diff options
| -rw-r--r-- | src/cert/cvc/signed_obj.cpp | 6 | ||||
| -rw-r--r-- | src/cert/x509/x509_ca.cpp | 8 | ||||
| -rw-r--r-- | src/cert/x509/x509_obj.cpp | 18 | ||||
| -rw-r--r-- | src/cert/x509/x509self.cpp | 4 | ||||
| -rw-r--r-- | src/cert/x509/x509stor.cpp | 18 | ||||
| -rw-r--r-- | src/cms/cms_ealg.cpp | 12 | ||||
| -rw-r--r-- | src/cms/cms_enc.h | 2 | ||||
| -rw-r--r-- | src/libstate/look_pk.h | 24 | ||||
| -rw-r--r-- | src/pubkey/dsa/dsa.h | 4 | ||||
| -rw-r--r-- | src/pubkey/ecdsa/ecdsa.h | 6 | ||||
| -rw-r--r-- | src/pubkey/elgamal/elgamal.h | 4 | ||||
| -rw-r--r-- | src/pubkey/gost_3410/gost_3410.h | 6 | ||||
| -rw-r--r-- | src/pubkey/info.txt | 2 | ||||
| -rw-r--r-- | src/pubkey/nr/nr.h | 4 | ||||
| -rw-r--r-- | src/pubkey/pk_keys.h | 35 | ||||
| -rw-r--r-- | src/pubkey/pk_ops.h | 8 | ||||
| -rw-r--r-- | src/pubkey/rsa/rsa.h | 6 | ||||
| -rw-r--r-- | src/pubkey/rw/rw.h | 4 | ||||
| -rw-r--r-- | src/pubkey/x509_key.cpp | 15 |
19 files changed, 38 insertions, 148 deletions
diff --git a/src/cert/cvc/signed_obj.cpp b/src/cert/cvc/signed_obj.cpp index 31a158dd4..ddb714621 100644 --- a/src/cert/cvc/signed_obj.cpp +++ b/src/cert/cvc/signed_obj.cpp @@ -62,13 +62,9 @@ bool EAC_Signed_Object::check_signature(Public_Key& pub_key, Signature_Format format = (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363; - if(!dynamic_cast<PK_Verifying_wo_MR_Key*>(&pub_key)) - return false; - SecureVector<byte> to_sign = tbs_data(); - PK_Verifying_wo_MR_Key& sig_key = dynamic_cast<PK_Verifying_wo_MR_Key&>(pub_key); - std::auto_ptr<PK_Verifier> verifier(get_pk_verifier(sig_key, padding, format)); + std::auto_ptr<PK_Verifier> verifier(get_pk_verifier(pub_key, padding, format)); return verifier->verify_message(to_sign, sig); } catch(...) diff --git a/src/cert/x509/x509_ca.cpp b/src/cert/x509/x509_ca.cpp index 9af5aa449..00a105d1d 100644 --- a/src/cert/x509/x509_ca.cpp +++ b/src/cert/x509/x509_ca.cpp @@ -30,10 +30,6 @@ X509_CA::X509_CA(const X509_Certificate& c, const Private_Key& key, const std::string& hash_fn) : cert(c) { - // Use pointer dynamic_cast to avoid exception if cast fails - if(!dynamic_cast<const PK_Signing_Key*>(&key)) - throw Invalid_Argument("X509_CA: " + key.algo_name() + " cannot sign"); - if(!cert.is_CA_cert()) throw Invalid_Argument("X509_CA: This certificate is not for a CA"); @@ -276,9 +272,7 @@ PK_Signer* choose_sig_format(const Private_Key& key, sig_algo.oid = OIDS::lookup(algo_name + "/" + padding); sig_algo.parameters = key.algorithm_identifier().parameters; - const PK_Signing_Key& sig_key = dynamic_cast<const PK_Signing_Key&>(key); - - return get_pk_signer(sig_key, padding, format); + return get_pk_signer(key, padding, format); } } diff --git a/src/cert/x509/x509_obj.cpp b/src/cert/x509/x509_obj.cpp index 31b4a309f..fb92a9cb0 100644 --- a/src/cert/x509/x509_obj.cpp +++ b/src/cert/x509/x509_obj.cpp @@ -168,22 +168,8 @@ bool X509_Object::check_signature(Public_Key& pub_key) const Signature_Format format = (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363; - std::auto_ptr<PK_Verifier> verifier; - - if(dynamic_cast<PK_Verifying_with_MR_Key*>(&pub_key)) - { - PK_Verifying_with_MR_Key& sig_key = - dynamic_cast<PK_Verifying_with_MR_Key&>(pub_key); - verifier.reset(get_pk_verifier(sig_key, padding, format)); - } - else if(dynamic_cast<PK_Verifying_wo_MR_Key*>(&pub_key)) - { - PK_Verifying_wo_MR_Key& sig_key = - dynamic_cast<PK_Verifying_wo_MR_Key&>(pub_key); - verifier.reset(get_pk_verifier(sig_key, padding, format)); - } - else - return false; + std::auto_ptr<PK_Verifier> verifier( + get_pk_verifier(pub_key, padding, format)); return verifier->verify_message(tbs_data(), signature()); } diff --git a/src/cert/x509/x509self.cpp b/src/cert/x509/x509self.cpp index f915c6ff5..e85317462 100644 --- a/src/cert/x509/x509self.cpp +++ b/src/cert/x509/x509self.cpp @@ -24,10 +24,6 @@ namespace { MemoryVector<byte> shared_setup(const X509_Cert_Options& opts, const Private_Key& key) { - const Private_Key* key_pointer = &key; - if(!dynamic_cast<const PK_Signing_Key*>(key_pointer)) - throw Invalid_Argument("Key type " + key.algo_name() + " cannot sign"); - opts.sanity_check(); Pipe key_encoder; diff --git a/src/cert/x509/x509stor.cpp b/src/cert/x509/x509stor.cpp index e9e8f4575..b134817e4 100644 --- a/src/cert/x509/x509stor.cpp +++ b/src/cert/x509/x509stor.cpp @@ -381,7 +381,6 @@ X509_Code X509_Store::check_sig(const Cert_Info& cert_info, X509_Code X509_Store::check_sig(const X509_Object& object, Public_Key* key) { std::auto_ptr<Public_Key> pub_key(key); - std::auto_ptr<PK_Verifier> verifier; try { std::vector<std::string> sig_info = @@ -395,20 +394,8 @@ X509_Code X509_Store::check_sig(const X509_Object& object, Public_Key* key) if(key->message_parts() >= 2) format = DER_SEQUENCE; else format = IEEE_1363; - if(dynamic_cast<PK_Verifying_with_MR_Key*>(pub_key.get())) - { - PK_Verifying_with_MR_Key* sig_key = - dynamic_cast<PK_Verifying_with_MR_Key*>(pub_key.get()); - verifier.reset(get_pk_verifier(*sig_key, padding, format)); - } - else if(dynamic_cast<PK_Verifying_wo_MR_Key*>(pub_key.get())) - { - PK_Verifying_wo_MR_Key* sig_key = - dynamic_cast<PK_Verifying_wo_MR_Key*>(pub_key.get()); - verifier.reset(get_pk_verifier(*sig_key, padding, format)); - } - else - return CA_CERT_CANNOT_SIGN; + std::auto_ptr<PK_Verifier> verifier( + get_pk_verifier(*pub_key.get(), padding, format)); bool valid = verifier->verify_message(object.tbs_data(), object.signature()); @@ -418,6 +405,7 @@ X509_Code X509_Store::check_sig(const X509_Object& object, Public_Key* key) else return SIGNATURE_ERROR; } + catch(Lookup_Error) { return CA_CERT_CANNOT_SIGN; } catch(Decoding_Error) { return CERT_FORMAT_ERROR; } catch(Exception) {} diff --git a/src/cms/cms_ealg.cpp b/src/cms/cms_ealg.cpp index 5a9b42cde..4bae96302 100644 --- a/src/cms/cms_ealg.cpp +++ b/src/cms/cms_ealg.cpp @@ -107,12 +107,7 @@ void CMS_Encoder::encrypt(RandomNumberGenerator& rng, if(constraints != NO_CONSTRAINTS && !(constraints & KEY_ENCIPHERMENT)) throw Invalid_Argument("CMS: Constraints not set for encryption"); - PK_Encrypting_Key* enc_key = dynamic_cast<PK_Encrypting_Key*>(key.get()); - if(enc_key == 0) - throw Internal_Error("CMS_Encoder::encrypt: " + algo + - " can't encrypt"); - - encrypt_ktri(rng, to, enc_key, cipher); + encrypt_ktri(rng, to, key.get(), cipher); } else if(algo == "DH") { @@ -130,7 +125,7 @@ void CMS_Encoder::encrypt(RandomNumberGenerator& rng, */ void CMS_Encoder::encrypt_ktri(RandomNumberGenerator& rng, const X509_Certificate& to, - PK_Encrypting_Key* pub_key, + Public_Key* pub_key, const std::string& cipher) { const std::string padding = "EME-PKCS1-v1_5"; @@ -297,8 +292,7 @@ void CMS_Encoder::sign(const X509_Certificate& cert, Signature_Format format = IEEE_1363; - const PK_Signing_Key& sig_key = dynamic_cast<const PK_Signing_Key&>(key); - std::auto_ptr<PK_Signer> signer(get_pk_signer(sig_key, padding, format)); + std::auto_ptr<PK_Signer> signer(get_pk_signer(key, padding, format)); AlgorithmIdentifier sig_algo(OIDS::lookup(key.algo_name() + "/" + padding), AlgorithmIdentifier::USE_NULL_PARAM); diff --git a/src/cms/cms_enc.h b/src/cms/cms_enc.h index b1e18ef7d..ec2fdf3b3 100644 --- a/src/cms/cms_enc.h +++ b/src/cms/cms_enc.h @@ -59,7 +59,7 @@ class BOTAN_DLL CMS_Encoder void add_layer(const std::string&, DER_Encoder&); void encrypt_ktri(RandomNumberGenerator&, - const X509_Certificate&, PK_Encrypting_Key*, + const X509_Certificate&, Public_Key*, const std::string&); void encrypt_kari(RandomNumberGenerator&, const X509_Certificate&, Public_Key*, diff --git a/src/libstate/look_pk.h b/src/libstate/look_pk.h index a12b3d241..459f19564 100644 --- a/src/libstate/look_pk.h +++ b/src/libstate/look_pk.h @@ -19,7 +19,7 @@ namespace Botan { * @param eme determines the algorithm and encoding * @return the public key encryptor object */ -inline PK_Encryptor* get_pk_encryptor(const PK_Encrypting_Key& key, +inline PK_Encryptor* get_pk_encryptor(const Public_Key& key, const std::string& eme) { return new PK_Encryptor_MR_with_EME(key, get_eme(eme)); @@ -31,7 +31,7 @@ inline PK_Encryptor* get_pk_encryptor(const PK_Encrypting_Key& key, * @param eme determines the algorithm and encoding * @return the public key decryptor object */ -inline PK_Decryptor* get_pk_decryptor(const PK_Decrypting_Key& key, +inline PK_Decryptor* get_pk_decryptor(const Private_Key& key, const std::string& eme) { return new PK_Decryptor_MR_with_EME(key, get_eme(eme)); @@ -44,7 +44,7 @@ inline PK_Decryptor* get_pk_decryptor(const PK_Decrypting_Key& key, * @param sig_format the signature format to be used * @return the public key signer object */ -inline PK_Signer* get_pk_signer(const PK_Signing_Key& key, +inline PK_Signer* get_pk_signer(const Private_Key& key, const std::string& emsa, Signature_Format sig_format = IEEE_1363) { @@ -60,23 +60,7 @@ inline PK_Signer* get_pk_signer(const PK_Signing_Key& key, * @param sig_format the signature format to be used * @return the public key verifier object */ -inline PK_Verifier* get_pk_verifier(const PK_Verifying_with_MR_Key& key, - const std::string& emsa, - Signature_Format sig_format = IEEE_1363) - { - PK_Verifier* verifier = new PK_Verifier(key, get_emsa(emsa)); - verifier->set_input_format(sig_format); - return verifier; - } - -/** -* Public key verifier factory method. -* @param key the key that will work inside the verifier -* @param emsa determines the algorithm, encoding and hash algorithm -* @param sig_format the signature format to be used -* @return the public key verifier object -*/ -inline PK_Verifier* get_pk_verifier(const PK_Verifying_wo_MR_Key& key, +inline PK_Verifier* get_pk_verifier(const Public_Key& key, const std::string& emsa, Signature_Format sig_format = IEEE_1363) { diff --git a/src/pubkey/dsa/dsa.h b/src/pubkey/dsa/dsa.h index 290cb5740..a57cbfcae 100644 --- a/src/pubkey/dsa/dsa.h +++ b/src/pubkey/dsa/dsa.h @@ -18,8 +18,7 @@ namespace Botan { /* * DSA Public Key */ -class BOTAN_DLL DSA_PublicKey : public PK_Verifying_wo_MR_Key, - public virtual DL_Scheme_PublicKey +class BOTAN_DLL DSA_PublicKey : public virtual DL_Scheme_PublicKey { public: std::string algo_name() const { return "DSA"; } @@ -44,7 +43,6 @@ class BOTAN_DLL DSA_PublicKey : public PK_Verifying_wo_MR_Key, * DSA Private Key */ class BOTAN_DLL DSA_PrivateKey : public DSA_PublicKey, - public PK_Signing_Key, public virtual DL_Scheme_PrivateKey { public: diff --git a/src/pubkey/ecdsa/ecdsa.h b/src/pubkey/ecdsa/ecdsa.h index 9e457a0a7..7ea135896 100644 --- a/src/pubkey/ecdsa/ecdsa.h +++ b/src/pubkey/ecdsa/ecdsa.h @@ -18,8 +18,7 @@ namespace Botan { /** * This class represents ECDSA Public Keys. */ -class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey, - public PK_Verifying_wo_MR_Key +class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey { public: @@ -62,8 +61,7 @@ class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey, * This class represents ECDSA Private Keys */ class BOTAN_DLL ECDSA_PrivateKey : public ECDSA_PublicKey, - public EC_PrivateKey, - public PK_Signing_Key + public EC_PrivateKey { public: diff --git a/src/pubkey/elgamal/elgamal.h b/src/pubkey/elgamal/elgamal.h index 238f286e7..dad9dbc3e 100644 --- a/src/pubkey/elgamal/elgamal.h +++ b/src/pubkey/elgamal/elgamal.h @@ -18,8 +18,7 @@ namespace Botan { /* * ElGamal Public Key */ -class BOTAN_DLL ElGamal_PublicKey : public PK_Encrypting_Key, - public virtual DL_Scheme_PublicKey +class BOTAN_DLL ElGamal_PublicKey : public virtual DL_Scheme_PublicKey { public: std::string algo_name() const { return "ElGamal"; } @@ -41,7 +40,6 @@ class BOTAN_DLL ElGamal_PublicKey : public PK_Encrypting_Key, * ElGamal Private Key */ class BOTAN_DLL ElGamal_PrivateKey : public ElGamal_PublicKey, - public PK_Decrypting_Key, public virtual DL_Scheme_PrivateKey { public: diff --git a/src/pubkey/gost_3410/gost_3410.h b/src/pubkey/gost_3410/gost_3410.h index d3309b8f1..ffdbc6e19 100644 --- a/src/pubkey/gost_3410/gost_3410.h +++ b/src/pubkey/gost_3410/gost_3410.h @@ -18,8 +18,7 @@ namespace Botan { /** * This class represents GOST_3410 Public Keys. */ -class BOTAN_DLL GOST_3410_PublicKey : public virtual EC_PublicKey, - public PK_Verifying_wo_MR_Key +class BOTAN_DLL GOST_3410_PublicKey : public virtual EC_PublicKey { public: @@ -69,8 +68,7 @@ class BOTAN_DLL GOST_3410_PublicKey : public virtual EC_PublicKey, * This class represents GOST_3410 Private Keys */ class BOTAN_DLL GOST_3410_PrivateKey : public GOST_3410_PublicKey, - public EC_PrivateKey, - public PK_Signing_Key + public EC_PrivateKey { public: diff --git a/src/pubkey/info.txt b/src/pubkey/info.txt index 01378b856..a4a5bfc71 100644 --- a/src/pubkey/info.txt +++ b/src/pubkey/info.txt @@ -28,8 +28,10 @@ workfactor.h alloc asn1 bigint +engine filters kdf +libstate oid_lookup pbe pem diff --git a/src/pubkey/nr/nr.h b/src/pubkey/nr/nr.h index ba7cee8cc..19eac5cc9 100644 --- a/src/pubkey/nr/nr.h +++ b/src/pubkey/nr/nr.h @@ -18,8 +18,7 @@ namespace Botan { /* * Nyberg-Rueppel Public Key */ -class BOTAN_DLL NR_PublicKey : public PK_Verifying_with_MR_Key, - public virtual DL_Scheme_PublicKey +class BOTAN_DLL NR_PublicKey : public virtual DL_Scheme_PublicKey { public: std::string algo_name() const { return "NR"; } @@ -42,7 +41,6 @@ class BOTAN_DLL NR_PublicKey : public PK_Verifying_with_MR_Key, * Nyberg-Rueppel Private Key */ class BOTAN_DLL NR_PrivateKey : public NR_PublicKey, - public PK_Signing_Key, public virtual DL_Scheme_PrivateKey { public: diff --git a/src/pubkey/pk_keys.h b/src/pubkey/pk_keys.h index 74e36c638..da73db0ee 100644 --- a/src/pubkey/pk_keys.h +++ b/src/pubkey/pk_keys.h @@ -100,41 +100,6 @@ class BOTAN_DLL Private_Key : public virtual Public_Key }; /** -* PK Encrypting Key. -*/ -class BOTAN_DLL PK_Encrypting_Key : public virtual Public_Key - { - }; - -/** -* PK Decrypting Key -*/ -class BOTAN_DLL PK_Decrypting_Key : public virtual Private_Key - { - }; - -/** -* PK Signing Key -*/ -class BOTAN_DLL PK_Signing_Key : public virtual Private_Key - { - }; - -/** -* PK Verifying Key, Message Recovery Version -*/ -class BOTAN_DLL PK_Verifying_with_MR_Key : public virtual Public_Key - { - }; - -/** -* PK Verifying Key, No Message Recovery Version -*/ -class BOTAN_DLL PK_Verifying_wo_MR_Key : public virtual Public_Key - { - }; - -/** * PK Secret Value Derivation Key */ class BOTAN_DLL PK_Key_Agreement_Key : public virtual Private_Key diff --git a/src/pubkey/pk_ops.h b/src/pubkey/pk_ops.h index 3f04b52dc..bf846d69f 100644 --- a/src/pubkey/pk_ops.h +++ b/src/pubkey/pk_ops.h @@ -106,8 +106,8 @@ class BOTAN_DLL Verification * @param sig_len the length of sig in bytes * @returns if signature is a valid one for message */ - virtual bool verify(const byte msg[], u32bit msg_len, - const byte sig[], u32bit sig_len) const + virtual bool verify(const byte[], u32bit, + const byte[], u32bit) const { throw Invalid_State("Message recovery required"); } @@ -119,8 +119,8 @@ class BOTAN_DLL Verification * @param msg_len the length of msg in bytes * @returns recovered message */ - virtual SecureVector<byte> verify_mr(const byte msg[], - u32bit msg_len) const + virtual SecureVector<byte> verify_mr(const byte[], + u32bit) const { throw Invalid_State("Message recovery not supported"); } diff --git a/src/pubkey/rsa/rsa.h b/src/pubkey/rsa/rsa.h index f91d807f4..cf81e0f3b 100644 --- a/src/pubkey/rsa/rsa.h +++ b/src/pubkey/rsa/rsa.h @@ -16,9 +16,7 @@ namespace Botan { /** * RSA Public Key */ -class BOTAN_DLL RSA_PublicKey : public PK_Encrypting_Key, - public PK_Verifying_with_MR_Key, - public virtual IF_Scheme_PublicKey +class BOTAN_DLL RSA_PublicKey : public virtual IF_Scheme_PublicKey { public: std::string algo_name() const { return "RSA"; } @@ -49,8 +47,6 @@ class BOTAN_DLL RSA_PublicKey : public PK_Encrypting_Key, * RSA Private Key class. */ class BOTAN_DLL RSA_PrivateKey : public RSA_PublicKey, - public PK_Decrypting_Key, - public PK_Signing_Key, public IF_Scheme_PrivateKey { public: diff --git a/src/pubkey/rw/rw.h b/src/pubkey/rw/rw.h index 7d614cf5a..8ca8d18b0 100644 --- a/src/pubkey/rw/rw.h +++ b/src/pubkey/rw/rw.h @@ -16,8 +16,7 @@ namespace Botan { /* * Rabin-Williams Public Key */ -class BOTAN_DLL RW_PublicKey : public PK_Verifying_with_MR_Key, - public virtual IF_Scheme_PublicKey +class BOTAN_DLL RW_PublicKey : public virtual IF_Scheme_PublicKey { public: std::string algo_name() const { return "RW"; } @@ -39,7 +38,6 @@ class BOTAN_DLL RW_PublicKey : public PK_Verifying_with_MR_Key, * Rabin-Williams Private Key */ class BOTAN_DLL RW_PrivateKey : public RW_PublicKey, - public PK_Signing_Key, public IF_Scheme_PrivateKey { public: diff --git a/src/pubkey/x509_key.cpp b/src/pubkey/x509_key.cpp index aaea8c943..babeb517f 100644 --- a/src/pubkey/x509_key.cpp +++ b/src/pubkey/x509_key.cpp @@ -129,17 +129,18 @@ Public_Key* copy_key(const Public_Key& key) Key_Constraints find_constraints(const Public_Key& pub_key, Key_Constraints limits) { - const Public_Key* key = &pub_key; - u32bit constraints = 0; + const std::string name = pub_key.algo_name(); - if(dynamic_cast<const PK_Encrypting_Key*>(key)) - constraints |= KEY_ENCIPHERMENT | DATA_ENCIPHERMENT; + u32bit constraints = 0; - if(dynamic_cast<const PK_Key_Agreement_Key*>(key)) + if(name == "DH" || name == "ECDH") constraints |= KEY_AGREEMENT; - if(dynamic_cast<const PK_Verifying_wo_MR_Key*>(key) || - dynamic_cast<const PK_Verifying_with_MR_Key*>(key)) + if(name == "RSA" || name == "ElGamal") + constraints |= KEY_ENCIPHERMENT | DATA_ENCIPHERMENT; + + if(name == "RSA" || name == "RW" || name == "NR" || + name == "DSA" || name == "ECDSA") constraints |= DIGITAL_SIGNATURE | NON_REPUDIATION; if(limits) |