aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <[email protected]>2013-12-25 19:57:13 +0000
committerlloyd <[email protected]>2013-12-25 19:57:13 +0000
commita4a59c29500bbae02273bfb75ddb8318a449e851 (patch)
tree7779f1c9b2708e55eb0f7ad1d5208753a1966ce1 /src
parent4d2242a5e920ba14e37c69a8962b34d08cd485f6 (diff)
Remove global_rng calls for setting up blinding, instead require a RNG
be passed to the engine. Currently pubkey.cpp just passes along the global_rng but eventually we'll break this API and require a RNG to the constructor.
Diffstat (limited to 'src')
-rw-r--r--src/engine/core_engine/core_engine.h24
-rw-r--r--src/engine/core_engine/def_pk_ops.cpp18
-rw-r--r--src/engine/dyn_engine/dyn_engine.h34
-rw-r--r--src/engine/engine.cpp10
-rw-r--r--src/engine/engine.h11
-rw-r--r--src/engine/gnump/gnump_engine.h14
-rw-r--r--src/engine/gnump/gnump_pk.cpp20
-rw-r--r--src/engine/openssl/openssl_engine.h23
-rw-r--r--src/engine/openssl/ossl_pk.cpp10
-rw-r--r--src/pubkey/dh/dh.cpp6
-rw-r--r--src/pubkey/dh/dh.h3
-rw-r--r--src/pubkey/elgamal/elgamal.cpp6
-rw-r--r--src/pubkey/elgamal/elgamal.h3
-rw-r--r--src/pubkey/pubkey.cpp17
-rw-r--r--src/pubkey/rsa/rsa.cpp6
-rw-r--r--src/pubkey/rsa/rsa.h3
-rw-r--r--src/tls/sessions_sqlite/tls_session_manager_sqlite.cpp4
-rw-r--r--src/utils/sqlite3/sqlite3.cpp6
18 files changed, 114 insertions, 104 deletions
diff --git a/src/engine/core_engine/core_engine.h b/src/engine/core_engine/core_engine.h
index 983b75290..ca660d21b 100644
--- a/src/engine/core_engine/core_engine.h
+++ b/src/engine/core_engine/core_engine.h
@@ -18,40 +18,40 @@ namespace Botan {
class Core_Engine : public Engine
{
public:
- std::string provider_name() const { return "core"; }
+ std::string provider_name() const override { return "core"; }
PK_Ops::Key_Agreement*
- get_key_agreement_op(const Private_Key& key) const;
+ get_key_agreement_op(const Private_Key& key, RandomNumberGenerator& rng) const override;
PK_Ops::Signature*
- get_signature_op(const Private_Key& key) const;
+ get_signature_op(const Private_Key& key, RandomNumberGenerator& rng) const override;
- PK_Ops::Verification* get_verify_op(const Public_Key& key) const;
+ PK_Ops::Verification* get_verify_op(const Public_Key& key, RandomNumberGenerator& rng) const override;
- PK_Ops::Encryption* get_encryption_op(const Public_Key& key) const;
+ PK_Ops::Encryption* get_encryption_op(const Public_Key& key, RandomNumberGenerator& rng) const override;
- PK_Ops::Decryption* get_decryption_op(const Private_Key& key) const;
+ PK_Ops::Decryption* get_decryption_op(const Private_Key& key, RandomNumberGenerator& rng) const override;
Modular_Exponentiator* mod_exp(const BigInt& n,
- Power_Mod::Usage_Hints) const;
+ Power_Mod::Usage_Hints) const override;
Keyed_Filter* get_cipher(const std::string&, Cipher_Dir,
Algorithm_Factory&);
BlockCipher* find_block_cipher(const SCAN_Name&,
- Algorithm_Factory&) const;
+ Algorithm_Factory&) const override;
StreamCipher* find_stream_cipher(const SCAN_Name&,
- Algorithm_Factory&) const;
+ Algorithm_Factory&) const override;
HashFunction* find_hash(const SCAN_Name& request,
- Algorithm_Factory&) const;
+ Algorithm_Factory&) const override;
MessageAuthenticationCode* find_mac(const SCAN_Name& request,
- Algorithm_Factory&) const;
+ Algorithm_Factory&) const override;
PBKDF* find_pbkdf(const SCAN_Name& algo_spec,
- Algorithm_Factory& af) const;
+ Algorithm_Factory& af) const override;
};
/**
diff --git a/src/engine/core_engine/def_pk_ops.cpp b/src/engine/core_engine/def_pk_ops.cpp
index 23ba7722c..e99945633 100644
--- a/src/engine/core_engine/def_pk_ops.cpp
+++ b/src/engine/core_engine/def_pk_ops.cpp
@@ -46,7 +46,7 @@
namespace Botan {
PK_Ops::Encryption*
-Core_Engine::get_encryption_op(const Public_Key& key) const
+Core_Engine::get_encryption_op(const Public_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PublicKey* s = dynamic_cast<const RSA_PublicKey*>(&key))
@@ -62,27 +62,27 @@ Core_Engine::get_encryption_op(const Public_Key& key) const
}
PK_Ops::Decryption*
-Core_Engine::get_decryption_op(const Private_Key& key) const
+Core_Engine::get_decryption_op(const Private_Key& key, RandomNumberGenerator& rng) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PrivateKey* s = dynamic_cast<const RSA_PrivateKey*>(&key))
- return new RSA_Private_Operation(*s);
+ return new RSA_Private_Operation(*s, rng);
#endif
#if defined(BOTAN_HAS_ELGAMAL)
if(const ElGamal_PrivateKey* s = dynamic_cast<const ElGamal_PrivateKey*>(&key))
- return new ElGamal_Decryption_Operation(*s);
+ return new ElGamal_Decryption_Operation(*s, rng);
#endif
return nullptr;
}
PK_Ops::Key_Agreement*
-Core_Engine::get_key_agreement_op(const Private_Key& key) const
+Core_Engine::get_key_agreement_op(const Private_Key& key, RandomNumberGenerator& rng) const
{
#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
if(const DH_PrivateKey* dh = dynamic_cast<const DH_PrivateKey*>(&key))
- return new DH_KA_Operation(*dh);
+ return new DH_KA_Operation(*dh, rng);
#endif
#if defined(BOTAN_HAS_ECDH)
@@ -94,11 +94,11 @@ Core_Engine::get_key_agreement_op(const Private_Key& key) const
}
PK_Ops::Signature*
-Core_Engine::get_signature_op(const Private_Key& key) const
+Core_Engine::get_signature_op(const Private_Key& key, RandomNumberGenerator& rng) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PrivateKey* s = dynamic_cast<const RSA_PrivateKey*>(&key))
- return new RSA_Private_Operation(*s);
+ return new RSA_Private_Operation(*s, rng);
#endif
#if defined(BOTAN_HAS_RW)
@@ -131,7 +131,7 @@ Core_Engine::get_signature_op(const Private_Key& key) const
}
PK_Ops::Verification*
-Core_Engine::get_verify_op(const Public_Key& key) const
+Core_Engine::get_verify_op(const Public_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PublicKey* s = dynamic_cast<const RSA_PublicKey*>(&key))
diff --git a/src/engine/dyn_engine/dyn_engine.h b/src/engine/dyn_engine/dyn_engine.h
index 3251bc954..39e13ab36 100644
--- a/src/engine/dyn_engine/dyn_engine.h
+++ b/src/engine/dyn_engine/dyn_engine.h
@@ -30,40 +30,40 @@ class BOTAN_DLL Dynamically_Loaded_Engine : public Engine
~Dynamically_Loaded_Engine();
- std::string provider_name() const { return engine->provider_name(); }
+ std::string provider_name() const override { return engine->provider_name(); }
BlockCipher* find_block_cipher(const SCAN_Name& algo_spec,
- Algorithm_Factory& af) const
+ Algorithm_Factory& af) const override
{
return engine->find_block_cipher(algo_spec, af);
}
StreamCipher* find_stream_cipher(const SCAN_Name& algo_spec,
- Algorithm_Factory& af) const
+ Algorithm_Factory& af) const override
{
return engine->find_stream_cipher(algo_spec, af);
}
HashFunction* find_hash(const SCAN_Name& algo_spec,
- Algorithm_Factory& af) const
+ Algorithm_Factory& af) const override
{
return engine->find_hash(algo_spec, af);
}
MessageAuthenticationCode* find_mac(const SCAN_Name& algo_spec,
- Algorithm_Factory& af) const
+ Algorithm_Factory& af) const override
{
return engine->find_mac(algo_spec, af);
}
PBKDF* find_pbkdf(const SCAN_Name& algo_spec,
- Algorithm_Factory& af) const
+ Algorithm_Factory& af) const override
{
return engine->find_pbkdf(algo_spec, af);
}
Modular_Exponentiator* mod_exp(const BigInt& n,
- Power_Mod::Usage_Hints hints) const
+ Power_Mod::Usage_Hints hints) const override
{
return engine->mod_exp(n, hints);
}
@@ -76,33 +76,33 @@ class BOTAN_DLL Dynamically_Loaded_Engine : public Engine
}
PK_Ops::Key_Agreement*
- get_key_agreement_op(const Private_Key& key) const
+ get_key_agreement_op(const Private_Key& key, RandomNumberGenerator& rng) const override
{
- return engine->get_key_agreement_op(key);
+ return engine->get_key_agreement_op(key, rng);
}
PK_Ops::Signature*
- get_signature_op(const Private_Key& key) const
+ get_signature_op(const Private_Key& key, RandomNumberGenerator& rng) const override
{
- return engine->get_signature_op(key);
+ return engine->get_signature_op(key, rng);
}
PK_Ops::Verification*
- get_verify_op(const Public_Key& key) const
+ get_verify_op(const Public_Key& key, RandomNumberGenerator& rng) const override
{
- return engine->get_verify_op(key);
+ return engine->get_verify_op(key, rng);
}
PK_Ops::Encryption*
- get_encryption_op(const Public_Key& key) const
+ get_encryption_op(const Public_Key& key, RandomNumberGenerator& rng) const override
{
- return engine->get_encryption_op(key);
+ return engine->get_encryption_op(key, rng);
}
PK_Ops::Decryption*
- get_decryption_op(const Private_Key& key) const
+ get_decryption_op(const Private_Key& key, RandomNumberGenerator& rng) const override
{
- return engine->get_decryption_op(key);
+ return engine->get_decryption_op(key, rng);
}
private:
diff --git a/src/engine/engine.cpp b/src/engine/engine.cpp
index d4f6885bc..a50f1e7b2 100644
--- a/src/engine/engine.cpp
+++ b/src/engine/engine.cpp
@@ -59,31 +59,31 @@ Keyed_Filter* Engine::get_cipher(const std::string&,
}
PK_Ops::Key_Agreement*
-Engine::get_key_agreement_op(const Private_Key&) const
+Engine::get_key_agreement_op(const Private_Key&, RandomNumberGenerator&) const
{
return nullptr;
}
PK_Ops::Signature*
-Engine::get_signature_op(const Private_Key&) const
+Engine::get_signature_op(const Private_Key&, RandomNumberGenerator&) const
{
return nullptr;
}
PK_Ops::Verification*
-Engine::get_verify_op(const Public_Key&) const
+Engine::get_verify_op(const Public_Key&, RandomNumberGenerator&) const
{
return nullptr;
}
PK_Ops::Encryption*
-Engine::get_encryption_op(const Public_Key&) const
+Engine::get_encryption_op(const Public_Key&, RandomNumberGenerator&) const
{
return nullptr;
}
PK_Ops::Decryption*
-Engine::get_decryption_op(const Private_Key&) const
+Engine::get_decryption_op(const Private_Key&, RandomNumberGenerator&) const
{
return nullptr;
}
diff --git a/src/engine/engine.h b/src/engine/engine.h
index 136fbeb23..a03a6e1ec 100644
--- a/src/engine/engine.h
+++ b/src/engine/engine.h
@@ -22,6 +22,7 @@ namespace Botan {
class Algorithm_Factory;
class Keyed_Filter;
+class RandomNumberGenerator;
/**
* Base class for all engines. All non-pure virtual functions simply
@@ -109,7 +110,7 @@ class BOTAN_DLL Engine
* @return newly allocated operator object, or NULL
*/
virtual PK_Ops::Key_Agreement*
- get_key_agreement_op(const Private_Key& key) const;
+ get_key_agreement_op(const Private_Key& key, RandomNumberGenerator& rng) const;
/**
* Return a new operator object for this key, if possible
@@ -117,7 +118,7 @@ class BOTAN_DLL Engine
* @return newly allocated operator object, or NULL
*/
virtual PK_Ops::Signature*
- get_signature_op(const Private_Key& key) const;
+ get_signature_op(const Private_Key& key, RandomNumberGenerator& rng) const;
/**
* Return a new operator object for this key, if possible
@@ -125,7 +126,7 @@ class BOTAN_DLL Engine
* @return newly allocated operator object, or NULL
*/
virtual PK_Ops::Verification*
- get_verify_op(const Public_Key& key) const;
+ get_verify_op(const Public_Key& key, RandomNumberGenerator& rng) const;
/**
* Return a new operator object for this key, if possible
@@ -133,7 +134,7 @@ class BOTAN_DLL Engine
* @return newly allocated operator object, or NULL
*/
virtual PK_Ops::Encryption*
- get_encryption_op(const Public_Key& key) const;
+ get_encryption_op(const Public_Key& key, RandomNumberGenerator& rng) const;
/**
* Return a new operator object for this key, if possible
@@ -141,7 +142,7 @@ class BOTAN_DLL Engine
* @return newly allocated operator object, or NULL
*/
virtual PK_Ops::Decryption*
- get_decryption_op(const Private_Key& key) const;
+ get_decryption_op(const Private_Key& key, RandomNumberGenerator& rng) const;
};
}
diff --git a/src/engine/gnump/gnump_engine.h b/src/engine/gnump/gnump_engine.h
index fe154b914..ccc723514 100644
--- a/src/engine/gnump/gnump_engine.h
+++ b/src/engine/gnump/gnump_engine.h
@@ -21,22 +21,22 @@ class GMP_Engine : public Engine
GMP_Engine();
~GMP_Engine();
- std::string provider_name() const { return "gmp"; }
+ std::string provider_name() const override { return "gmp"; }
PK_Ops::Key_Agreement*
- get_key_agreement_op(const Private_Key& key) const;
+ get_key_agreement_op(const Private_Key& key, RandomNumberGenerator&) const override;
PK_Ops::Signature*
- get_signature_op(const Private_Key& key) const;
+ get_signature_op(const Private_Key& key, RandomNumberGenerator&) const override;
- PK_Ops::Verification* get_verify_op(const Public_Key& key) const;
+ PK_Ops::Verification* get_verify_op(const Public_Key& key, RandomNumberGenerator&) const override;
- PK_Ops::Encryption* get_encryption_op(const Public_Key& key) const;
+ PK_Ops::Encryption* get_encryption_op(const Public_Key& key, RandomNumberGenerator&) const override;
- PK_Ops::Decryption* get_decryption_op(const Private_Key& key) const;
+ PK_Ops::Decryption* get_decryption_op(const Private_Key& key, RandomNumberGenerator&) const override;
Modular_Exponentiator* mod_exp(const BigInt&,
- Power_Mod::Usage_Hints) const;
+ Power_Mod::Usage_Hints) const override;
};
}
diff --git a/src/engine/gnump/gnump_pk.cpp b/src/engine/gnump/gnump_pk.cpp
index e9f5d29df..29e172d47 100644
--- a/src/engine/gnump/gnump_pk.cpp
+++ b/src/engine/gnump/gnump_pk.cpp
@@ -271,18 +271,18 @@ class GMP_RSA_Public_Operation : public PK_Ops::Verification,
}
PK_Ops::Key_Agreement*
-GMP_Engine::get_key_agreement_op(const Private_Key& key) const
+GMP_Engine::get_key_agreement_op(const Private_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
if(const DH_PrivateKey* dh = dynamic_cast<const DH_PrivateKey*>(&key))
return new GMP_DH_KA_Operation(*dh);
#endif
- return 0;
+ return nullptr;
}
PK_Ops::Signature*
-GMP_Engine::get_signature_op(const Private_Key& key) const
+GMP_Engine::get_signature_op(const Private_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PrivateKey* s = dynamic_cast<const RSA_PrivateKey*>(&key))
@@ -294,11 +294,11 @@ GMP_Engine::get_signature_op(const Private_Key& key) const
return new GMP_DSA_Signature_Operation(*s);
#endif
- return 0;
+ return nullptr;
}
PK_Ops::Verification*
-GMP_Engine::get_verify_op(const Public_Key& key) const
+GMP_Engine::get_verify_op(const Public_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PublicKey* s = dynamic_cast<const RSA_PublicKey*>(&key))
@@ -310,29 +310,29 @@ GMP_Engine::get_verify_op(const Public_Key& key) const
return new GMP_DSA_Verification_Operation(*s);
#endif
- return 0;
+ return nullptr;
}
PK_Ops::Encryption*
-GMP_Engine::get_encryption_op(const Public_Key& key) const
+GMP_Engine::get_encryption_op(const Public_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PublicKey* s = dynamic_cast<const RSA_PublicKey*>(&key))
return new GMP_RSA_Public_Operation(*s);
#endif
- return 0;
+ return nullptr;
}
PK_Ops::Decryption*
-GMP_Engine::get_decryption_op(const Private_Key& key) const
+GMP_Engine::get_decryption_op(const Private_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PrivateKey* s = dynamic_cast<const RSA_PrivateKey*>(&key))
return new GMP_RSA_Private_Operation(*s);
#endif
- return 0;
+ return nullptr;
}
}
diff --git a/src/engine/openssl/openssl_engine.h b/src/engine/openssl/openssl_engine.h
index b1f71a160..90f315c00 100644
--- a/src/engine/openssl/openssl_engine.h
+++ b/src/engine/openssl/openssl_engine.h
@@ -18,33 +18,30 @@ namespace Botan {
class OpenSSL_Engine : public Engine
{
public:
- /**
- * Return the provider name ("openssl")
- */
- std::string provider_name() const { return "openssl"; }
+ std::string provider_name() const override { return "openssl"; }
PK_Ops::Key_Agreement*
- get_key_agreement_op(const Private_Key& key) const;
+ get_key_agreement_op(const Private_Key& key, RandomNumberGenerator& rng) const override;
PK_Ops::Signature*
- get_signature_op(const Private_Key& key) const;
+ get_signature_op(const Private_Key& key, RandomNumberGenerator& rng) const override;
- PK_Ops::Verification* get_verify_op(const Public_Key& key) const;
+ PK_Ops::Verification* get_verify_op(const Public_Key& key, RandomNumberGenerator& rng) const override;
- PK_Ops::Encryption* get_encryption_op(const Public_Key& key) const;
+ PK_Ops::Encryption* get_encryption_op(const Public_Key& key, RandomNumberGenerator& rng) const override;
- PK_Ops::Decryption* get_decryption_op(const Private_Key& key) const;
+ PK_Ops::Decryption* get_decryption_op(const Private_Key& key, RandomNumberGenerator& rng) const override;
Modular_Exponentiator* mod_exp(const BigInt&,
- Power_Mod::Usage_Hints) const;
+ Power_Mod::Usage_Hints) const override;
BlockCipher* find_block_cipher(const SCAN_Name&,
- Algorithm_Factory&) const;
+ Algorithm_Factory&) const override;
StreamCipher* find_stream_cipher(const SCAN_Name&,
- Algorithm_Factory&) const;
+ Algorithm_Factory&) const override;
- HashFunction* find_hash(const SCAN_Name&, Algorithm_Factory&) const;
+ HashFunction* find_hash(const SCAN_Name&, Algorithm_Factory&) const override;
};
}
diff --git a/src/engine/openssl/ossl_pk.cpp b/src/engine/openssl/ossl_pk.cpp
index 943204375..cbe03d7b3 100644
--- a/src/engine/openssl/ossl_pk.cpp
+++ b/src/engine/openssl/ossl_pk.cpp
@@ -271,7 +271,7 @@ class OSSL_RSA_Public_Operation : public PK_Ops::Verification,
}
PK_Ops::Key_Agreement*
-OpenSSL_Engine::get_key_agreement_op(const Private_Key& key) const
+OpenSSL_Engine::get_key_agreement_op(const Private_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
if(const DH_PrivateKey* dh = dynamic_cast<const DH_PrivateKey*>(&key))
@@ -282,7 +282,7 @@ OpenSSL_Engine::get_key_agreement_op(const Private_Key& key) const
}
PK_Ops::Signature*
-OpenSSL_Engine::get_signature_op(const Private_Key& key) const
+OpenSSL_Engine::get_signature_op(const Private_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PrivateKey* s = dynamic_cast<const RSA_PrivateKey*>(&key))
@@ -298,7 +298,7 @@ OpenSSL_Engine::get_signature_op(const Private_Key& key) const
}
PK_Ops::Verification*
-OpenSSL_Engine::get_verify_op(const Public_Key& key) const
+OpenSSL_Engine::get_verify_op(const Public_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PublicKey* s = dynamic_cast<const RSA_PublicKey*>(&key))
@@ -314,7 +314,7 @@ OpenSSL_Engine::get_verify_op(const Public_Key& key) const
}
PK_Ops::Encryption*
-OpenSSL_Engine::get_encryption_op(const Public_Key& key) const
+OpenSSL_Engine::get_encryption_op(const Public_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PublicKey* s = dynamic_cast<const RSA_PublicKey*>(&key))
@@ -325,7 +325,7 @@ OpenSSL_Engine::get_encryption_op(const Public_Key& key) const
}
PK_Ops::Decryption*
-OpenSSL_Engine::get_decryption_op(const Private_Key& key) const
+OpenSSL_Engine::get_decryption_op(const Private_Key& key, RandomNumberGenerator&) const
{
#if defined(BOTAN_HAS_RSA)
if(const RSA_PrivateKey* s = dynamic_cast<const RSA_PrivateKey*>(&key))
diff --git a/src/pubkey/dh/dh.cpp b/src/pubkey/dh/dh.cpp
index 956552c7d..80e690c24 100644
--- a/src/pubkey/dh/dh.cpp
+++ b/src/pubkey/dh/dh.cpp
@@ -7,7 +7,6 @@
#include <botan/dh.h>
#include <botan/numthry.h>
-#include <botan/libstate.h>
#include <botan/internal/workfactor.h>
namespace Botan {
@@ -76,10 +75,11 @@ std::vector<byte> DH_PrivateKey::public_value() const
return DH_PublicKey::public_value();
}
-DH_KA_Operation::DH_KA_Operation(const DH_PrivateKey& dh) :
+DH_KA_Operation::DH_KA_Operation(const DH_PrivateKey& dh,
+ RandomNumberGenerator& rng) :
p(dh.group_p()), powermod_x_p(dh.get_x(), p)
{
- BigInt k(global_state().global_rng(), std::min<size_t>(160, p.bits() - 1));
+ BigInt k(rng, p.bits() - 1);
blinder = Blinder(k, powermod_x_p(inverse_mod(k, p)), p);
}
diff --git a/src/pubkey/dh/dh.h b/src/pubkey/dh/dh.h
index bf02ffdb9..c670399d8 100644
--- a/src/pubkey/dh/dh.h
+++ b/src/pubkey/dh/dh.h
@@ -78,7 +78,8 @@ class BOTAN_DLL DH_PrivateKey : public DH_PublicKey,
class BOTAN_DLL DH_KA_Operation : public PK_Ops::Key_Agreement
{
public:
- DH_KA_Operation(const DH_PrivateKey& key);
+ DH_KA_Operation(const DH_PrivateKey& key,
+ RandomNumberGenerator& rng);
secure_vector<byte> agree(const byte w[], size_t w_len);
private:
diff --git a/src/pubkey/elgamal/elgamal.cpp b/src/pubkey/elgamal/elgamal.cpp
index 837528af8..3e22aee1a 100644
--- a/src/pubkey/elgamal/elgamal.cpp
+++ b/src/pubkey/elgamal/elgamal.cpp
@@ -7,7 +7,6 @@
#include <botan/elgamal.h>
#include <botan/numthry.h>
-#include <botan/libstate.h>
#include <botan/keypair.h>
#include <botan/internal/workfactor.h>
@@ -98,14 +97,15 @@ ElGamal_Encryption_Operation::encrypt(const byte msg[], size_t msg_len,
return output;
}
-ElGamal_Decryption_Operation::ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key)
+ElGamal_Decryption_Operation::ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key,
+ RandomNumberGenerator& rng)
{
const BigInt& p = key.group_p();
powermod_x_p = Fixed_Exponent_Power_Mod(key.get_x(), p);
mod_p = Modular_Reducer(p);
- BigInt k(global_state().global_rng(), std::min<size_t>(160, p.bits() - 1));
+ BigInt k(rng, p.bits() - 1);
blinder = Blinder(k, powermod_x_p(k), p);
}
diff --git a/src/pubkey/elgamal/elgamal.h b/src/pubkey/elgamal/elgamal.h
index 957aa4656..9566bcca6 100644
--- a/src/pubkey/elgamal/elgamal.h
+++ b/src/pubkey/elgamal/elgamal.h
@@ -81,7 +81,8 @@ class BOTAN_DLL ElGamal_Decryption_Operation : public PK_Ops::Decryption
public:
size_t max_input_bits() const { return mod_p.get_modulus().bits() - 1; }
- ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key);
+ ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key,
+ RandomNumberGenerator& rng);
secure_vector<byte> decrypt(const byte msg[], size_t msg_len);
private:
diff --git a/src/pubkey/pubkey.cpp b/src/pubkey/pubkey.cpp
index 2f4120ae1..313d54c16 100644
--- a/src/pubkey/pubkey.cpp
+++ b/src/pubkey/pubkey.cpp
@@ -25,10 +25,11 @@ PK_Encryptor_EME::PK_Encryptor_EME(const Public_Key& key,
const std::string& eme_name)
{
Algorithm_Factory::Engine_Iterator i(global_state().algorithm_factory());
+ RandomNumberGenerator& rng = global_state().global_rng();
while(const Engine* engine = i.next())
{
- op = engine->get_encryption_op(key);
+ op = engine->get_encryption_op(key, rng);
if(op)
break;
}
@@ -84,10 +85,11 @@ PK_Decryptor_EME::PK_Decryptor_EME(const Private_Key& key,
const std::string& eme_name)
{
Algorithm_Factory::Engine_Iterator i(global_state().algorithm_factory());
+ RandomNumberGenerator& rng = global_state().global_rng();
while(const Engine* engine = i.next())
{
- op = engine->get_decryption_op(key);
+ op = engine->get_decryption_op(key, rng);
if(op)
break;
}
@@ -126,6 +128,7 @@ PK_Signer::PK_Signer(const Private_Key& key,
Fault_Protection prot)
{
Algorithm_Factory::Engine_Iterator i(global_state().algorithm_factory());
+ RandomNumberGenerator& rng = global_state().global_rng();
op = nullptr;
verify_op = nullptr;
@@ -133,10 +136,10 @@ PK_Signer::PK_Signer(const Private_Key& key,
while(const Engine* engine = i.next())
{
if(!op)
- op = engine->get_signature_op(key);
+ op = engine->get_signature_op(key, rng);
if(!verify_op && prot == ENABLE_FAULT_PROTECTION)
- verify_op = engine->get_verify_op(key);
+ verify_op = engine->get_verify_op(key, rng);
if(op && (verify_op || prot == DISABLE_FAULT_PROTECTION))
break;
@@ -244,10 +247,11 @@ PK_Verifier::PK_Verifier(const Public_Key& key,
Signature_Format format)
{
Algorithm_Factory::Engine_Iterator i(global_state().algorithm_factory());
+ RandomNumberGenerator& rng = global_state().global_rng();
while(const Engine* engine = i.next())
{
- op = engine->get_verify_op(key);
+ op = engine->get_verify_op(key, rng);
if(op)
break;
}
@@ -352,10 +356,11 @@ PK_Key_Agreement::PK_Key_Agreement(const PK_Key_Agreement_Key& key,
const std::string& kdf_name)
{
Algorithm_Factory::Engine_Iterator i(global_state().algorithm_factory());
+ RandomNumberGenerator& rng = global_state().global_rng();
while(const Engine* engine = i.next())
{
- op = engine->get_key_agreement_op(key);
+ op = engine->get_key_agreement_op(key, rng);
if(op)
break;
}
diff --git a/src/pubkey/rsa/rsa.cpp b/src/pubkey/rsa/rsa.cpp
index 5b6820e49..199ce6ad8 100644
--- a/src/pubkey/rsa/rsa.cpp
+++ b/src/pubkey/rsa/rsa.cpp
@@ -6,7 +6,6 @@
*/
#include <botan/rsa.h>
-#include <botan/libstate.h>
#include <botan/parsing.h>
#include <botan/numthry.h>
#include <botan/keypair.h>
@@ -60,7 +59,8 @@ bool RSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
return KeyPair::signature_consistency_check(rng, *this, "EMSA4(SHA-1)");
}
-RSA_Private_Operation::RSA_Private_Operation(const RSA_PrivateKey& rsa) :
+RSA_Private_Operation::RSA_Private_Operation(const RSA_PrivateKey& rsa,
+ RandomNumberGenerator& rng) :
n(rsa.get_n()),
q(rsa.get_q()),
c(rsa.get_c()),
@@ -69,7 +69,7 @@ RSA_Private_Operation::RSA_Private_Operation(const RSA_PrivateKey& rsa) :
powermod_d2_q(rsa.get_d2(), rsa.get_q()),
mod_p(rsa.get_p())
{
- BigInt k(global_state().global_rng(), std::min<size_t>(160, n.bits() - 1));
+ BigInt k(rng, n.bits() - 1);
blinder = Blinder(powermod_e_n(k), inverse_mod(k, n), n);
}
diff --git a/src/pubkey/rsa/rsa.h b/src/pubkey/rsa/rsa.h
index 0942d92ad..4d9189d20 100644
--- a/src/pubkey/rsa/rsa.h
+++ b/src/pubkey/rsa/rsa.h
@@ -90,7 +90,8 @@ class BOTAN_DLL RSA_Private_Operation : public PK_Ops::Signature,
public PK_Ops::Decryption
{
public:
- RSA_Private_Operation(const RSA_PrivateKey& rsa);
+ RSA_Private_Operation(const RSA_PrivateKey& rsa,
+ RandomNumberGenerator& rng);
size_t max_input_bits() const { return (n.bits() - 1); }
diff --git a/src/tls/sessions_sqlite/tls_session_manager_sqlite.cpp b/src/tls/sessions_sqlite/tls_session_manager_sqlite.cpp
index 87556ff75..d4f286a8d 100644
--- a/src/tls/sessions_sqlite/tls_session_manager_sqlite.cpp
+++ b/src/tls/sessions_sqlite/tls_session_manager_sqlite.cpp
@@ -17,6 +17,8 @@ namespace Botan {
namespace TLS {
+namespace {
+
SymmetricKey derive_key(const std::string& passphrase,
const byte salt[],
size_t salt_len,
@@ -34,6 +36,8 @@ SymmetricKey derive_key(const std::string& passphrase,
return SymmetricKey(&x[2], x.size() - 2);
}
+}
+
Session_Manager_SQLite::Session_Manager_SQLite(const std::string& passphrase,
RandomNumberGenerator& rng,
const std::string& db_filename,
diff --git a/src/utils/sqlite3/sqlite3.cpp b/src/utils/sqlite3/sqlite3.cpp
index 519be9133..7f6626759 100644
--- a/src/utils/sqlite3/sqlite3.cpp
+++ b/src/utils/sqlite3/sqlite3.cpp
@@ -43,8 +43,8 @@ size_t sqlite3_database::row_count(const std::string& table_name)
void sqlite3_database::create_table(const std::string& table_schema)
{
- char* errmsg = 0;
- int rc = ::sqlite3_exec(m_db, table_schema.c_str(), 0, 0, &errmsg);
+ char* errmsg = nullptr;
+ int rc = ::sqlite3_exec(m_db, table_schema.c_str(), nullptr, nullptr, &errmsg);
if(rc != SQLITE_OK)
{
@@ -59,7 +59,7 @@ void sqlite3_database::create_table(const std::string& table_schema)
sqlite3_statement::sqlite3_statement(sqlite3_database* db, const std::string& base_sql)
{
- int rc = ::sqlite3_prepare_v2(db->m_db, base_sql.c_str(), -1, &m_stmt, 0);
+ int rc = ::sqlite3_prepare_v2(db->m_db, base_sql.c_str(), -1, &m_stmt, nullptr);
if(rc != SQLITE_OK)
throw std::runtime_error("sqlite3_prepare failed " + base_sql +
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-17 00:48:40 +0000