aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <[email protected]>2014-01-18 22:07:57 +0000
committerlloyd <[email protected]>2014-01-18 22:07:57 +0000
commit97da227cbde0257f14b7cde001680bc69cf941c9 (patch)
treeafe16b54a0192835f3d6284516df1747fbd10954 /src
parentb3bffeff3553f4b609afe634c8c8b56ca0a2384c (diff)
Rename the various pubkey padding schemes to match the common names.
Way back when, following IEEE 1363 naming seemed like a good idea. But not so much.
Diffstat (limited to 'src')
-rw-r--r--src/lib/algo_base/scan_name.cpp17
-rw-r--r--src/lib/pk_pad/eme_oaep/info.txt (renamed from src/lib/pk_pad/eme1/info.txt)2
-rw-r--r--src/lib/pk_pad/eme_oaep/oaep.cpp (renamed from src/lib/pk_pad/eme1/eme1.cpp)22
-rw-r--r--src/lib/pk_pad/eme_oaep/oaep.h (renamed from src/lib/pk_pad/eme1/eme1.h)12
-rw-r--r--src/lib/pk_pad/eme_pkcs1/eme_pkcs.cpp (renamed from src/lib/pk_pad/eme_pkcs/eme_pkcs.cpp)0
-rw-r--r--src/lib/pk_pad/eme_pkcs1/eme_pkcs.h (renamed from src/lib/pk_pad/eme_pkcs/eme_pkcs.h)0
-rw-r--r--src/lib/pk_pad/eme_pkcs1/info.txt (renamed from src/lib/pk_pad/eme_pkcs/info.txt)0
-rw-r--r--src/lib/pk_pad/emsa2/emsa2.cpp112
-rw-r--r--src/lib/pk_pad/emsa3/emsa3.cpp152
-rw-r--r--src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp116
-rw-r--r--src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h (renamed from src/lib/pk_pad/emsa3/emsa3.h)25
-rw-r--r--src/lib/pk_pad/emsa_pkcs1/info.txt (renamed from src/lib/pk_pad/emsa3/info.txt)2
-rw-r--r--src/lib/pk_pad/emsa_pssr/info.txt (renamed from src/lib/pk_pad/emsa4/info.txt)2
-rw-r--r--src/lib/pk_pad/emsa_pssr/pssr.cpp (renamed from src/lib/pk_pad/emsa4/emsa4.cpp)37
-rw-r--r--src/lib/pk_pad/emsa_pssr/pssr.h (renamed from src/lib/pk_pad/emsa4/emsa4.h)17
-rw-r--r--src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.cpp (renamed from src/lib/pk_pad/emsa1_bsi/emsa1_bsi.cpp)0
-rw-r--r--src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.h (renamed from src/lib/pk_pad/emsa1_bsi/emsa1_bsi.h)0
-rw-r--r--src/lib/pk_pad/emsa_raw_bsi/info.txt (renamed from src/lib/pk_pad/emsa1_bsi/info.txt)0
-rw-r--r--src/lib/pk_pad/emsa_x931/emsa_x931.cpp96
-rw-r--r--src/lib/pk_pad/emsa_x931/emsa_x931.h (renamed from src/lib/pk_pad/emsa2/emsa2.h)23
-rw-r--r--src/lib/pk_pad/emsa_x931/info.txt (renamed from src/lib/pk_pad/emsa2/info.txt)2
-rw-r--r--src/lib/pk_pad/get_pk_pad.cpp48
-rw-r--r--src/lib/tls/info.txt4
23 files changed, 315 insertions, 374 deletions
diff --git a/src/lib/algo_base/scan_name.cpp b/src/lib/algo_base/scan_name.cpp
index 84a5e24b4..d32c36a66 100644
--- a/src/lib/algo_base/scan_name.cpp
+++ b/src/lib/algo_base/scan_name.cpp
@@ -206,13 +206,20 @@ void SCAN_Name::set_default_aliases()
SCAN_Name::add_alias("ARC4", "RC4");
SCAN_Name::add_alias("OMAC", "CMAC");
+ SCAN_Name::add_alias("EMSA-PSS", "PSSR");
+ SCAN_Name::add_alias("PSS-MGF1", "PSSR");
+ SCAN_Name::add_alias("EME-OAEP", "OAEP");
+
+ SCAN_Name::add_alias("EMSA2", "EMSA_X931");
+ SCAN_Name::add_alias("EMSA3", "EMSA_PKCS1");
+ SCAN_Name::add_alias("EMSA-PKCS1-v1_5", "EMSA_PKCS1");
+
// should be renamed in sources
- SCAN_Name::add_alias("OAEP-MGF1", "EME1");
- SCAN_Name::add_alias("EME-OAEP", "EME1");
SCAN_Name::add_alias("X9.31", "EMSA2");
- SCAN_Name::add_alias("EMSA-PKCS1-v1_5", "EMSA3");
- SCAN_Name::add_alias("PSS-MGF1", "EMSA4");
- SCAN_Name::add_alias("EMSA-PSS", "EMSA4");
+
+ // kept for compatability with old library versions
+ SCAN_Name::add_alias("EMSA4", "PSSR");
+ SCAN_Name::add_alias("EME1", "OAEP");
// probably can be removed
SCAN_Name::add_alias("GOST", "GOST-28147-89");
diff --git a/src/lib/pk_pad/eme1/info.txt b/src/lib/pk_pad/eme_oaep/info.txt
index 7ae3e98da..7a9360633 100644
--- a/src/lib/pk_pad/eme1/info.txt
+++ b/src/lib/pk_pad/eme_oaep/info.txt
@@ -1,4 +1,4 @@
-define EME1 20131128
+define EME_OAEP 20140118
load_on auto
diff --git a/src/lib/pk_pad/eme1/eme1.cpp b/src/lib/pk_pad/eme_oaep/oaep.cpp
index 9f236ec00..6186ba1e9 100644
--- a/src/lib/pk_pad/eme1/eme1.cpp
+++ b/src/lib/pk_pad/eme_oaep/oaep.cpp
@@ -1,11 +1,11 @@
/*
-* EME1 (aka OAEP)
+* OAEP
* (C) 1999-2010 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
-#include <botan/eme1.h>
+#include <botan/oaep.h>
#include <botan/mgf1.h>
#include <botan/mem_ops.h>
#include <memory>
@@ -13,16 +13,16 @@
namespace Botan {
/*
-* EME1 Pad Operation
+* OAEP Pad Operation
*/
-secure_vector<byte> EME1::pad(const byte in[], size_t in_length,
+secure_vector<byte> OAEP::pad(const byte in[], size_t in_length,
size_t key_length,
RandomNumberGenerator& rng) const
{
key_length /= 8;
if(key_length < in_length + 2*m_Phash.size() + 1)
- throw Invalid_Argument("EME1: Input is too large");
+ throw Invalid_Argument("OAEP: Input is too large");
secure_vector<byte> out(key_length);
@@ -44,9 +44,9 @@ secure_vector<byte> EME1::pad(const byte in[], size_t in_length,
}
/*
-* EME1 Unpad Operation
+* OAEP Unpad Operation
*/
-secure_vector<byte> EME1::unpad(const byte in[], size_t in_length,
+secure_vector<byte> OAEP::unpad(const byte in[], size_t in_length,
size_t key_length) const
{
/*
@@ -107,7 +107,7 @@ secure_vector<byte> EME1::unpad(const byte in[], size_t in_length,
bad_input |= !same_mem(&input[m_Phash.size()], &m_Phash[0], m_Phash.size());
if(bad_input)
- throw Decoding_Error("Invalid EME1 encoding");
+ throw Decoding_Error("Invalid OAEP encoding");
return secure_vector<byte>(&input[delim_idx + 1], &input[input.size()]);
}
@@ -115,7 +115,7 @@ secure_vector<byte> EME1::unpad(const byte in[], size_t in_length,
/*
* Return the max input size for a given key size
*/
-size_t EME1::maximum_input_size(size_t keybits) const
+size_t OAEP::maximum_input_size(size_t keybits) const
{
if(keybits / 8 > 2*m_Phash.size() + 1)
return ((keybits / 8) - 2*m_Phash.size() - 1);
@@ -124,9 +124,9 @@ size_t EME1::maximum_input_size(size_t keybits) const
}
/*
-* EME1 Constructor
+* OAEP Constructor
*/
-EME1::EME1(HashFunction* hash, const std::string& P) : m_hash(hash)
+OAEP::OAEP(HashFunction* hash, const std::string& P) : m_hash(hash)
{
m_Phash = m_hash->process(P);
}
diff --git a/src/lib/pk_pad/eme1/eme1.h b/src/lib/pk_pad/eme_oaep/oaep.h
index 3c71919a8..250759821 100644
--- a/src/lib/pk_pad/eme1/eme1.h
+++ b/src/lib/pk_pad/eme_oaep/oaep.h
@@ -1,12 +1,12 @@
/*
-* EME1
+* OAEP
* (C) 1999-2007 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
-#ifndef BOTAN_EME1_H__
-#define BOTAN_EME1_H__
+#ifndef BOTAN_OAEP_H__
+#define BOTAN_OAEP_H__
#include <botan/eme.h>
#include <botan/kdf.h>
@@ -16,9 +16,9 @@
namespace Botan {
/**
-* EME1, aka OAEP
+* OAEP (called EME1 in IEEE 1363 and in earlier versions of the library)
*/
-class BOTAN_DLL EME1 : public EME
+class BOTAN_DLL OAEP : public EME
{
public:
size_t maximum_input_size(size_t) const;
@@ -27,7 +27,7 @@ class BOTAN_DLL EME1 : public EME
* @param hash object to use for hashing (takes ownership)
* @param P an optional label. Normally empty.
*/
- EME1(HashFunction* hash, const std::string& P = "");
+ OAEP(HashFunction* hash, const std::string& P = "");
private:
secure_vector<byte> pad(const byte[], size_t, size_t,
RandomNumberGenerator&) const;
diff --git a/src/lib/pk_pad/eme_pkcs/eme_pkcs.cpp b/src/lib/pk_pad/eme_pkcs1/eme_pkcs.cpp
index 0e7d1fc30..0e7d1fc30 100644
--- a/src/lib/pk_pad/eme_pkcs/eme_pkcs.cpp
+++ b/src/lib/pk_pad/eme_pkcs1/eme_pkcs.cpp
diff --git a/src/lib/pk_pad/eme_pkcs/eme_pkcs.h b/src/lib/pk_pad/eme_pkcs1/eme_pkcs.h
index 2808e18d6..2808e18d6 100644
--- a/src/lib/pk_pad/eme_pkcs/eme_pkcs.h
+++ b/src/lib/pk_pad/eme_pkcs1/eme_pkcs.h
diff --git a/src/lib/pk_pad/eme_pkcs/info.txt b/src/lib/pk_pad/eme_pkcs1/info.txt
index 432aaf8eb..432aaf8eb 100644
--- a/src/lib/pk_pad/eme_pkcs/info.txt
+++ b/src/lib/pk_pad/eme_pkcs1/info.txt
diff --git a/src/lib/pk_pad/emsa2/emsa2.cpp b/src/lib/pk_pad/emsa2/emsa2.cpp
deleted file mode 100644
index 02a3dbe72..000000000
--- a/src/lib/pk_pad/emsa2/emsa2.cpp
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
-* EMSA2
-* (C) 1999-2007 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/emsa2.h>
-#include <botan/hash_id.h>
-
-namespace Botan {
-
-namespace {
-
-/*
-* EMSA2 Encode Operation
-*/
-secure_vector<byte> emsa2_encoding(const secure_vector<byte>& msg,
- size_t output_bits,
- const secure_vector<byte>& empty_hash,
- byte hash_id)
- {
- const size_t HASH_SIZE = empty_hash.size();
-
- size_t output_length = (output_bits + 1) / 8;
-
- if(msg.size() != HASH_SIZE)
- throw Encoding_Error("EMSA2::encoding_of: Bad input length");
- if(output_length < HASH_SIZE + 4)
- throw Encoding_Error("EMSA2::encoding_of: Output length is too small");
-
- bool empty = true;
- for(size_t j = 0; j != HASH_SIZE; ++j)
- if(empty_hash[j] != msg[j])
- empty = false;
-
- secure_vector<byte> output(output_length);
-
- output[0] = (empty ? 0x4B : 0x6B);
- output[output_length - 3 - HASH_SIZE] = 0xBA;
- set_mem(&output[1], output_length - 4 - HASH_SIZE, 0xBB);
- buffer_insert(output, output_length - (HASH_SIZE + 2), &msg[0], msg.size());
- output[output_length-2] = hash_id;
- output[output_length-1] = 0xCC;
-
- return output;
- }
-
-}
-
-/*
-* EMSA2 Update Operation
-*/
-void EMSA2::update(const byte input[], size_t length)
- {
- hash->update(input, length);
- }
-
-/*
-* Return the raw (unencoded) data
-*/
-secure_vector<byte> EMSA2::raw_data()
- {
- return hash->final();
- }
-
-/*
-* EMSA2 Encode Operation
-*/
-secure_vector<byte> EMSA2::encoding_of(const secure_vector<byte>& msg,
- size_t output_bits,
- RandomNumberGenerator&)
- {
- return emsa2_encoding(msg, output_bits, empty_hash, hash_id);
- }
-
-/*
-* EMSA2 Verify Operation
-*/
-bool EMSA2::verify(const secure_vector<byte>& coded,
- const secure_vector<byte>& raw,
- size_t key_bits)
- {
- try
- {
- return (coded == emsa2_encoding(raw, key_bits,
- empty_hash, hash_id));
- }
- catch(...)
- {
- return false;
- }
- }
-
-/*
-* EMSA2 Constructor
-*/
-EMSA2::EMSA2(HashFunction* hash_in) : hash(hash_in)
- {
- empty_hash = hash->final();
-
- const std::string hash_name = hash->name();
- hash_id = ieee1363_hash_id(hash_name);
-
- if(hash_id == 0)
- {
- delete hash;
- throw Encoding_Error("EMSA2 no hash identifier for " + hash_name);
- }
- }
-
-}
diff --git a/src/lib/pk_pad/emsa3/emsa3.cpp b/src/lib/pk_pad/emsa3/emsa3.cpp
deleted file mode 100644
index 0d603c508..000000000
--- a/src/lib/pk_pad/emsa3/emsa3.cpp
+++ /dev/null
@@ -1,152 +0,0 @@
-/*
-* EMSA3 and EMSA3_Raw
-* (C) 1999-2008 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/emsa3.h>
-#include <botan/hash_id.h>
-
-namespace Botan {
-
-namespace {
-
-/*
-* EMSA3 Encode Operation
-*/
-secure_vector<byte> emsa3_encoding(const secure_vector<byte>& msg,
- size_t output_bits,
- const byte hash_id[],
- size_t hash_id_length)
- {
- size_t output_length = output_bits / 8;
- if(output_length < hash_id_length + msg.size() + 10)
- throw Encoding_Error("emsa3_encoding: Output length is too small");
-
- secure_vector<byte> T(output_length);
- const size_t P_LENGTH = output_length - msg.size() - hash_id_length - 2;
-
- T[0] = 0x01;
- set_mem(&T[1], P_LENGTH, 0xFF);
- T[P_LENGTH+1] = 0x00;
- buffer_insert(T, P_LENGTH+2, hash_id, hash_id_length);
- buffer_insert(T, output_length-msg.size(), &msg[0], msg.size());
- return T;
- }
-
-}
-
-/*
-* EMSA3 Update Operation
-*/
-void EMSA3::update(const byte input[], size_t length)
- {
- hash->update(input, length);
- }
-
-/*
-* Return the raw (unencoded) data
-*/
-secure_vector<byte> EMSA3::raw_data()
- {
- return hash->final();
- }
-
-/*
-* EMSA3 Encode Operation
-*/
-secure_vector<byte> EMSA3::encoding_of(const secure_vector<byte>& msg,
- size_t output_bits,
- RandomNumberGenerator&)
- {
- if(msg.size() != hash->output_length())
- throw Encoding_Error("EMSA3::encoding_of: Bad input length");
-
- return emsa3_encoding(msg, output_bits,
- &hash_id[0], hash_id.size());
- }
-
-/*
-* Default signature decoding
-*/
-bool EMSA3::verify(const secure_vector<byte>& coded,
- const secure_vector<byte>& raw,
- size_t key_bits)
- {
- if(raw.size() != hash->output_length())
- return false;
-
- try
- {
- return (coded == emsa3_encoding(raw, key_bits,
- &hash_id[0], hash_id.size()));
- }
- catch(...)
- {
- return false;
- }
- }
-
-/*
-* EMSA3 Constructor
-*/
-EMSA3::EMSA3(HashFunction* hash_in) : hash(hash_in)
- {
- hash_id = pkcs_hash_id(hash->name());
- }
-
-/*
-* EMSA3 Destructor
-*/
-EMSA3::~EMSA3()
- {
- delete hash;
- }
-
-/*
-* EMSA3_Raw Update Operation
-*/
-void EMSA3_Raw::update(const byte input[], size_t length)
- {
- message += std::make_pair(input, length);
- }
-
-/*
-* Return the raw (unencoded) data
-*/
-secure_vector<byte> EMSA3_Raw::raw_data()
- {
- secure_vector<byte> ret;
- std::swap(ret, message);
- return ret;
- }
-
-/*
-* EMSA3_Raw Encode Operation
-*/
-secure_vector<byte> EMSA3_Raw::encoding_of(const secure_vector<byte>& msg,
- size_t output_bits,
- RandomNumberGenerator&)
- {
- return emsa3_encoding(msg, output_bits, nullptr, 0);
- }
-
-/*
-* Default signature decoding
-*/
-bool EMSA3_Raw::verify(const secure_vector<byte>& coded,
- const secure_vector<byte>& raw,
- size_t key_bits)
- {
- try
- {
- return (coded == emsa3_encoding(raw, key_bits, nullptr, 0));
- }
- catch(...)
- {
- return false;
- }
- }
-
-}
diff --git a/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp
new file mode 100644
index 000000000..3ba236784
--- /dev/null
+++ b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp
@@ -0,0 +1,116 @@
+/*
+* PKCS #1 v1.5 signature padding
+* (C) 1999-2008 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/emsa_pkcs1.h>
+#include <botan/hash_id.h>
+
+namespace Botan {
+
+namespace {
+
+secure_vector<byte> emsa3_encoding(const secure_vector<byte>& msg,
+ size_t output_bits,
+ const byte hash_id[],
+ size_t hash_id_length)
+ {
+ size_t output_length = output_bits / 8;
+ if(output_length < hash_id_length + msg.size() + 10)
+ throw Encoding_Error("emsa3_encoding: Output length is too small");
+
+ secure_vector<byte> T(output_length);
+ const size_t P_LENGTH = output_length - msg.size() - hash_id_length - 2;
+
+ T[0] = 0x01;
+ set_mem(&T[1], P_LENGTH, 0xFF);
+ T[P_LENGTH+1] = 0x00;
+ buffer_insert(T, P_LENGTH+2, hash_id, hash_id_length);
+ buffer_insert(T, output_length-msg.size(), &msg[0], msg.size());
+ return T;
+ }
+
+}
+
+void EMSA_PKCS1v15::update(const byte input[], size_t length)
+ {
+ m_hash->update(input, length);
+ }
+
+secure_vector<byte> EMSA_PKCS1v15::raw_data()
+ {
+ return m_hash->final();
+ }
+
+secure_vector<byte>
+EMSA_PKCS1v15::encoding_of(const secure_vector<byte>& msg,
+ size_t output_bits,
+ RandomNumberGenerator&)
+ {
+ if(msg.size() != m_hash->output_length())
+ throw Encoding_Error("EMSA_PKCS1v15::encoding_of: Bad input length");
+
+ return emsa3_encoding(msg, output_bits,
+ &m_hash_id[0], m_hash_id.size());
+ }
+
+bool EMSA_PKCS1v15::verify(const secure_vector<byte>& coded,
+ const secure_vector<byte>& raw,
+ size_t key_bits)
+ {
+ if(raw.size() != m_hash->output_length())
+ return false;
+
+ try
+ {
+ return (coded == emsa3_encoding(raw, key_bits,
+ &m_hash_id[0], m_hash_id.size()));
+ }
+ catch(...)
+ {
+ return false;
+ }
+ }
+
+EMSA_PKCS1v15::EMSA_PKCS1v15(HashFunction* hash) : m_hash(hash)
+ {
+ m_hash_id = pkcs_hash_id(m_hash->name());
+ }
+
+void EMSA_PKCS1v15_Raw::update(const byte input[], size_t length)
+ {
+ message += std::make_pair(input, length);
+ }
+
+secure_vector<byte> EMSA_PKCS1v15_Raw::raw_data()
+ {
+ secure_vector<byte> ret;
+ std::swap(ret, message);
+ return ret;
+ }
+
+secure_vector<byte>
+EMSA_PKCS1v15_Raw::encoding_of(const secure_vector<byte>& msg,
+ size_t output_bits,
+ RandomNumberGenerator&)
+ {
+ return emsa3_encoding(msg, output_bits, nullptr, 0);
+ }
+
+bool EMSA_PKCS1v15_Raw::verify(const secure_vector<byte>& coded,
+ const secure_vector<byte>& raw,
+ size_t key_bits)
+ {
+ try
+ {
+ return (coded == emsa3_encoding(raw, key_bits, nullptr, 0));
+ }
+ catch(...)
+ {
+ return false;
+ }
+ }
+
+}
diff --git a/src/lib/pk_pad/emsa3/emsa3.h b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h
index 9fbda67ee..5c7b38c0c 100644
--- a/src/lib/pk_pad/emsa3/emsa3.h
+++ b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h
@@ -1,12 +1,12 @@
/*
-* EMSA3 and EMSA3_Raw
+* PKCS #1 v1.5 signature padding
* (C) 1999-2008 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
-#ifndef BOTAN_EMSA3_H__
-#define BOTAN_EMSA3_H__
+#ifndef BOTAN_EMSA_PKCS1_H__
+#define BOTAN_EMSA_PKCS1_H__
#include <botan/emsa.h>
#include <botan/hash.h>
@@ -14,18 +14,17 @@
namespace Botan {
/**
-* EMSA3 from IEEE 1363
-* aka PKCS #1 v1.5 signature padding
+* PKCS #1 v1.5 signature padding
* aka PKCS #1 block type 1
+* aka EMSA3 from IEEE 1363
*/
-class BOTAN_DLL EMSA3 : public EMSA
+class BOTAN_DLL EMSA_PKCS1v15 : public EMSA
{
public:
/**
* @param hash the hash object to use
*/
- EMSA3(HashFunction* hash);
- ~EMSA3();
+ EMSA_PKCS1v15(HashFunction* hash);
void update(const byte[], size_t);
@@ -37,16 +36,16 @@ class BOTAN_DLL EMSA3 : public EMSA
bool verify(const secure_vector<byte>&, const secure_vector<byte>&,
size_t);
private:
- HashFunction* hash;
- std::vector<byte> hash_id;
+ std::unique_ptr<HashFunction> m_hash;
+ std::vector<byte> m_hash_id;
};
/**
-* EMSA3_Raw which is EMSA3 without a hash or digest id (which
-* according to QCA docs is "identical to PKCS#11's CKM_RSA_PKCS
+* EMSA_PKCS1v15_Raw which is EMSA_PKCS1v15 without a hash or digest id
+* (which according to QCA docs is "identical to PKCS#11's CKM_RSA_PKCS
* mechanism", something I have not confirmed)
*/
-class BOTAN_DLL EMSA3_Raw : public EMSA
+class BOTAN_DLL EMSA_PKCS1v15_Raw : public EMSA
{
public:
void update(const byte[], size_t);
diff --git a/src/lib/pk_pad/emsa3/info.txt b/src/lib/pk_pad/emsa_pkcs1/info.txt
index aea998f13..f497b45e3 100644
--- a/src/lib/pk_pad/emsa3/info.txt
+++ b/src/lib/pk_pad/emsa_pkcs1/info.txt
@@ -1,4 +1,4 @@
-define EMSA3 20131128
+define EMSA_PKCS1 20140118
<requires>
hash
diff --git a/src/lib/pk_pad/emsa4/info.txt b/src/lib/pk_pad/emsa_pssr/info.txt
index 28214d547..349cc0988 100644
--- a/src/lib/pk_pad/emsa4/info.txt
+++ b/src/lib/pk_pad/emsa_pssr/info.txt
@@ -1,4 +1,4 @@
-define EMSA4 20131128
+define EMSA_PSSR 20131128
<requires>
hash
diff --git a/src/lib/pk_pad/emsa4/emsa4.cpp b/src/lib/pk_pad/emsa_pssr/pssr.cpp
index d05c9bef2..663d8089c 100644
--- a/src/lib/pk_pad/emsa4/emsa4.cpp
+++ b/src/lib/pk_pad/emsa_pssr/pssr.cpp
@@ -1,11 +1,11 @@
/*
-* EMSA4
+* PSSR
* (C) 1999-2007 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
-#include <botan/emsa4.h>
+#include <botan/pssr.h>
#include <botan/mgf1.h>
#include <botan/internal/bit_ops.h>
#include <botan/internal/xor_buf.h>
@@ -13,9 +13,9 @@
namespace Botan {
/*
-* EMSA4 Update Operation
+* PSSR Update Operation
*/
-void EMSA4::update(const byte input[], size_t length)
+void PSSR::update(const byte input[], size_t length)
{
hash->update(input, length);
}
@@ -23,24 +23,24 @@ void EMSA4::update(const byte input[], size_t length)
/*
* Return the raw (unencoded) data
*/
-secure_vector<byte> EMSA4::raw_data()
+secure_vector<byte> PSSR::raw_data()
{
return hash->final();
}
/*
-* EMSA4 Encode Operation
+* PSSR Encode Operation
*/
-secure_vector<byte> EMSA4::encoding_of(const secure_vector<byte>& msg,
+secure_vector<byte> PSSR::encoding_of(const secure_vector<byte>& msg,
size_t output_bits,
RandomNumberGenerator& rng)
{
const size_t HASH_SIZE = hash->output_length();
if(msg.size() != HASH_SIZE)
- throw Encoding_Error("EMSA4::encoding_of: Bad input length");
+ throw Encoding_Error("PSSR::encoding_of: Bad input length");
if(output_bits < 8*HASH_SIZE + 8*SALT_SIZE + 9)
- throw Encoding_Error("EMSA4::encoding_of: Output length is too small");
+ throw Encoding_Error("PSSR::encoding_of: Output length is too small");
const size_t output_length = (output_bits + 7) / 8;
@@ -65,9 +65,9 @@ secure_vector<byte> EMSA4::encoding_of(const secure_vector<byte>& msg,
}
/*
-* EMSA4 Decode/Verify Operation
+* PSSR Decode/Verify Operation
*/
-bool EMSA4::verify(const secure_vector<byte>& const_coded,
+bool PSSR::verify(const secure_vector<byte>& const_coded,
const secure_vector<byte>& raw, size_t key_bits)
{
const size_t HASH_SIZE = hash->output_length();
@@ -126,19 +126,8 @@ bool EMSA4::verify(const secure_vector<byte>& const_coded,
return same_mem(&H[0], &H2[0], HASH_SIZE);
}
-/*
-* EMSA4 Constructor
-*/
-EMSA4::EMSA4(HashFunction* h) :
- SALT_SIZE(h->output_length()), hash(h)
- {
- }
-
-/*
-* EMSA4 Constructor
-*/
-EMSA4::EMSA4(HashFunction* h, size_t salt_size) :
- SALT_SIZE(salt_size), hash(h)
+PSSR::PSSR(HashFunction* h, size_t salt_size) :
+ SALT_SIZE(salt_size ? salt_size : h->output_length()), hash(h)
{
}
diff --git a/src/lib/pk_pad/emsa4/emsa4.h b/src/lib/pk_pad/emsa_pssr/pssr.h
index 5202ccbb5..19f490607 100644
--- a/src/lib/pk_pad/emsa4/emsa4.h
+++ b/src/lib/pk_pad/emsa_pssr/pssr.h
@@ -1,12 +1,12 @@
/*
-* EMSA4
+* PSSR
* (C) 1999-2007 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
-#ifndef BOTAN_EMSA4_H__
-#define BOTAN_EMSA4_H__
+#ifndef BOTAN_PSSR_H__
+#define BOTAN_PSSR_H__
#include <botan/emsa.h>
#include <botan/hash.h>
@@ -15,21 +15,18 @@
namespace Botan {
/**
-* EMSA4 aka PSS-R
+* PSSR (called EMSA4 in IEEE 1363 and in old versions of the library)
*/
-class BOTAN_DLL EMSA4 : public EMSA
+class BOTAN_DLL PSSR : public EMSA
{
public:
- /**
- * @param hash the hash object to use
- */
- EMSA4(HashFunction* hash);
/**
* @param hash the hash object to use
* @param salt_size the size of the salt to use in bytes
+ * or zero to use the default
*/
- EMSA4(HashFunction* hash, size_t salt_size);
+ PSSR(HashFunction* hash, size_t salt_size = 0);
private:
void update(const byte input[], size_t length);
diff --git a/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.cpp b/src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.cpp
index 9096edfbf..9096edfbf 100644
--- a/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.cpp
+++ b/src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.cpp
diff --git a/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.h b/src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.h
index 1b90f48df..1b90f48df 100644
--- a/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.h
+++ b/src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.h
diff --git a/src/lib/pk_pad/emsa1_bsi/info.txt b/src/lib/pk_pad/emsa_raw_bsi/info.txt
index 021c99720..021c99720 100644
--- a/src/lib/pk_pad/emsa1_bsi/info.txt
+++ b/src/lib/pk_pad/emsa_raw_bsi/info.txt
diff --git a/src/lib/pk_pad/emsa_x931/emsa_x931.cpp b/src/lib/pk_pad/emsa_x931/emsa_x931.cpp
new file mode 100644
index 000000000..20571fe61
--- /dev/null
+++ b/src/lib/pk_pad/emsa_x931/emsa_x931.cpp
@@ -0,0 +1,96 @@
+/*
+* EMSA_X931
+* (C) 1999-2007 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/emsa_x931.h>
+#include <botan/hash_id.h>
+
+namespace Botan {
+
+namespace {
+
+secure_vector<byte> emsa2_encoding(const secure_vector<byte>& msg,
+ size_t output_bits,
+ const secure_vector<byte>& empty_hash,
+ byte hash_id)
+ {
+ const size_t HASH_SIZE = empty_hash.size();
+
+ size_t output_length = (output_bits + 1) / 8;
+
+ if(msg.size() != HASH_SIZE)
+ throw Encoding_Error("EMSA_X931::encoding_of: Bad input length");
+ if(output_length < HASH_SIZE + 4)
+ throw Encoding_Error("EMSA_X931::encoding_of: Output length is too small");
+
+ const bool empty_input = (msg == empty_hash);
+
+ secure_vector<byte> output(output_length);
+
+ output[0] = (empty_input ? 0x4B : 0x6B);
+ output[output_length - 3 - HASH_SIZE] = 0xBA;
+ set_mem(&output[1], output_length - 4 - HASH_SIZE, 0xBB);
+ buffer_insert(output, output_length - (HASH_SIZE + 2), &msg[0], msg.size());
+ output[output_length-2] = hash_id;
+ output[output_length-1] = 0xCC;
+
+ return output;
+ }
+
+}
+
+void EMSA_X931::update(const byte input[], size_t length)
+ {
+ m_hash->update(input, length);
+ }
+
+secure_vector<byte> EMSA_X931::raw_data()
+ {
+ return m_hash->final();
+ }
+
+/*
+* EMSA_X931 Encode Operation
+*/
+secure_vector<byte> EMSA_X931::encoding_of(const secure_vector<byte>& msg,
+ size_t output_bits,
+ RandomNumberGenerator&)
+ {
+ return emsa2_encoding(msg, output_bits, m_empty_hash, m_hash_id);
+ }
+
+/*
+* EMSA_X931 Verify Operation
+*/
+bool EMSA_X931::verify(const secure_vector<byte>& coded,
+ const secure_vector<byte>& raw,
+ size_t key_bits)
+ {
+ try
+ {
+ return (coded == emsa2_encoding(raw, key_bits,
+ m_empty_hash, m_hash_id));
+ }
+ catch(...)
+ {
+ return false;
+ }
+ }
+
+/*
+* EMSA_X931 Constructor
+*/
+EMSA_X931::EMSA_X931(HashFunction* hash) : m_hash(hash)
+ {
+ m_empty_hash = m_hash->final();
+
+ m_hash_id = ieee1363_hash_id(hash->name());
+
+ if(!m_hash_id)
+ throw Encoding_Error("EMSA_X931 no hash identifier for " + hash->name());
+ }
+
+}
diff --git a/src/lib/pk_pad/emsa2/emsa2.h b/src/lib/pk_pad/emsa_x931/emsa_x931.h
index fb0cecb21..1436f27eb 100644
--- a/src/lib/pk_pad/emsa2/emsa2.h
+++ b/src/lib/pk_pad/emsa_x931/emsa_x931.h
@@ -1,30 +1,31 @@
/*
-* EMSA2
+* X9.31 EMSA
* (C) 1999-2007 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
-#ifndef BOTAN_EMSA2_H__
-#define BOTAN_EMSA2_H__
+#ifndef BOTAN_EMSA_X931_H__
+#define BOTAN_EMSA_X931_H__
#include <botan/emsa.h>
#include <botan/hash.h>
+#include <memory>
namespace Botan {
/**
-* EMSA2 from IEEE 1363
-* Useful for Rabin-Williams
+* EMSA from X9.31 (EMSA2 in IEEE 1363)
+* Useful for Rabin-Williams, also sometimes used with RSA in
+* odd protocols.
*/
-class BOTAN_DLL EMSA2 : public EMSA
+class BOTAN_DLL EMSA_X931 : public EMSA
{
public:
/**
* @param hash the hash object to use
*/
- EMSA2(HashFunction* hash);
- ~EMSA2() { delete hash; }
+ EMSA_X931(HashFunction* hash);
private:
void update(const byte[], size_t);
secure_vector<byte> raw_data();
@@ -35,9 +36,9 @@ class BOTAN_DLL EMSA2 : public EMSA
bool verify(const secure_vector<byte>&, const secure_vector<byte>&,
size_t);
- secure_vector<byte> empty_hash;
- HashFunction* hash;
- byte hash_id;
+ secure_vector<byte> m_empty_hash;
+ std::unique_ptr<HashFunction> m_hash;
+ byte m_hash_id;
};
}
diff --git a/src/lib/pk_pad/emsa2/info.txt b/src/lib/pk_pad/emsa_x931/info.txt
index 0c9bd2289..57ff1d2b3 100644
--- a/src/lib/pk_pad/emsa2/info.txt
+++ b/src/lib/pk_pad/emsa_x931/info.txt
@@ -1,4 +1,4 @@
-define EMSA2 20131128
+define EMSA_X931 20140118
<requires>
hash
diff --git a/src/lib/pk_pad/get_pk_pad.cpp b/src/lib/pk_pad/get_pk_pad.cpp
index 2809f1714..5b4052cde 100644
--- a/src/lib/pk_pad/get_pk_pad.cpp
+++ b/src/lib/pk_pad/get_pk_pad.cpp
@@ -18,24 +18,24 @@
#include <botan/emsa1_bsi.h>
#endif
-#if defined(BOTAN_HAS_EMSA2)
- #include <botan/emsa2.h>
+#if defined(BOTAN_HAS_EMSA_X931)
+ #include <botan/emsa_x931.h>
#endif
-#if defined(BOTAN_HAS_EMSA3)
- #include <botan/emsa3.h>
+#if defined(BOTAN_HAS_EMSA_PKCS1)
+ #include <botan/emsa_pkcs1.h>
#endif
-#if defined(BOTAN_HAS_EMSA4)
- #include <botan/emsa4.h>
+#if defined(BOTAN_HAS_EMSA_PSSR)
+ #include <botan/pssr.h>
#endif
#if defined(BOTAN_HAS_EMSA_RAW)
#include <botan/emsa_raw.h>
#endif
-#if defined(BOTAN_HAS_EME1)
- #include <botan/eme1.h>
+#if defined(BOTAN_HAS_EME_OAEP)
+ #include <botan/oaep.h>
#endif
#if defined(BOTAN_HAS_EME_PKCS1v15)
@@ -72,33 +72,33 @@ EMSA* get_emsa(const std::string& algo_spec)
return new EMSA1_BSI(af.make_hash_function(request.arg(0)));
#endif
-#if defined(BOTAN_HAS_EMSA2)
- if(request.algo_name() == "EMSA2" && request.arg_count() == 1)
- return new EMSA2(af.make_hash_function(request.arg(0)));
+#if defined(BOTAN_HAS_EMSA_X931)
+ if(request.algo_name() == "EMSA_X931" && request.arg_count() == 1)
+ return new EMSA_X931(af.make_hash_function(request.arg(0)));
#endif
-#if defined(BOTAN_HAS_EMSA3)
- if(request.algo_name() == "EMSA3" && request.arg_count() == 1)
+#if defined(BOTAN_HAS_EMSA_PKCS1)
+ if(request.algo_name() == "EMSA_PKCS1" && request.arg_count() == 1)
{
if(request.arg(0) == "Raw")
- return new EMSA3_Raw;
- return new EMSA3(af.make_hash_function(request.arg(0)));
+ return new EMSA_PKCS1v15_Raw;
+ return new EMSA_PKCS1v15(af.make_hash_function(request.arg(0)));
}
#endif
-#if defined(BOTAN_HAS_EMSA4)
- if(request.algo_name() == "EMSA4" && request.arg_count_between(1, 3))
+#if defined(BOTAN_HAS_EMSA_PSSR)
+ if(request.algo_name() == "PSSR" && request.arg_count_between(1, 3))
{
// 3 args: Hash, MGF, salt size (MGF is hardcoded MGF1 in Botan)
if(request.arg_count() == 1)
- return new EMSA4(af.make_hash_function(request.arg(0)));
+ return new PSSR(af.make_hash_function(request.arg(0)));
if(request.arg_count() == 2 && request.arg(1) != "MGF1")
- return new EMSA4(af.make_hash_function(request.arg(0)));
+ return new PSSR(af.make_hash_function(request.arg(0)));
if(request.arg_count() == 3)
- return new EMSA4(af.make_hash_function(request.arg(0)),
- request.arg_as_integer(2, 0));
+ return new PSSR(af.make_hash_function(request.arg(0)),
+ request.arg_as_integer(2, 0));
}
#endif
@@ -120,15 +120,15 @@ EME* get_eme(const std::string& algo_spec)
return new EME_PKCS1v15;
#endif
-#if defined(BOTAN_HAS_EME1)
+#if defined(BOTAN_HAS_EME_OAEP)
Algorithm_Factory& af = global_state().algorithm_factory();
- if(request.algo_name() == "EME1" && request.arg_count_between(1, 2))
+ if(request.algo_name() == "OAEP" && request.arg_count_between(1, 2))
{
if(request.arg_count() == 1 ||
(request.arg_count() == 2 && request.arg(1) == "MGF1"))
{
- return new EME1(af.make_hash_function(request.arg(0)));
+ return new OAEP(af.make_hash_function(request.arg(0)));
}
}
#endif
diff --git a/src/lib/tls/info.txt b/src/lib/tls/info.txt
index 5a5601df5..b3d9066b6 100644
--- a/src/lib/tls/info.txt
+++ b/src/lib/tls/info.txt
@@ -74,8 +74,8 @@ cryptobox_psk
dh
ecdh
ecdsa
-eme_pkcs
-emsa3
+eme_pkcs1
+emsa_pkcs1
gcm
hmac
kdf2