aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-03-08 15:36:18 +0000
committerlloyd <[email protected]>2010-03-08 15:36:18 +0000
commit8a47f6f2bbf169a2ea0853234f81b49070c770df (patch)
tree2633ed0d927faf23a067aa88d6cceb9de29f0be4 /src
parent05f6d6c8edec9907778f362c927f368140fee6a2 (diff)
Modify pubkey classes to take names instead of object pointers.
Remove use of look_pk from the source and examples, instead instantiate classes directly.
Diffstat (limited to 'src')
-rw-r--r--src/cert/cvc/cvc_self.cpp26
-rw-r--r--src/cert/cvc/signed_obj.cpp6
-rw-r--r--src/cert/x509/x509_ca.cpp4
-rw-r--r--src/cert/x509/x509_obj.cpp7
-rw-r--r--src/cert/x509/x509self.cpp1
-rw-r--r--src/cert/x509/x509stor.cpp8
-rw-r--r--src/cms/cms_dalg.cpp1
-rw-r--r--src/cms/cms_ealg.cpp19
-rw-r--r--src/pubkey/dlies/dlies.cpp11
-rw-r--r--src/pubkey/dlies/dlies.h4
-rw-r--r--src/pubkey/dsa/dsa.cpp8
-rw-r--r--src/pubkey/elgamal/elgamal.cpp9
-rw-r--r--src/pubkey/keypair/keypair.cpp30
-rw-r--r--src/pubkey/keypair/keypair.h8
-rw-r--r--src/pubkey/nr/nr.cpp9
-rw-r--r--src/pubkey/rsa/rsa.cpp12
-rw-r--r--src/pubkey/rw/rw.cpp9
-rw-r--r--src/ssl/c_kex.cpp22
-rw-r--r--src/ssl/cert_ver.cpp52
-rw-r--r--src/ssl/s_kex.cpp62
20 files changed, 148 insertions, 160 deletions
diff --git a/src/cert/cvc/cvc_self.cpp b/src/cert/cvc/cvc_self.cpp
index b54b8b4bb..fbd042676 100644
--- a/src/cert/cvc/cvc_self.cpp
+++ b/src/cert/cvc/cvc_self.cpp
@@ -10,7 +10,6 @@
#include <botan/point_gfp.h>
#include <botan/time.h>
#include <botan/oids.h>
-#include <botan/look_pk.h>
#include <sstream>
namespace Botan {
@@ -105,12 +104,11 @@ EAC1_1_CVC create_self_signed_cert(Private_Key const& key,
sig_algo.oid = OIDS::lookup(priv_key->algo_name() + "/" + padding_and_hash);
sig_algo = AlgorithmIdentifier(sig_algo.oid, AlgorithmIdentifier::USE_NULL_PARAM);
- std::auto_ptr<Botan::PK_Signer> signer(
- get_pk_signer(*priv_key, padding_and_hash));
+ PK_Signer signer(*priv_key, padding_and_hash);
MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
- return make_cvc_cert(*signer,
+ return make_cvc_cert(signer,
enc_public_key,
opt.car, chr,
opt.holder_auth_templ,
@@ -133,7 +131,7 @@ EAC1_1_Req create_cvc_req(Private_Key const& key,
sig_algo.oid = OIDS::lookup(priv_key->algo_name() + "/" + padding_and_hash);
sig_algo = AlgorithmIdentifier(sig_algo.oid, AlgorithmIdentifier::USE_NULL_PARAM);
- std::auto_ptr<Botan::PK_Signer> signer(get_pk_signer(*priv_key, padding_and_hash));
+ PK_Signer signer(*priv_key, padding_and_hash);
MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
@@ -146,7 +144,7 @@ EAC1_1_Req create_cvc_req(Private_Key const& key,
.get_contents();
MemoryVector<byte> signed_cert =
- EAC1_1_gen_CVC<EAC1_1_Req>::make_signed(*signer,
+ EAC1_1_gen_CVC<EAC1_1_Req>::make_signed(signer,
EAC1_1_gen_CVC<EAC1_1_Req>::build_cert_body(tbs),
rng);
@@ -166,10 +164,10 @@ EAC1_1_ADO create_ado_req(Private_Key const& key,
throw Invalid_Argument("CVC_EAC::create_self_signed_cert(): unsupported key type");
}
std::string padding_and_hash = padding_and_hash_from_oid(req.signature_algorithm().oid);
- std::auto_ptr<Botan::PK_Signer> signer(get_pk_signer(*priv_key, padding_and_hash));
+ PK_Signer signer(*priv_key, padding_and_hash);
SecureVector<byte> tbs_bits = req.BER_encode();
tbs_bits.append(DER_Encoder().encode(car).get_contents());
- MemoryVector<byte> signed_cert = EAC1_1_ADO::make_signed(*signer, tbs_bits, rng);
+ MemoryVector<byte> signed_cert = EAC1_1_ADO::make_signed(signer, tbs_bits, rng);
DataSource_Memory source(signed_cert);
return EAC1_1_ADO(source);
@@ -199,7 +197,7 @@ EAC1_1_CVC create_cvca(Private_Key const& key,
opts.cex.add_months(cvca_validity_months);
opts.holder_auth_templ = (CVCA | (iris * IRIS) | (fingerpr * FINGERPRINT));
opts.hash_alg = hash;
- return Botan::CVC_EAC::create_self_signed_cert(*priv_key, opts, rng);
+ return CVC_EAC::create_self_signed_cert(*priv_key, opts, rng);
}
@@ -230,14 +228,14 @@ EAC1_1_CVC link_cvca(EAC1_1_CVC const& signer,
}
AlgorithmIdentifier sig_algo = signer.signature_algorithm();
std::string padding_and_hash = padding_and_hash_from_oid(sig_algo.oid);
- std::auto_ptr<Botan::PK_Signer> pk_signer(get_pk_signer(*priv_key, padding_and_hash));
+ PK_Signer pk_signer(*priv_key, padding_and_hash);
std::auto_ptr<Public_Key> pk = signee.subject_public_key();
ECDSA_PublicKey* subj_pk = dynamic_cast<ECDSA_PublicKey*>(pk.get());
subj_pk->set_parameter_encoding(EC_DOMPAR_ENC_EXPLICIT);
MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
- return make_cvc_cert(*pk_signer, enc_public_key,
+ return make_cvc_cert(pk_signer, enc_public_key,
signer.get_car(),
signee.get_chr(),
signer.get_chat_value(),
@@ -264,7 +262,7 @@ EAC1_1_CVC sign_request(EAC1_1_CVC const& signer_cert,
chr_str += to_string(seqnr, seqnr_len);
ASN1_Chr chr(chr_str);
std::string padding_and_hash = padding_and_hash_from_oid(signee.signature_algorithm().oid);
- std::auto_ptr<Botan::PK_Signer> pk_signer(get_pk_signer(*priv_key, padding_and_hash));
+ PK_Signer pk_signer(*priv_key, padding_and_hash);
std::auto_ptr<Public_Key> pk = signee.subject_public_key();
ECDSA_PublicKey* subj_pk = dynamic_cast<ECDSA_PublicKey*>(pk.get());
std::auto_ptr<Public_Key> signer_pk = signer_cert.subject_public_key();
@@ -304,7 +302,7 @@ EAC1_1_CVC sign_request(EAC1_1_CVC const& signer_cert,
MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
- return make_cvc_cert(*pk_signer, enc_public_key,
+ return make_cvc_cert(pk_signer, enc_public_key,
ASN1_Car(signer_cert.get_chr().iso_8859()),
chr,
chat_val,
@@ -325,7 +323,7 @@ EAC1_1_Req create_cvc_req(Private_Key const& prkey,
}
ECDSA_PrivateKey key(*priv_key);
key.set_parameter_encoding(EC_DOMPAR_ENC_IMPLICITCA);
- return Botan::CVC_EAC::create_cvc_req(key, chr, hash_alg, rng);
+ return CVC_EAC::create_cvc_req(key, chr, hash_alg, rng);
}
} // namespace DE_EAC
diff --git a/src/cert/cvc/signed_obj.cpp b/src/cert/cvc/signed_obj.cpp
index ddb714621..d6aa2f02b 100644
--- a/src/cert/cvc/signed_obj.cpp
+++ b/src/cert/cvc/signed_obj.cpp
@@ -7,7 +7,7 @@
*/
#include <botan/signed_obj.h>
-#include <botan/look_pk.h>
+#include <botan/pubkey.h>
#include <botan/oids.h>
#include <memory>
@@ -64,8 +64,8 @@ bool EAC_Signed_Object::check_signature(Public_Key& pub_key,
SecureVector<byte> to_sign = tbs_data();
- std::auto_ptr<PK_Verifier> verifier(get_pk_verifier(pub_key, padding, format));
- return verifier->verify_message(to_sign, sig);
+ PK_Verifier verifier(pub_key, padding, format);
+ return verifier.verify_message(to_sign, sig);
}
catch(...)
{
diff --git a/src/cert/x509/x509_ca.cpp b/src/cert/x509/x509_ca.cpp
index 00a105d1d..1f3e643e9 100644
--- a/src/cert/x509/x509_ca.cpp
+++ b/src/cert/x509/x509_ca.cpp
@@ -7,12 +7,12 @@
#include <botan/x509_ca.h>
#include <botan/x509stor.h>
+#include <botan/pubkey.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/bigint.h>
#include <botan/parsing.h>
#include <botan/lookup.h>
-#include <botan/look_pk.h>
#include <botan/oids.h>
#include <botan/time.h>
#include <algorithm>
@@ -272,7 +272,7 @@ PK_Signer* choose_sig_format(const Private_Key& key,
sig_algo.oid = OIDS::lookup(algo_name + "/" + padding);
sig_algo.parameters = key.algorithm_identifier().parameters;
- return get_pk_signer(key, padding, format);
+ return new PK_Signer(key, padding, format);
}
}
diff --git a/src/cert/x509/x509_obj.cpp b/src/cert/x509/x509_obj.cpp
index fb92a9cb0..820972614 100644
--- a/src/cert/x509/x509_obj.cpp
+++ b/src/cert/x509/x509_obj.cpp
@@ -7,7 +7,7 @@
#include <botan/x509_obj.h>
#include <botan/x509_key.h>
-#include <botan/look_pk.h>
+#include <botan/pubkey.h>
#include <botan/oids.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
@@ -168,10 +168,9 @@ bool X509_Object::check_signature(Public_Key& pub_key) const
Signature_Format format =
(pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
- std::auto_ptr<PK_Verifier> verifier(
- get_pk_verifier(pub_key, padding, format));
+ PK_Verifier verifier(pub_key, padding, format);
- return verifier->verify_message(tbs_data(), signature());
+ return verifier.verify_message(tbs_data(), signature());
}
catch(...)
{
diff --git a/src/cert/x509/x509self.cpp b/src/cert/x509/x509self.cpp
index e85317462..89b63c8b2 100644
--- a/src/cert/x509/x509self.cpp
+++ b/src/cert/x509/x509self.cpp
@@ -9,7 +9,6 @@
#include <botan/x509_ext.h>
#include <botan/x509_ca.h>
#include <botan/der_enc.h>
-#include <botan/look_pk.h>
#include <botan/oids.h>
#include <botan/pipe.h>
#include <memory>
diff --git a/src/cert/x509/x509stor.cpp b/src/cert/x509/x509stor.cpp
index b134817e4..a24d4a070 100644
--- a/src/cert/x509/x509stor.cpp
+++ b/src/cert/x509/x509stor.cpp
@@ -8,7 +8,6 @@
#include <botan/x509stor.h>
#include <botan/parsing.h>
#include <botan/pubkey.h>
-#include <botan/look_pk.h>
#include <botan/oids.h>
#include <botan/time.h>
#include <algorithm>
@@ -394,11 +393,10 @@ X509_Code X509_Store::check_sig(const X509_Object& object, Public_Key* key)
if(key->message_parts() >= 2) format = DER_SEQUENCE;
else format = IEEE_1363;
- std::auto_ptr<PK_Verifier> verifier(
- get_pk_verifier(*pub_key.get(), padding, format));
+ PK_Verifier verifier(*pub_key.get(), padding, format);
- bool valid = verifier->verify_message(object.tbs_data(),
- object.signature());
+ bool valid = verifier.verify_message(object.tbs_data(),
+ object.signature());
if(valid)
return VERIFIED;
diff --git a/src/cms/cms_dalg.cpp b/src/cms/cms_dalg.cpp
index 1fc4e2faa..50a2397e5 100644
--- a/src/cms/cms_dalg.cpp
+++ b/src/cms/cms_dalg.cpp
@@ -10,7 +10,6 @@
#include <botan/ber_dec.h>
#include <botan/oids.h>
#include <botan/hash.h>
-#include <botan/look_pk.h>
#include <botan/bigint.h>
#include <botan/libstate.h>
#include <memory>
diff --git a/src/cms/cms_ealg.cpp b/src/cms/cms_ealg.cpp
index 4bae96302..0cfdbba82 100644
--- a/src/cms/cms_ealg.cpp
+++ b/src/cms/cms_ealg.cpp
@@ -6,15 +6,15 @@
*/
#include <botan/cms_enc.h>
-#include <botan/der_enc.h>
-#include <botan/x509find.h>
#include <botan/bigint.h>
-#include <botan/oids.h>
#include <botan/cbc.h>
+#include <botan/der_enc.h>
#include <botan/hash.h>
-#include <botan/look_pk.h>
#include <botan/libstate.h>
+#include <botan/oids.h>
#include <botan/pipe.h>
+#include <botan/pubkey.h>
+#include <botan/x509find.h>
#include <memory>
namespace Botan {
@@ -130,7 +130,8 @@ void CMS_Encoder::encrypt_ktri(RandomNumberGenerator& rng,
{
const std::string padding = "EME-PKCS1-v1_5";
const std::string pk_algo = pub_key->algo_name();
- std::auto_ptr<PK_Encryptor> enc(get_pk_encryptor(*pub_key, padding));
+
+ PK_Encryptor_MR_with_EME encryptor(*pub_key, padding);
SymmetricKey cek = setup_key(rng, cipher);
@@ -146,7 +147,7 @@ void CMS_Encoder::encrypt_ktri(RandomNumberGenerator& rng,
.encode((u32bit)0);
encode_si(encoder, to)
.encode(alg_id)
- .encode(enc->encrypt(cek.bits_of(), rng), OCTET_STRING)
+ .encode(encryptor.encrypt(cek.bits_of(), rng), OCTET_STRING)
.end_cons()
.end_cons()
.raw_bytes(do_encrypt(rng, cek, cipher))
@@ -292,14 +293,14 @@ void CMS_Encoder::sign(const X509_Certificate& cert,
Signature_Format format = IEEE_1363;
- std::auto_ptr<PK_Signer> signer(get_pk_signer(key, padding, format));
+ PK_Signer signer(key, padding, format);
AlgorithmIdentifier sig_algo(OIDS::lookup(key.algo_name() + "/" + padding),
AlgorithmIdentifier::USE_NULL_PARAM);
SecureVector<byte> signed_attr = encode_attr(data, type, hash);
- signer->update(signed_attr);
- SecureVector<byte> signature = signer->signature(rng);
+ signer.update(signed_attr);
+ SecureVector<byte> signature = signer.signature(rng);
signed_attr[0] = 0xA0;
const u32bit SI_VERSION = cert.subject_key_id().size() ? 3 : 1;
diff --git a/src/pubkey/dlies/dlies.cpp b/src/pubkey/dlies/dlies.cpp
index 2253f84d5..07477fd5d 100644
--- a/src/pubkey/dlies/dlies.cpp
+++ b/src/pubkey/dlies/dlies.cpp
@@ -6,7 +6,6 @@
*/
#include <botan/dlies.h>
-#include <botan/look_pk.h>
#include <botan/internal/xor_buf.h>
namespace Botan {
@@ -18,7 +17,7 @@ DLIES_Encryptor::DLIES_Encryptor(const PK_Key_Agreement_Key& key,
KDF* kdf_obj,
MessageAuthenticationCode* mac_obj,
u32bit mac_kl) :
- ka(get_pk_kas(key, "Raw")),
+ ka(key, "Raw"),
kdf(kdf_obj),
mac(mac_obj),
mac_keylen(mac_kl)
@@ -28,7 +27,6 @@ DLIES_Encryptor::DLIES_Encryptor(const PK_Key_Agreement_Key& key,
DLIES_Encryptor::~DLIES_Encryptor()
{
- delete ka;
delete kdf;
delete mac;
}
@@ -48,7 +46,7 @@ SecureVector<byte> DLIES_Encryptor::enc(const byte in[], u32bit length,
out.copy(my_key, my_key.size());
out.copy(my_key.size(), in, length);
- SecureVector<byte> vz(my_key, ka->derive_key(0, other_key).bits_of());
+ SecureVector<byte> vz(my_key, ka.derive_key(0, other_key).bits_of());
const u32bit K_LENGTH = length + mac_keylen;
OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size());
@@ -92,7 +90,7 @@ DLIES_Decryptor::DLIES_Decryptor(const PK_Key_Agreement_Key& key,
KDF* kdf_obj,
MessageAuthenticationCode* mac_obj,
u32bit mac_kl) :
- ka(get_pk_kas(key, "Raw")),
+ ka(key, "Raw"),
kdf(kdf_obj),
mac(mac_obj),
mac_keylen(mac_kl)
@@ -102,7 +100,6 @@ DLIES_Decryptor::DLIES_Decryptor(const PK_Key_Agreement_Key& key,
DLIES_Decryptor::~DLIES_Decryptor()
{
- delete ka;
delete kdf;
delete mac;
}
@@ -121,7 +118,7 @@ SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], u32bit length) const
SecureVector<byte> C(msg + my_key.size(), CIPHER_LEN);
SecureVector<byte> T(msg + my_key.size() + CIPHER_LEN, mac->OUTPUT_LENGTH);
- SecureVector<byte> vz(v, ka->derive_key(0, v).bits_of());
+ SecureVector<byte> vz(v, ka.derive_key(0, v).bits_of());
const u32bit K_LENGTH = C.size() + mac_keylen;
OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size());
diff --git a/src/pubkey/dlies/dlies.h b/src/pubkey/dlies/dlies.h
index e8b87a091..fd2cefe4a 100644
--- a/src/pubkey/dlies/dlies.h
+++ b/src/pubkey/dlies/dlies.h
@@ -35,7 +35,7 @@ class BOTAN_DLL DLIES_Encryptor : public PK_Encryptor
SecureVector<byte> other_key, my_key;
- PK_Key_Agreement* ka;
+ PK_Key_Agreement ka;
KDF* kdf;
MessageAuthenticationCode* mac;
u32bit mac_keylen;
@@ -59,7 +59,7 @@ class BOTAN_DLL DLIES_Decryptor : public PK_Decryptor
SecureVector<byte> my_key;
- PK_Key_Agreement* ka;
+ PK_Key_Agreement ka;
KDF* kdf;
MessageAuthenticationCode* mac;
u32bit mac_keylen;
diff --git a/src/pubkey/dsa/dsa.cpp b/src/pubkey/dsa/dsa.cpp
index 1fbc2abc1..bd9641856 100644
--- a/src/pubkey/dsa/dsa.cpp
+++ b/src/pubkey/dsa/dsa.cpp
@@ -8,7 +8,6 @@
#include <botan/dsa.h>
#include <botan/numthry.h>
#include <botan/keypair.h>
-#include <botan/look_pk.h>
namespace Botan {
@@ -65,10 +64,9 @@ bool DSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
try
{
- KeyPair::check_key(rng,
- get_pk_signer(*this, "EMSA1(SHA-1)"),
- get_pk_verifier(*this, "EMSA1(SHA-1)")
- );
+ PK_Signer this_signer(*this, "EMSA1(SHA-1)");
+ PK_Verifier this_verifier(*this, "EMSA1(SHA-1)");
+ KeyPair::check_key(rng, this_signer, this_verifier);
}
catch(Self_Test_Failure)
{
diff --git a/src/pubkey/elgamal/elgamal.cpp b/src/pubkey/elgamal/elgamal.cpp
index 2abd769e5..6b919d916 100644
--- a/src/pubkey/elgamal/elgamal.cpp
+++ b/src/pubkey/elgamal/elgamal.cpp
@@ -8,7 +8,6 @@
#include <botan/elgamal.h>
#include <botan/numthry.h>
#include <botan/keypair.h>
-#include <botan/look_pk.h>
#include <botan/internal/workfactor.h>
namespace Botan {
@@ -66,10 +65,12 @@ bool ElGamal_PrivateKey::check_key(RandomNumberGenerator& rng,
try
{
+ PK_Encryptor_MR_with_EME this_encryptor(*this, "EME1(SHA-1)");
+ PK_Decryptor_MR_with_EME this_decryptor(*this, "EME1(SHA-1)");
+
KeyPair::check_key(rng,
- get_pk_encryptor(*this, "EME1(SHA-1)"),
- get_pk_decryptor(*this, "EME1(SHA-1)")
- );
+ this_encryptor,
+ this_decryptor);
}
catch(Self_Test_Failure)
{
diff --git a/src/pubkey/keypair/keypair.cpp b/src/pubkey/keypair/keypair.cpp
index 486577fc5..d54d8e442 100644
--- a/src/pubkey/keypair/keypair.cpp
+++ b/src/pubkey/keypair/keypair.cpp
@@ -1,13 +1,11 @@
/*
* Keypair Checks
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2010 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
#include <botan/keypair.h>
-#include <botan/look_pk.h>
-#include <memory>
namespace Botan {
@@ -17,22 +15,20 @@ namespace KeyPair {
* Check an encryption key pair for consistency
*/
void check_key(RandomNumberGenerator& rng,
- PK_Encryptor* encryptor, PK_Decryptor* decryptor)
+ PK_Encryptor& encryptor,
+ PK_Decryptor& decryptor)
{
- if(encryptor->maximum_input_size() == 0)
+ if(encryptor.maximum_input_size() == 0)
return;
- std::auto_ptr<PK_Encryptor> enc(encryptor);
- std::auto_ptr<PK_Decryptor> dec(decryptor);
-
- SecureVector<byte> message(enc->maximum_input_size() - 1);
+ SecureVector<byte> message(encryptor.maximum_input_size() - 1);
rng.randomize(message, message.size());
- SecureVector<byte> ciphertext = enc->encrypt(message, rng);
+ SecureVector<byte> ciphertext = encryptor.encrypt(message, rng);
if(ciphertext == message)
throw Self_Test_Failure("Encryption key pair consistency failure");
- SecureVector<byte> message2 = dec->decrypt(ciphertext);
+ SecureVector<byte> message2 = decryptor.decrypt(ciphertext);
if(message != message2)
throw Self_Test_Failure("Encryption key pair consistency failure");
}
@@ -41,11 +37,9 @@ void check_key(RandomNumberGenerator& rng,
* Check a signature key pair for consistency
*/
void check_key(RandomNumberGenerator& rng,
- PK_Signer* signer, PK_Verifier* verifier)
+ PK_Signer& signer,
+ PK_Verifier& verifier)
{
- std::auto_ptr<PK_Signer> sig(signer);
- std::auto_ptr<PK_Verifier> ver(verifier);
-
SecureVector<byte> message(16);
rng.randomize(message, message.size());
@@ -53,18 +47,18 @@ void check_key(RandomNumberGenerator& rng,
try
{
- signature = sig->sign_message(message, rng);
+ signature = signer.sign_message(message, rng);
}
catch(Encoding_Error)
{
return;
}
- if(!ver->verify_message(message, signature))
+ if(!verifier.verify_message(message, signature))
throw Self_Test_Failure("Signature key pair consistency failure");
++message[0];
- if(ver->verify_message(message, signature))
+ if(verifier.verify_message(message, signature))
throw Self_Test_Failure("Signature key pair consistency failure");
}
diff --git a/src/pubkey/keypair/keypair.h b/src/pubkey/keypair/keypair.h
index b1d5c2da0..22dcca0ea 100644
--- a/src/pubkey/keypair/keypair.h
+++ b/src/pubkey/keypair/keypair.h
@@ -24,8 +24,8 @@ namespace KeyPair {
* @throw Self_Test_Failure if the arguments are not related to each other
*/
BOTAN_DLL void check_key(RandomNumberGenerator& rng,
- PK_Encryptor* enc,
- PK_Decryptor* dec);
+ PK_Encryptor& enc,
+ PK_Decryptor& dec);
/**
* Tests whether the specified signer and verifier are related to each other,
@@ -37,8 +37,8 @@ BOTAN_DLL void check_key(RandomNumberGenerator& rng,
* @throw Self_Test_Failure if the arguments are not related to each other
*/
BOTAN_DLL void check_key(RandomNumberGenerator& rng,
- PK_Signer* sig,
- PK_Verifier* ver);
+ PK_Signer& sig,
+ PK_Verifier& ver);
}
diff --git a/src/pubkey/nr/nr.cpp b/src/pubkey/nr/nr.cpp
index 1fc8630d7..8a1b8c261 100644
--- a/src/pubkey/nr/nr.cpp
+++ b/src/pubkey/nr/nr.cpp
@@ -8,7 +8,6 @@
#include <botan/nr.h>
#include <botan/numthry.h>
#include <botan/keypair.h>
-#include <botan/look_pk.h>
namespace Botan {
@@ -71,10 +70,12 @@ bool NR_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
try
{
+ PK_Signer this_signer(*this, "EMSA1(SHA-1)");
+ PK_Verifier this_verifier(*this, "EMSA1(SHA-1)");
+
KeyPair::check_key(rng,
- get_pk_signer(*this, "EMSA1(SHA-1)"),
- get_pk_verifier(*this, "EMSA1(SHA-1)")
- );
+ this_signer,
+ this_verifier);
}
catch(Self_Test_Failure)
{
diff --git a/src/pubkey/rsa/rsa.cpp b/src/pubkey/rsa/rsa.cpp
index dc182f36a..984d030ef 100644
--- a/src/pubkey/rsa/rsa.cpp
+++ b/src/pubkey/rsa/rsa.cpp
@@ -9,7 +9,6 @@
#include <botan/parsing.h>
#include <botan/numthry.h>
#include <botan/keypair.h>
-#include <botan/look_pk.h>
namespace Botan {
@@ -57,15 +56,12 @@ bool RSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
try
{
- KeyPair::check_key(rng,
- get_pk_encryptor(*this, "EME1(SHA-1)"),
- get_pk_decryptor(*this, "EME1(SHA-1)")
- );
+ PK_Signer this_signer(*this, "EMSA4(SHA-1)");
+ PK_Verifier this_verifier(*this, "EMSA4(SHA-1)");
KeyPair::check_key(rng,
- get_pk_signer(*this, "EMSA4(SHA-1)"),
- get_pk_verifier(*this, "EMSA4(SHA-1)")
- );
+ this_signer,
+ this_verifier);
}
catch(Self_Test_Failure)
{
diff --git a/src/pubkey/rw/rw.cpp b/src/pubkey/rw/rw.cpp
index 7b87ce7df..b2bf2f916 100644
--- a/src/pubkey/rw/rw.cpp
+++ b/src/pubkey/rw/rw.cpp
@@ -8,7 +8,6 @@
#include <botan/rw.h>
#include <botan/numthry.h>
#include <botan/keypair.h>
-#include <botan/look_pk.h>
#include <botan/parsing.h>
#include <algorithm>
@@ -59,10 +58,12 @@ bool RW_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
try
{
+ PK_Signer this_signer(*this, "EMSA2(SHA-1)");
+ PK_Verifier this_verifier(*this, "EMSA2(SHA-1)");
+
KeyPair::check_key(rng,
- get_pk_signer(*this, "EMSA2(SHA-1)"),
- get_pk_verifier(*this, "EMSA2(SHA-1)")
- );
+ this_signer,
+ this_verifier);
}
catch(Self_Test_Failure)
{
diff --git a/src/ssl/c_kex.cpp b/src/ssl/c_kex.cpp
index 59cfa6547..7140bf35c 100644
--- a/src/ssl/c_kex.cpp
+++ b/src/ssl/c_kex.cpp
@@ -6,10 +6,10 @@
*/
#include <botan/tls_messages.h>
+#include <botan/pubkey.h>
#include <botan/dh.h>
#include <botan/rsa.h>
#include <botan/rng.h>
-#include <botan/look_pk.h>
#include <botan/loadstor.h>
#include <memory>
@@ -31,9 +31,9 @@ Client_Key_Exchange::Client_Key_Exchange(RandomNumberGenerator& rng,
{
DH_PrivateKey priv_key(rng, dh_pub->get_domain());
- std::auto_ptr<PK_Key_Agreement> ka(get_pk_kas(priv_key, "Raw"));
+ PK_Key_Agreement ka(priv_key, "Raw");
- pre_master = ka->derive_key(0, dh_pub->public_value()).bits_of();
+ pre_master = ka.derive_key(0, dh_pub->public_value()).bits_of();
key_material = priv_key.public_value();
}
@@ -44,10 +44,9 @@ Client_Key_Exchange::Client_Key_Exchange(RandomNumberGenerator& rng,
pre_master[0] = (pref_version >> 8) & 0xFF;
pre_master[1] = (pref_version ) & 0xFF;
- std::auto_ptr<PK_Encryptor> encryptor(get_pk_encryptor(*rsa_pub,
- "PKCS1v15"));
+ PK_Encryptor_MR_with_EME encryptor(*rsa_pub, "PKCS1v15");
- key_material = encryptor->encrypt(pre_master, rng);
+ key_material = encryptor.encrypt(pre_master, rng);
if(using_version == SSL_V3)
include_length = false;
@@ -125,9 +124,9 @@ Client_Key_Exchange::pre_master_secret(RandomNumberGenerator& rng,
if(const DH_PrivateKey* dh_priv = dynamic_cast<const DH_PrivateKey*>(priv_key))
{
try {
- std::auto_ptr<PK_Key_Agreement> ka(get_pk_kas(*dh_priv, "Raw"));
+ PK_Key_Agreement ka(*dh_priv, "Raw");
- pre_master = ka->derive_key(0, key_material).bits_of();
+ pre_master = ka.derive_key(0, key_material).bits_of();
}
catch(...)
{
@@ -139,17 +138,16 @@ Client_Key_Exchange::pre_master_secret(RandomNumberGenerator& rng,
}
else if(const RSA_PrivateKey* rsa_priv = dynamic_cast<const RSA_PrivateKey*>(priv_key))
{
- std::auto_ptr<PK_Decryptor> decryptor(get_pk_decryptor(*rsa_priv,
- "PKCS1v15"));
+ PK_Decryptor_MR_with_EME decryptor(*rsa_priv, "PKCS1v15");
try {
- pre_master = decryptor->decrypt(key_material);
+ pre_master = decryptor.decrypt(key_material);
if(pre_master.size() != 48 ||
make_u16bit(pre_master[0], pre_master[1]) != version)
throw Decoding_Error("Client_Key_Exchange: Secret corrupted");
}
- catch(std::exception)
+ catch(...)
{
pre_master.resize(48);
rng.randomize(pre_master, pre_master.size());
diff --git a/src/ssl/cert_ver.cpp b/src/ssl/cert_ver.cpp
index 22dae8350..7e17dbfab 100644
--- a/src/ssl/cert_ver.cpp
+++ b/src/ssl/cert_ver.cpp
@@ -1,12 +1,12 @@
/**
-* Certificate Verify Message
-* (C) 2004-2006 Jack Lloyd
+* Certificate Verify Message
+* (C) 2004-2010 Jack Lloyd
*
* Released under the terms of the Botan license
*/
#include <botan/tls_messages.h>
-#include <botan/look_pk.h>
+#include <botan/pubkey.h>
#include <botan/rsa.h>
#include <botan/dsa.h>
#include <botan/loadstor.h>
@@ -22,21 +22,23 @@ Certificate_Verify::Certificate_Verify(RandomNumberGenerator& rng,
HandshakeHash& hash,
const Private_Key* priv_key)
{
- std::auto_ptr<PK_Signer> signer;
+ std::string padding = "";
+ Signature_Format format = IEEE_1363;
- if(const RSA_PrivateKey* rsa = dynamic_cast<const RSA_PrivateKey*>(priv_key))
+ if(priv_key->algo_name() == "RSA")
+ padding = "EMSA3(TLS.Digest.0)";
+ else if(priv_key->algo_name() == "DSA")
{
- signer.reset(get_pk_signer(*rsa, "EMSA3(TLS.Digest.0)"));
- }
- else if(const DSA_PrivateKey* dsa =
- dynamic_cast<const DSA_PrivateKey*>(priv_key))
- {
- signer.reset(get_pk_signer(*dsa, "EMSA1(SHA-1)"));
+ padding == "EMSA1(SHA-1)";
+ format = DER_SEQUENCE;
}
else
- throw Invalid_Argument("Unknown PK algo for TLS signature");
+ throw Invalid_Argument(priv_key->algo_name() +
+ " is invalid/unknown for TLS signatures");
+
+ PK_Signer signer(*priv_key, padding, format);
- signature = signer->sign_message(hash.final(), rng);
+ signature = signer.sign_message(hash.final(), rng);
send(writer, hash);
}
@@ -80,20 +82,22 @@ bool Certificate_Verify::verify(const X509_Certificate& cert,
std::auto_ptr<Public_Key> key(cert.subject_public_key());
- DSA_PublicKey* dsa_pub = dynamic_cast<DSA_PublicKey*>(key.get());
- RSA_PublicKey* rsa_pub = dynamic_cast<RSA_PublicKey*>(key.get());
+ std::string padding = "";
+ Signature_Format format = IEEE_1363;
- std::auto_ptr<PK_Verifier> verifier;
-
- if(dsa_pub)
- verifier.reset(get_pk_verifier(*dsa_pub, "EMSA1(SHA-1)", DER_SEQUENCE));
- else if(rsa_pub)
- verifier.reset(get_pk_verifier(*rsa_pub, "EMSA3(TLS.Digest.0)"));
+ if(key->algo_name() == "RSA")
+ padding = "EMSA3(TLS.Digest.0)";
+ else if(key->algo_name() == "DSA")
+ {
+ padding == "EMSA1(SHA-1)";
+ format = DER_SEQUENCE;
+ }
else
- throw Invalid_Argument("Client did not provide a RSA/DSA cert");
+ throw Invalid_Argument(key->algo_name() +
+ " is invalid/unknown for TLS signatures");
- // FIXME: WRONG
- return verifier->verify_message(hash.final(), signature);
+ PK_Verifier verifier(*key, padding, format);
+ return verifier.verify_message(hash.final(), signature);
}
}
diff --git a/src/ssl/s_kex.cpp b/src/ssl/s_kex.cpp
index d568ef14f..94b17cb7e 100644
--- a/src/ssl/s_kex.cpp
+++ b/src/ssl/s_kex.cpp
@@ -6,10 +6,10 @@
*/
#include <botan/tls_messages.h>
+#include <botan/pubkey.h>
#include <botan/dh.h>
#include <botan/rsa.h>
#include <botan/dsa.h>
-#include <botan/look_pk.h>
#include <botan/loadstor.h>
#include <memory>
@@ -43,25 +43,27 @@ Server_Key_Exchange::Server_Key_Exchange(RandomNumberGenerator& rng,
else
throw Invalid_Argument("Bad key for TLS key exchange: not DH or RSA");
- std::auto_ptr<PK_Signer> signer;
- if(const RSA_PrivateKey* rsa = dynamic_cast<const RSA_PrivateKey*>(priv_key))
- {
- signer.reset(get_pk_signer(*rsa, "EMSA3(TLS.Digest.0)"));
- }
- else if(const DSA_PrivateKey* dsa =
- dynamic_cast<const DSA_PrivateKey*>(priv_key))
+ std::string padding = "";
+ Signature_Format format = IEEE_1363;
+
+ if(priv_key->algo_name() == "RSA")
+ padding = "EMSA3(TLS.Digest.0)";
+ else if(priv_key->algo_name() == "DSA")
{
- signer.reset(get_pk_signer(*dsa, "EMSA1(SHA-1)"));
- signer->set_output_format(DER_SEQUENCE);
+ padding == "EMSA1(SHA-1)";
+ format = DER_SEQUENCE;
}
else
- throw Invalid_Argument("Bad key for TLS signature: not RSA or DSA");
+ throw Invalid_Argument(priv_key->algo_name() +
+ " is invalid/unknown for TLS signatures");
+
+ PK_Signer signer(*priv_key, padding, format);
- signer->update(c_random);
- signer->update(s_random);
- signer->update(serialize_params());
- signature = signer->signature(rng);
+ signer.update(c_random);
+ signer.update(s_random);
+ signer.update(serialize_params());
+ signature = signer.signature(rng);
send(writer, hash);
}
@@ -154,29 +156,31 @@ bool Server_Key_Exchange::verify(const X509_Certificate& cert,
const MemoryRegion<byte>& c_random,
const MemoryRegion<byte>& s_random) const
{
- std::auto_ptr<Public_Key> key(cert.subject_public_key());
- DSA_PublicKey* dsa_pub = dynamic_cast<DSA_PublicKey*>(key.get());
- RSA_PublicKey* rsa_pub = dynamic_cast<RSA_PublicKey*>(key.get());
+ std::auto_ptr<Public_Key> key(cert.subject_public_key());
- std::auto_ptr<PK_Verifier> verifier;
+ std::string padding = "";
+ Signature_Format format = IEEE_1363;
- if(dsa_pub)
+ if(key->algo_name() == "RSA")
+ padding = "EMSA3(TLS.Digest.0)";
+ else if(key->algo_name() == "DSA")
{
- verifier.reset(get_pk_verifier(*dsa_pub, "EMSA1(SHA-1)", DER_SEQUENCE));
- verifier->set_input_format(DER_SEQUENCE);
+ padding == "EMSA1(SHA-1)";
+ format = DER_SEQUENCE;
}
- else if(rsa_pub)
- verifier.reset(get_pk_verifier(*rsa_pub, "EMSA3(TLS.Digest.0)"));
else
- throw Invalid_Argument("Server did not provide a RSA/DSA cert");
+ throw Invalid_Argument(key->algo_name() +
+ " is invalid/unknown for TLS signatures");
+
+ PK_Verifier verifier(*key, padding, format);
SecureVector<byte> params_got = serialize_params();
- verifier->update(c_random);
- verifier->update(s_random);
- verifier->update(params_got);
+ verifier.update(c_random);
+ verifier.update(s_random);
+ verifier.update(params_got);
- return verifier->check_signature(signature, signature.size());
+ return verifier.check_signature(signature, signature.size());
}
}