } namespace { diff --git a/src/lib/pubkey/rsa/rsa.h b/src/lib/pubkey/rsa/rsa.h index 4a57b9f63..85bd7ce58 100644 --- a/src/lib/pubkey/rsa/rsa.h +++ b/src/lib/pubkey/rsa/rsa.h @@ -1,6 +1,6 @@ /* * RSA -* (C) 1999-2008 Jack Lloyd +* (C) 1999-2008,2016 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -8,23 +8,19 @@ #ifndef BOTAN_RSA_H__ #define BOTAN_RSA_H__ -#include <botan/if_algo.h> - +#include <botan/bigint.h> +#include <botan/x509_key.h> namespace Botan { /** * RSA Public Key */ -class BOTAN_DLL RSA_PublicKey : public virtual IF_Scheme_PublicKey +class BOTAN_DLL RSA_PublicKey : public virtual Public_Key { public: - std::string algo_name() const override { return "RSA"; } - RSA_PublicKey(const AlgorithmIdentifier& alg_id, - const secure_vector<byte>& key_bits) : - IF_Scheme_PublicKey(alg_id, key_bits) - {} + const secure_vector<byte>& key_bits); /** * Create a RSA_PublicKey @@ -32,26 +28,45 @@ class BOTAN_DLL RSA_PublicKey : public virtual IF_Scheme_PublicKey * @arg e the exponent */ RSA_PublicKey(const BigInt& n, const BigInt& e) : - IF_Scheme_PublicKey(n, e) - {} + m_n(n), m_e(e) {} + + std::string algo_name() const override { return "RSA"; } + + bool check_key(RandomNumberGenerator& rng, bool) const override; + + AlgorithmIdentifier algorithm_identifier() const override; + + std::vector<byte> x509_subject_public_key() const override; + + /** + * @return public modulus + */ + const BigInt& get_n() const { return m_n; } + + /** + * @return public exponent + */ + const BigInt& get_e() const { return m_e; } + + size_t max_input_bits() const override { return (m_n.bits() - 1); } + + size_t estimated_strength() const override; protected: RSA_PublicKey() {} + + BigInt m_n, m_e; }; /** * RSA Private Key */ -class BOTAN_DLL RSA_PrivateKey : public RSA_PublicKey, - public IF_Scheme_PrivateKey +class BOTAN_DLL RSA_PrivateKey : public Private_Key, public RSA_PublicKey { public: - bool check_key(RandomNumberGenerator& rng, bool) const override; - RSA_PrivateKey(const AlgorithmIdentifier& alg_id, const secure_vector<byte>& key_bits, - RandomNumberGenerator& rng) : - IF_Scheme_PrivateKey(rng, alg_id, key_bits) {} + RandomNumberGenerator& rng); /** * Construct a private key from the specified parameters. @@ -68,8 +83,7 @@ class BOTAN_DLL RSA_PrivateKey : public RSA_PublicKey, RSA_PrivateKey(RandomNumberGenerator& rng, const BigInt& p, const BigInt& q, const BigInt& e, const BigInt& d = 0, - const BigInt& n = 0) : - IF_Scheme_PrivateKey(rng, p, q, e, d, n) {} + const BigInt& n = 0); /** * Create a new private key with the specified bit length @@ -79,6 +93,34 @@ class BOTAN_DLL RSA_PrivateKey : public RSA_PublicKey, */ RSA_PrivateKey(RandomNumberGenerator& rng, size_t bits, size_t exp = 65537); + + bool check_key(RandomNumberGenerator& rng, bool) const override; + + /** + * Get the first prime p. + * @return prime p + */ + const BigInt& get_p() const { return m_p; } + + /** + * Get the second prime q. + * @return prime q + */ + const BigInt& get_q() const { return m_q; } + + /** + * Get d with exp * d = 1 mod (p - 1, q - 1). + * @return d + */ + const BigInt& get_d() const { return m_d; } + + const BigInt& get_c() const { return m_c; } + const BigInt& get_d1() const { return m_d1; } + const BigInt& get_d2() const { return m_d2; } + + secure_vector<byte> pkcs8_private_key() const override; + private: + BigInt m_d, m_p, m_q, m_d1, m_d2, m_c; }; } |