diff options
author | lloyd <[email protected]> | 2014-01-18 21:26:38 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2014-01-18 21:26:38 +0000 |
commit | b3bffeff3553f4b609afe634c8c8b56ca0a2384c (patch) | |
tree | e81f39a9f86fcefffdf9e7704dd0b7a7c337edb7 /src | |
parent | ef465af87d61c0cfbba17b86a3e1cc48b90ab391 (diff) |
More unique_ptr, also cleanup MGF1 usage
Diffstat (limited to 'src')
-rw-r--r-- | src/cmd/tls_server_asio.cpp | 2 | ||||
-rw-r--r-- | src/lib/entropy/proc_walk/proc_walk.cpp | 30 | ||||
-rw-r--r-- | src/lib/entropy/proc_walk/proc_walk.h | 10 | ||||
-rw-r--r-- | src/lib/kdf/kdf.h | 14 | ||||
-rw-r--r-- | src/lib/kdf/kdf1/kdf1.h | 6 | ||||
-rw-r--r-- | src/lib/kdf/kdf2/kdf2.h | 5 | ||||
-rw-r--r-- | src/lib/kdf/mgf1/mgf1.cpp | 56 | ||||
-rw-r--r-- | src/lib/kdf/mgf1/mgf1.h | 36 | ||||
-rw-r--r-- | src/lib/kdf/prf_ssl3/prf_ssl3.h | 1 | ||||
-rw-r--r-- | src/lib/kdf/prf_tls/prf_tls.cpp | 35 | ||||
-rw-r--r-- | src/lib/kdf/prf_tls/prf_tls.h | 10 | ||||
-rw-r--r-- | src/lib/mac/ssl3mac/ssl3_mac.h | 5 | ||||
-rw-r--r-- | src/lib/pbkdf/pbkdf1/pbkdf1.h | 12 | ||||
-rw-r--r-- | src/lib/pbkdf/pbkdf2/pbkdf2.h | 10 | ||||
-rw-r--r-- | src/lib/pk_pad/eme1/eme1.cpp | 40 | ||||
-rw-r--r-- | src/lib/pk_pad/eme1/eme1.h | 7 | ||||
-rw-r--r-- | src/lib/pk_pad/eme1/info.txt | 1 | ||||
-rw-r--r-- | src/lib/pk_pad/emsa4/emsa4.cpp | 7 | ||||
-rw-r--r-- | src/lib/pk_pad/emsa4/emsa4.h | 21 | ||||
-rw-r--r-- | src/lib/pk_pad/emsa4/info.txt | 1 | ||||
-rw-r--r-- | src/lib/pk_pad/mgf1/info.txt (renamed from src/lib/kdf/mgf1/info.txt) | 2 | ||||
-rw-r--r-- | src/lib/pk_pad/mgf1/mgf1.cpp | 36 | ||||
-rw-r--r-- | src/lib/pk_pad/mgf1/mgf1.h | 25 |
23 files changed, 144 insertions, 228 deletions
diff --git a/src/cmd/tls_server_asio.cpp b/src/cmd/tls_server_asio.cpp index 524181510..c088a22f2 100644 --- a/src/cmd/tls_server_asio.cpp +++ b/src/cmd/tls_server_asio.cpp @@ -112,7 +112,7 @@ class tls_server_session : public boost::enable_shared_from_this<tls_server_sess m_write_buf.clear(); // initiate another write if needed - tls_output_wanted(NULL, 0); + tls_output_wanted(nullptr, 0); } else { diff --git a/src/lib/entropy/proc_walk/proc_walk.cpp b/src/lib/entropy/proc_walk/proc_walk.cpp index 050d9dcf7..5a72f46e5 100644 --- a/src/lib/entropy/proc_walk/proc_walk.cpp +++ b/src/lib/entropy/proc_walk/proc_walk.cpp @@ -24,20 +24,6 @@ namespace Botan { -/** -* Returns file descriptors. Until it doesn't -*/ -class File_Descriptor_Source - { - public: - /** - * @return next file descriptor, or -1 if done - */ - virtual int next_fd() = 0; - - virtual ~File_Descriptor_Source() {} - }; - namespace { class Directory_Walker : public File_Descriptor_Source @@ -130,20 +116,13 @@ int Directory_Walker::next_fd() } -/** -* ProcWalking_EntropySource Destructor -*/ -ProcWalking_EntropySource::~ProcWalking_EntropySource() - { - // for ~unique_ptr - } - void ProcWalking_EntropySource::poll(Entropy_Accumulator& accum) { const size_t MAX_FILES_READ_PER_POLL = 2048; + const double ENTROPY_ESTIMATE = 1.0 / (8*1024); if(!m_dir) - m_dir = new Directory_Walker(m_path); + m_dir.reset(new Directory_Walker(m_path)); secure_vector<byte>& io_buffer = accum.get_io_buffer(4096); @@ -154,8 +133,7 @@ void ProcWalking_EntropySource::poll(Entropy_Accumulator& accum) // If we've exhaused this walk of the directory, halt the poll if(fd == -1) { - delete m_dir; - m_dir = nullptr; + m_dir.reset(); break; } @@ -163,7 +141,7 @@ void ProcWalking_EntropySource::poll(Entropy_Accumulator& accum) ::close(fd); if(got > 0) - accum.add(&io_buffer[0], got, .001); + accum.add(&io_buffer[0], got, ENTROPY_ESTIMATE); if(accum.polling_goal_achieved()) break; diff --git a/src/lib/entropy/proc_walk/proc_walk.h b/src/lib/entropy/proc_walk/proc_walk.h index 04c3b1bba..3d4c4e4da 100644 --- a/src/lib/entropy/proc_walk/proc_walk.h +++ b/src/lib/entropy/proc_walk/proc_walk.h @@ -13,6 +13,13 @@ namespace Botan { +class File_Descriptor_Source + { + public: + virtual int next_fd() = 0; + virtual ~File_Descriptor_Source() {} + }; + /** * File Tree Walking Entropy Source */ @@ -26,10 +33,9 @@ class ProcWalking_EntropySource : public EntropySource ProcWalking_EntropySource(const std::string& root_dir) : m_path(root_dir), m_dir(nullptr) {} - ~ProcWalking_EntropySource(); private: const std::string m_path; - class File_Descriptor_Source* m_dir; + std::unique_ptr<File_Descriptor_Source> m_dir; }; } diff --git a/src/lib/kdf/kdf.h b/src/lib/kdf/kdf.h index 39e7253f9..0e8f77681 100644 --- a/src/lib/kdf/kdf.h +++ b/src/lib/kdf/kdf.h @@ -1,5 +1,5 @@ /* -* KDF/MGF +* Key Derivation Function interfaces * (C) 1999-2007 Jack Lloyd * * Distributed under the terms of the Botan license @@ -114,18 +114,6 @@ class BOTAN_DLL KDF }; /** -* Mask Generation Function -*/ -class BOTAN_DLL MGF - { - public: - virtual void mask(const byte in[], size_t in_len, - byte out[], size_t out_len) const = 0; - - virtual ~MGF() {} - }; - -/** * Factory method for KDF (key derivation function) * @param algo_spec the name of the KDF to create * @return pointer to newly allocated object of that type diff --git a/src/lib/kdf/kdf1/kdf1.h b/src/lib/kdf/kdf1/kdf1.h index 6a14d2995..539aeaa6e 100644 --- a/src/lib/kdf/kdf1/kdf1.h +++ b/src/lib/kdf/kdf1/kdf1.h @@ -10,6 +10,7 @@ #include <botan/kdf.h> #include <botan/hash.h> +#include <memory> namespace Botan { @@ -27,11 +28,8 @@ class BOTAN_DLL KDF1 : public KDF KDF* clone() const { return new KDF1(hash->clone()); } KDF1(HashFunction* h) : hash(h) {} - KDF1(const KDF1& other) : KDF(), hash(other.hash->clone()) {} - - ~KDF1() { delete hash; } private: - HashFunction* hash; + std::unique_ptr<HashFunction> hash; }; } diff --git a/src/lib/kdf/kdf2/kdf2.h b/src/lib/kdf/kdf2/kdf2.h index e33939df9..60bbf5db1 100644 --- a/src/lib/kdf/kdf2/kdf2.h +++ b/src/lib/kdf/kdf2/kdf2.h @@ -10,6 +10,7 @@ #include <botan/kdf.h> #include <botan/hash.h> +#include <memory> namespace Botan { @@ -26,10 +27,8 @@ class BOTAN_DLL KDF2 : public KDF KDF* clone() const { return new KDF2(hash->clone()); } KDF2(HashFunction* h) : hash(h) {} - KDF2(const KDF2& other) : KDF(), hash(other.hash->clone()) {} - ~KDF2() { delete hash; } private: - HashFunction* hash; + std::unique_ptr<HashFunction> hash; }; } diff --git a/src/lib/kdf/mgf1/mgf1.cpp b/src/lib/kdf/mgf1/mgf1.cpp deleted file mode 100644 index e0433a02f..000000000 --- a/src/lib/kdf/mgf1/mgf1.cpp +++ /dev/null @@ -1,56 +0,0 @@ -/* -* MGF1 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/mgf1.h> -#include <botan/exceptn.h> -#include <botan/internal/xor_buf.h> -#include <algorithm> -#include <memory> - -namespace Botan { - -/* -* MGF1 Mask Generation Function -*/ -void MGF1::mask(const byte in[], size_t in_len, byte out[], - size_t out_len) const - { - u32bit counter = 0; - - while(out_len) - { - hash->update(in, in_len); - hash->update_be(counter); - secure_vector<byte> buffer = hash->final(); - - size_t xored = std::min<size_t>(buffer.size(), out_len); - xor_buf(out, &buffer[0], xored); - out += xored; - out_len -= xored; - - ++counter; - } - } - -/* -* MGF1 Constructor -*/ -MGF1::MGF1(HashFunction* h) : hash(h) - { - if(!hash) - throw Invalid_Argument("MGF1 given null hash object"); - } - -/* -* MGF1 Destructor -*/ -MGF1::~MGF1() - { - delete hash; - } - -} diff --git a/src/lib/kdf/mgf1/mgf1.h b/src/lib/kdf/mgf1/mgf1.h deleted file mode 100644 index 95a2a2bc5..000000000 --- a/src/lib/kdf/mgf1/mgf1.h +++ /dev/null @@ -1,36 +0,0 @@ -/* -* MGF1 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_MGF1_H__ -#define BOTAN_MGF1_H__ - -#include <botan/kdf.h> -#include <botan/hash.h> - -namespace Botan { - -/** -* MGF1 from PKCS #1 v2.0 -*/ -class BOTAN_DLL MGF1 : public MGF - { - public: - void mask(const byte[], size_t, byte[], size_t) const; - - /** - MGF1 constructor: takes ownership of hash - */ - MGF1(HashFunction* hash); - - ~MGF1(); - private: - HashFunction* hash; - }; - -} - -#endif diff --git a/src/lib/kdf/prf_ssl3/prf_ssl3.h b/src/lib/kdf/prf_ssl3/prf_ssl3.h index bae8badb8..9b9ecb578 100644 --- a/src/lib/kdf/prf_ssl3/prf_ssl3.h +++ b/src/lib/kdf/prf_ssl3/prf_ssl3.h @@ -9,6 +9,7 @@ #define BOTAN_SSLV3_PRF_H__ #include <botan/kdf.h> +#include <memory> namespace Botan { diff --git a/src/lib/kdf/prf_tls/prf_tls.cpp b/src/lib/kdf/prf_tls/prf_tls.cpp index 006b418c9..6437932a8 100644 --- a/src/lib/kdf/prf_tls/prf_tls.cpp +++ b/src/lib/kdf/prf_tls/prf_tls.cpp @@ -19,13 +19,13 @@ namespace { * TLS PRF P_hash function */ void P_hash(secure_vector<byte>& output, - MessageAuthenticationCode* mac, + MessageAuthenticationCode& mac, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) { try { - mac->set_key(secret, secret_len); + mac.set_key(secret, secret_len); } catch(Invalid_Key_Length) { @@ -41,13 +41,13 @@ void P_hash(secure_vector<byte>& output, while(offset != output.size()) { const size_t this_block_len = - std::min<size_t>(mac->output_length(), output.size() - offset); + std::min<size_t>(mac.output_length(), output.size() - offset); - A = mac->process(A); + A = mac.process(A); - mac->update(A); - mac->update(seed, seed_len); - secure_vector<byte> block = mac->final(); + mac.update(A); + mac.update(seed, seed_len); + secure_vector<byte> block = mac.final(); xor_buf(&output[offset], &block[0], this_block_len); offset += this_block_len; @@ -61,14 +61,8 @@ void P_hash(secure_vector<byte>& output, */ TLS_PRF::TLS_PRF() { - hmac_md5 = new HMAC(new MD5); - hmac_sha1 = new HMAC(new SHA_160); - } - -TLS_PRF::~TLS_PRF() - { - delete hmac_md5; - delete hmac_sha1; + hmac_md5.reset(new HMAC(new MD5)); + hmac_sha1.reset(new HMAC(new SHA_160)); } /* @@ -85,8 +79,8 @@ secure_vector<byte> TLS_PRF::derive(size_t key_len, const byte* S1 = secret; const byte* S2 = secret + (secret_len - S2_len); - P_hash(output, hmac_md5, S1, S1_len, seed, seed_len); - P_hash(output, hmac_sha1, S2, S2_len, seed, seed_len); + P_hash(output, *hmac_md5, S1, S1_len, seed, seed_len); + P_hash(output, *hmac_sha1, S2, S2_len, seed, seed_len); return output; } @@ -98,18 +92,13 @@ TLS_12_PRF::TLS_12_PRF(MessageAuthenticationCode* mac) : hmac(mac) { } -TLS_12_PRF::~TLS_12_PRF() - { - delete hmac; - } - secure_vector<byte> TLS_12_PRF::derive(size_t key_len, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) const { secure_vector<byte> output(key_len); - P_hash(output, hmac, secret, secret_len, seed, seed_len); + P_hash(output, *hmac, secret, secret_len, seed, seed_len); return output; } diff --git a/src/lib/kdf/prf_tls/prf_tls.h b/src/lib/kdf/prf_tls/prf_tls.h index fce11eae0..654b7abdb 100644 --- a/src/lib/kdf/prf_tls/prf_tls.h +++ b/src/lib/kdf/prf_tls/prf_tls.h @@ -10,7 +10,7 @@ #include <botan/kdf.h> #include <botan/mac.h> -#include <botan/hash.h> +#include <memory> namespace Botan { @@ -28,10 +28,9 @@ class BOTAN_DLL TLS_PRF : public KDF KDF* clone() const { return new TLS_PRF; } TLS_PRF(); - ~TLS_PRF(); private: - MessageAuthenticationCode* hmac_md5; - MessageAuthenticationCode* hmac_sha1; + std::unique_ptr<MessageAuthenticationCode> hmac_md5; + std::unique_ptr<MessageAuthenticationCode> hmac_sha1; }; /** @@ -48,9 +47,8 @@ class BOTAN_DLL TLS_12_PRF : public KDF KDF* clone() const { return new TLS_12_PRF(hmac->clone()); } TLS_12_PRF(MessageAuthenticationCode* hmac); - ~TLS_12_PRF(); private: - MessageAuthenticationCode* hmac; + std::unique_ptr<MessageAuthenticationCode> hmac; }; } diff --git a/src/lib/mac/ssl3mac/ssl3_mac.h b/src/lib/mac/ssl3mac/ssl3_mac.h index 8ddb13ce8..36b3e7f51 100644 --- a/src/lib/mac/ssl3mac/ssl3_mac.h +++ b/src/lib/mac/ssl3mac/ssl3_mac.h @@ -10,6 +10,7 @@ #include <botan/hash.h> #include <botan/mac.h> +#include <memory> namespace Botan { @@ -20,14 +21,14 @@ class BOTAN_DLL SSL3_MAC : public MessageAuthenticationCode { public: std::string name() const; - size_t output_length() const { return hash->output_length(); } + size_t output_length() const { return m_hash->output_length(); } MessageAuthenticationCode* clone() const; void clear(); Key_Length_Specification key_spec() const { - return Key_Length_Specification(hash->output_length()); + return Key_Length_Specification(m_hash->output_length()); } /** diff --git a/src/lib/pbkdf/pbkdf1/pbkdf1.h b/src/lib/pbkdf/pbkdf1/pbkdf1.h index 783b70ed9..2f14c3f32 100644 --- a/src/lib/pbkdf/pbkdf1/pbkdf1.h +++ b/src/lib/pbkdf/pbkdf1/pbkdf1.h @@ -10,6 +10,7 @@ #include <botan/pbkdf.h> #include <botan/hash.h> +#include <memory> namespace Botan { @@ -27,15 +28,6 @@ class BOTAN_DLL PKCS5_PBKDF1 : public PBKDF */ PKCS5_PBKDF1(HashFunction* hash_in) : hash(hash_in) {} - /** - * Copy constructor - * @param other the object to copy - */ - PKCS5_PBKDF1(const PKCS5_PBKDF1& other) : - PBKDF(), hash(other.hash->clone()) {} - - ~PKCS5_PBKDF1() { delete hash; } - std::string name() const { return "PBKDF1(" + hash->name() + ")"; @@ -53,7 +45,7 @@ class BOTAN_DLL PKCS5_PBKDF1 : public PBKDF size_t iterations, std::chrono::milliseconds msec) const override; private: - HashFunction* hash; + std::unique_ptr<HashFunction> hash; }; } diff --git a/src/lib/pbkdf/pbkdf2/pbkdf2.h b/src/lib/pbkdf/pbkdf2/pbkdf2.h index 8bc271fcf..a88f2dd31 100644 --- a/src/lib/pbkdf/pbkdf2/pbkdf2.h +++ b/src/lib/pbkdf/pbkdf2/pbkdf2.h @@ -10,6 +10,7 @@ #include <botan/pbkdf.h> #include <botan/mac.h> +#include <memory> namespace Botan { @@ -38,16 +39,11 @@ class BOTAN_DLL PKCS5_PBKDF2 : public PBKDF /** * Create a PKCS #5 instance using the specified message auth code - * @param mac_fn the MAC to use + * @param mac_fn the MAC object to use as PRF */ PKCS5_PBKDF2(MessageAuthenticationCode* mac_fn) : mac(mac_fn) {} - - /** - * Destructor - */ - ~PKCS5_PBKDF2() { delete mac; } private: - MessageAuthenticationCode* mac; + std::unique_ptr<MessageAuthenticationCode> mac; }; } diff --git a/src/lib/pk_pad/eme1/eme1.cpp b/src/lib/pk_pad/eme1/eme1.cpp index dadb44d0a..9f236ec00 100644 --- a/src/lib/pk_pad/eme1/eme1.cpp +++ b/src/lib/pk_pad/eme1/eme1.cpp @@ -21,22 +21,24 @@ secure_vector<byte> EME1::pad(const byte in[], size_t in_length, { key_length /= 8; - if(key_length < in_length + 2*Phash.size() + 1) + if(key_length < in_length + 2*m_Phash.size() + 1) throw Invalid_Argument("EME1: Input is too large"); secure_vector<byte> out(key_length); - rng.randomize(&out[0], Phash.size()); + rng.randomize(&out[0], m_Phash.size()); - buffer_insert(out, Phash.size(), &Phash[0], Phash.size()); + buffer_insert(out, m_Phash.size(), &m_Phash[0], m_Phash.size()); out[out.size() - in_length - 1] = 0x01; buffer_insert(out, out.size() - in_length, in, in_length); - mgf->mask(&out[0], Phash.size(), - &out[Phash.size()], out.size() - Phash.size()); + mgf1_mask(*m_hash, + &out[0], m_Phash.size(), + &out[m_Phash.size()], out.size() - m_Phash.size()); - mgf->mask(&out[Phash.size()], out.size() - Phash.size(), - &out[0], Phash.size()); + mgf1_mask(*m_hash, + &out[m_Phash.size()], out.size() - m_Phash.size(), + &out[0], m_Phash.size()); return out; } @@ -68,14 +70,17 @@ secure_vector<byte> EME1::unpad(const byte in[], size_t in_length, secure_vector<byte> input(key_length); buffer_insert(input, key_length - in_length, in, in_length); - mgf->mask(&input[Phash.size()], input.size() - Phash.size(), - &input[0], Phash.size()); - mgf->mask(&input[0], Phash.size(), - &input[Phash.size()], input.size() - Phash.size()); + mgf1_mask(*m_hash, + &input[m_Phash.size()], input.size() - m_Phash.size(), + &input[0], m_Phash.size()); + + mgf1_mask(*m_hash, + &input[0], m_Phash.size(), + &input[m_Phash.size()], input.size() - m_Phash.size()); bool waiting_for_delim = true; bool bad_input = false; - size_t delim_idx = 2 * Phash.size(); + size_t delim_idx = 2 * m_Phash.size(); /* * GCC 4.5 on x86-64 compiles this in a way that is still vunerable @@ -99,7 +104,7 @@ secure_vector<byte> EME1::unpad(const byte in[], size_t in_length, // If we never saw any non-zero byte, then it's not valid input bad_input |= waiting_for_delim; - bad_input |= !same_mem(&input[Phash.size()], &Phash[0], Phash.size()); + bad_input |= !same_mem(&input[m_Phash.size()], &m_Phash[0], m_Phash.size()); if(bad_input) throw Decoding_Error("Invalid EME1 encoding"); @@ -112,8 +117,8 @@ secure_vector<byte> EME1::unpad(const byte in[], size_t in_length, */ size_t EME1::maximum_input_size(size_t keybits) const { - if(keybits / 8 > 2*Phash.size() + 1) - return ((keybits / 8) - 2*Phash.size() - 1); + if(keybits / 8 > 2*m_Phash.size() + 1) + return ((keybits / 8) - 2*m_Phash.size() - 1); else return 0; } @@ -121,10 +126,9 @@ size_t EME1::maximum_input_size(size_t keybits) const /* * EME1 Constructor */ -EME1::EME1(HashFunction* hash, const std::string& P) +EME1::EME1(HashFunction* hash, const std::string& P) : m_hash(hash) { - Phash = hash->process(P); - mgf = new MGF1(hash); + m_Phash = m_hash->process(P); } } diff --git a/src/lib/pk_pad/eme1/eme1.h b/src/lib/pk_pad/eme1/eme1.h index eb6fc6bf5..3c71919a8 100644 --- a/src/lib/pk_pad/eme1/eme1.h +++ b/src/lib/pk_pad/eme1/eme1.h @@ -11,6 +11,7 @@ #include <botan/eme.h> #include <botan/kdf.h> #include <botan/hash.h> +#include <memory> namespace Botan { @@ -27,15 +28,13 @@ class BOTAN_DLL EME1 : public EME * @param P an optional label. Normally empty. */ EME1(HashFunction* hash, const std::string& P = ""); - - ~EME1() { delete mgf; } private: secure_vector<byte> pad(const byte[], size_t, size_t, RandomNumberGenerator&) const; secure_vector<byte> unpad(const byte[], size_t, size_t) const; - secure_vector<byte> Phash; - MGF* mgf; + secure_vector<byte> m_Phash; + std::unique_ptr<HashFunction> m_hash; }; } diff --git a/src/lib/pk_pad/eme1/info.txt b/src/lib/pk_pad/eme1/info.txt index 7e911f495..7ae3e98da 100644 --- a/src/lib/pk_pad/eme1/info.txt +++ b/src/lib/pk_pad/eme1/info.txt @@ -4,6 +4,5 @@ load_on auto <requires> hash -kdf mgf1 </requires> diff --git a/src/lib/pk_pad/emsa4/emsa4.cpp b/src/lib/pk_pad/emsa4/emsa4.cpp index c8b8cbc6a..d05c9bef2 100644 --- a/src/lib/pk_pad/emsa4/emsa4.cpp +++ b/src/lib/pk_pad/emsa4/emsa4.cpp @@ -8,6 +8,7 @@ #include <botan/emsa4.h> #include <botan/mgf1.h> #include <botan/internal/bit_ops.h> +#include <botan/internal/xor_buf.h> namespace Botan { @@ -55,7 +56,7 @@ secure_vector<byte> EMSA4::encoding_of(const secure_vector<byte>& msg, EM[output_length - HASH_SIZE - SALT_SIZE - 2] = 0x01; buffer_insert(EM, output_length - 1 - HASH_SIZE - SALT_SIZE, salt); - mgf->mask(&H[0], HASH_SIZE, &EM[0], output_length - HASH_SIZE - 1); + mgf1_mask(*hash, &H[0], HASH_SIZE, &EM[0], output_length - HASH_SIZE - 1); EM[0] &= 0xFF >> (8 * ((output_bits + 7) / 8) - output_bits); buffer_insert(EM, output_length - 1 - HASH_SIZE, H); EM[output_length-1] = 0xBC; @@ -102,7 +103,7 @@ bool EMSA4::verify(const secure_vector<byte>& const_coded, const byte* H = &coded[DB_size]; const size_t H_size = HASH_SIZE; - mgf->mask(&H[0], H_size, &DB[0], DB_size); + mgf1_mask(*hash, &H[0], H_size, &DB[0], DB_size); DB[0] &= 0xFF >> TOP_BITS; size_t salt_offset = 0; @@ -131,7 +132,6 @@ bool EMSA4::verify(const secure_vector<byte>& const_coded, EMSA4::EMSA4(HashFunction* h) : SALT_SIZE(h->output_length()), hash(h) { - mgf = new MGF1(hash->clone()); } /* @@ -140,7 +140,6 @@ EMSA4::EMSA4(HashFunction* h) : EMSA4::EMSA4(HashFunction* h, size_t salt_size) : SALT_SIZE(salt_size), hash(h) { - mgf = new MGF1(hash->clone()); } } diff --git a/src/lib/pk_pad/emsa4/emsa4.h b/src/lib/pk_pad/emsa4/emsa4.h index 44bf5a429..5202ccbb5 100644 --- a/src/lib/pk_pad/emsa4/emsa4.h +++ b/src/lib/pk_pad/emsa4/emsa4.h @@ -10,7 +10,7 @@ #include <botan/emsa.h> #include <botan/hash.h> -#include <botan/kdf.h> +#include <memory> namespace Botan { @@ -30,20 +30,21 @@ class BOTAN_DLL EMSA4 : public EMSA * @param salt_size the size of the salt to use in bytes */ EMSA4(HashFunction* hash, size_t salt_size); - - ~EMSA4() { delete hash; delete mgf; } private: - void update(const byte[], size_t); + void update(const byte input[], size_t length); + secure_vector<byte> raw_data(); - secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t, - RandomNumberGenerator& rng); - bool verify(const secure_vector<byte>&, const secure_vector<byte>&, - size_t); + secure_vector<byte> encoding_of(const secure_vector<byte>& msg, + size_t output_bits, + RandomNumberGenerator& rng); + + bool verify(const secure_vector<byte>& coded, + const secure_vector<byte>& raw, + size_t key_bits); size_t SALT_SIZE; - HashFunction* hash; - const MGF* mgf; + std::unique_ptr<HashFunction> hash; }; } diff --git a/src/lib/pk_pad/emsa4/info.txt b/src/lib/pk_pad/emsa4/info.txt index b7ea466ce..28214d547 100644 --- a/src/lib/pk_pad/emsa4/info.txt +++ b/src/lib/pk_pad/emsa4/info.txt @@ -2,6 +2,5 @@ define EMSA4 20131128 <requires> hash -kdf mgf1 </requires> diff --git a/src/lib/kdf/mgf1/info.txt b/src/lib/pk_pad/mgf1/info.txt index c6254b8a0..65d471c8a 100644 --- a/src/lib/kdf/mgf1/info.txt +++ b/src/lib/pk_pad/mgf1/info.txt @@ -1,4 +1,4 @@ -define MGF1 20131128 +define MGF1 20140118 <requires> hash diff --git a/src/lib/pk_pad/mgf1/mgf1.cpp b/src/lib/pk_pad/mgf1/mgf1.cpp new file mode 100644 index 000000000..eae2fed59 --- /dev/null +++ b/src/lib/pk_pad/mgf1/mgf1.cpp @@ -0,0 +1,36 @@ +/* +* MGF1 +* (C) 1999-2007 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#include <botan/mgf1.h> +#include <botan/exceptn.h> +#include <botan/internal/xor_buf.h> +#include <algorithm> + +namespace Botan { + +void mgf1_mask(HashFunction& hash, + const byte in[], size_t in_len, + byte out[], size_t out_len) + { + u32bit counter = 0; + + while(out_len) + { + hash.update(in, in_len); + hash.update_be(counter); + secure_vector<byte> buffer = hash.final(); + + size_t xored = std::min<size_t>(buffer.size(), out_len); + xor_buf(out, &buffer[0], xored); + out += xored; + out_len -= xored; + + ++counter; + } + } + +} diff --git a/src/lib/pk_pad/mgf1/mgf1.h b/src/lib/pk_pad/mgf1/mgf1.h new file mode 100644 index 000000000..bceaf0857 --- /dev/null +++ b/src/lib/pk_pad/mgf1/mgf1.h @@ -0,0 +1,25 @@ +/* +* MGF1 +* (C) 1999-2007,2014 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#ifndef BOTAN_MGF1_H__ +#define BOTAN_MGF1_H__ + +#include <botan/kdf.h> +#include <botan/hash.h> + +namespace Botan { + +/** +* MGF1 from PKCS #1 v2.0 +*/ +void mgf1_mask(HashFunction& hash, + const byte in[], size_t in_len, + byte out[], size_t out_len); + +} + +#endif |