diff options
| -rw-r--r-- | src/lib/algo_base/scan_name.cpp | 17 | ||||
| -rw-r--r-- | src/lib/pk_pad/eme_oaep/info.txt (renamed from src/lib/pk_pad/eme1/info.txt) | 2 | ||||
| -rw-r--r-- | src/lib/pk_pad/eme_oaep/oaep.cpp (renamed from src/lib/pk_pad/eme1/eme1.cpp) | 22 | ||||
| -rw-r--r-- | src/lib/pk_pad/eme_oaep/oaep.h (renamed from src/lib/pk_pad/eme1/eme1.h) | 12 | ||||
| -rw-r--r-- | src/lib/pk_pad/eme_pkcs1/eme_pkcs.cpp (renamed from src/lib/pk_pad/eme_pkcs/eme_pkcs.cpp) | 0 | ||||
| -rw-r--r-- | src/lib/pk_pad/eme_pkcs1/eme_pkcs.h (renamed from src/lib/pk_pad/eme_pkcs/eme_pkcs.h) | 0 | ||||
| -rw-r--r-- | src/lib/pk_pad/eme_pkcs1/info.txt (renamed from src/lib/pk_pad/eme_pkcs/info.txt) | 0 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa2/emsa2.cpp | 112 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa3/emsa3.cpp | 152 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp | 116 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h (renamed from src/lib/pk_pad/emsa3/emsa3.h) | 25 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_pkcs1/info.txt (renamed from src/lib/pk_pad/emsa3/info.txt) | 2 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_pssr/info.txt (renamed from src/lib/pk_pad/emsa4/info.txt) | 2 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_pssr/pssr.cpp (renamed from src/lib/pk_pad/emsa4/emsa4.cpp) | 37 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_pssr/pssr.h (renamed from src/lib/pk_pad/emsa4/emsa4.h) | 17 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.cpp (renamed from src/lib/pk_pad/emsa1_bsi/emsa1_bsi.cpp) | 0 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.h (renamed from src/lib/pk_pad/emsa1_bsi/emsa1_bsi.h) | 0 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_raw_bsi/info.txt (renamed from src/lib/pk_pad/emsa1_bsi/info.txt) | 0 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_x931/emsa_x931.cpp | 96 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_x931/emsa_x931.h (renamed from src/lib/pk_pad/emsa2/emsa2.h) | 23 | ||||
| -rw-r--r-- | src/lib/pk_pad/emsa_x931/info.txt (renamed from src/lib/pk_pad/emsa2/info.txt) | 2 | ||||
| -rw-r--r-- | src/lib/pk_pad/get_pk_pad.cpp | 48 | ||||
| -rw-r--r-- | src/lib/tls/info.txt | 4 |
23 files changed, 315 insertions, 374 deletions
diff --git a/src/lib/algo_base/scan_name.cpp b/src/lib/algo_base/scan_name.cpp index 84a5e24b4..d32c36a66 100644 --- a/src/lib/algo_base/scan_name.cpp +++ b/src/lib/algo_base/scan_name.cpp @@ -206,13 +206,20 @@ void SCAN_Name::set_default_aliases() SCAN_Name::add_alias("ARC4", "RC4"); SCAN_Name::add_alias("OMAC", "CMAC"); + SCAN_Name::add_alias("EMSA-PSS", "PSSR"); + SCAN_Name::add_alias("PSS-MGF1", "PSSR"); + SCAN_Name::add_alias("EME-OAEP", "OAEP"); + + SCAN_Name::add_alias("EMSA2", "EMSA_X931"); + SCAN_Name::add_alias("EMSA3", "EMSA_PKCS1"); + SCAN_Name::add_alias("EMSA-PKCS1-v1_5", "EMSA_PKCS1"); + // should be renamed in sources - SCAN_Name::add_alias("OAEP-MGF1", "EME1"); - SCAN_Name::add_alias("EME-OAEP", "EME1"); SCAN_Name::add_alias("X9.31", "EMSA2"); - SCAN_Name::add_alias("EMSA-PKCS1-v1_5", "EMSA3"); - SCAN_Name::add_alias("PSS-MGF1", "EMSA4"); - SCAN_Name::add_alias("EMSA-PSS", "EMSA4"); + + // kept for compatability with old library versions + SCAN_Name::add_alias("EMSA4", "PSSR"); + SCAN_Name::add_alias("EME1", "OAEP"); // probably can be removed SCAN_Name::add_alias("GOST", "GOST-28147-89"); diff --git a/src/lib/pk_pad/eme1/info.txt b/src/lib/pk_pad/eme_oaep/info.txt index 7ae3e98da..7a9360633 100644 --- a/src/lib/pk_pad/eme1/info.txt +++ b/src/lib/pk_pad/eme_oaep/info.txt @@ -1,4 +1,4 @@ -define EME1 20131128 +define EME_OAEP 20140118 load_on auto diff --git a/src/lib/pk_pad/eme1/eme1.cpp b/src/lib/pk_pad/eme_oaep/oaep.cpp index 9f236ec00..6186ba1e9 100644 --- a/src/lib/pk_pad/eme1/eme1.cpp +++ b/src/lib/pk_pad/eme_oaep/oaep.cpp @@ -1,11 +1,11 @@ /* -* EME1 (aka OAEP) +* OAEP * (C) 1999-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ -#include <botan/eme1.h> +#include <botan/oaep.h> #include <botan/mgf1.h> #include <botan/mem_ops.h> #include <memory> @@ -13,16 +13,16 @@ namespace Botan { /* -* EME1 Pad Operation +* OAEP Pad Operation */ -secure_vector<byte> EME1::pad(const byte in[], size_t in_length, +secure_vector<byte> OAEP::pad(const byte in[], size_t in_length, size_t key_length, RandomNumberGenerator& rng) const { key_length /= 8; if(key_length < in_length + 2*m_Phash.size() + 1) - throw Invalid_Argument("EME1: Input is too large"); + throw Invalid_Argument("OAEP: Input is too large"); secure_vector<byte> out(key_length); @@ -44,9 +44,9 @@ secure_vector<byte> EME1::pad(const byte in[], size_t in_length, } /* -* EME1 Unpad Operation +* OAEP Unpad Operation */ -secure_vector<byte> EME1::unpad(const byte in[], size_t in_length, +secure_vector<byte> OAEP::unpad(const byte in[], size_t in_length, size_t key_length) const { /* @@ -107,7 +107,7 @@ secure_vector<byte> EME1::unpad(const byte in[], size_t in_length, bad_input |= !same_mem(&input[m_Phash.size()], &m_Phash[0], m_Phash.size()); if(bad_input) - throw Decoding_Error("Invalid EME1 encoding"); + throw Decoding_Error("Invalid OAEP encoding"); return secure_vector<byte>(&input[delim_idx + 1], &input[input.size()]); } @@ -115,7 +115,7 @@ secure_vector<byte> EME1::unpad(const byte in[], size_t in_length, /* * Return the max input size for a given key size */ -size_t EME1::maximum_input_size(size_t keybits) const +size_t OAEP::maximum_input_size(size_t keybits) const { if(keybits / 8 > 2*m_Phash.size() + 1) return ((keybits / 8) - 2*m_Phash.size() - 1); @@ -124,9 +124,9 @@ size_t EME1::maximum_input_size(size_t keybits) const } /* -* EME1 Constructor +* OAEP Constructor */ -EME1::EME1(HashFunction* hash, const std::string& P) : m_hash(hash) +OAEP::OAEP(HashFunction* hash, const std::string& P) : m_hash(hash) { m_Phash = m_hash->process(P); } diff --git a/src/lib/pk_pad/eme1/eme1.h b/src/lib/pk_pad/eme_oaep/oaep.h index 3c71919a8..250759821 100644 --- a/src/lib/pk_pad/eme1/eme1.h +++ b/src/lib/pk_pad/eme_oaep/oaep.h @@ -1,12 +1,12 @@ /* -* EME1 +* OAEP * (C) 1999-2007 Jack Lloyd * * Distributed under the terms of the Botan license */ -#ifndef BOTAN_EME1_H__ -#define BOTAN_EME1_H__ +#ifndef BOTAN_OAEP_H__ +#define BOTAN_OAEP_H__ #include <botan/eme.h> #include <botan/kdf.h> @@ -16,9 +16,9 @@ namespace Botan { /** -* EME1, aka OAEP +* OAEP (called EME1 in IEEE 1363 and in earlier versions of the library) */ -class BOTAN_DLL EME1 : public EME +class BOTAN_DLL OAEP : public EME { public: size_t maximum_input_size(size_t) const; @@ -27,7 +27,7 @@ class BOTAN_DLL EME1 : public EME * @param hash object to use for hashing (takes ownership) * @param P an optional label. Normally empty. */ - EME1(HashFunction* hash, const std::string& P = ""); + OAEP(HashFunction* hash, const std::string& P = ""); private: secure_vector<byte> pad(const byte[], size_t, size_t, RandomNumberGenerator&) const; diff --git a/src/lib/pk_pad/eme_pkcs/eme_pkcs.cpp b/src/lib/pk_pad/eme_pkcs1/eme_pkcs.cpp index 0e7d1fc30..0e7d1fc30 100644 --- a/src/lib/pk_pad/eme_pkcs/eme_pkcs.cpp +++ b/src/lib/pk_pad/eme_pkcs1/eme_pkcs.cpp diff --git a/src/lib/pk_pad/eme_pkcs/eme_pkcs.h b/src/lib/pk_pad/eme_pkcs1/eme_pkcs.h index 2808e18d6..2808e18d6 100644 --- a/src/lib/pk_pad/eme_pkcs/eme_pkcs.h +++ b/src/lib/pk_pad/eme_pkcs1/eme_pkcs.h diff --git a/src/lib/pk_pad/eme_pkcs/info.txt b/src/lib/pk_pad/eme_pkcs1/info.txt index 432aaf8eb..432aaf8eb 100644 --- a/src/lib/pk_pad/eme_pkcs/info.txt +++ b/src/lib/pk_pad/eme_pkcs1/info.txt diff --git a/src/lib/pk_pad/emsa2/emsa2.cpp b/src/lib/pk_pad/emsa2/emsa2.cpp deleted file mode 100644 index 02a3dbe72..000000000 --- a/src/lib/pk_pad/emsa2/emsa2.cpp +++ /dev/null @@ -1,112 +0,0 @@ -/* -* EMSA2 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/emsa2.h> -#include <botan/hash_id.h> - -namespace Botan { - -namespace { - -/* -* EMSA2 Encode Operation -*/ -secure_vector<byte> emsa2_encoding(const secure_vector<byte>& msg, - size_t output_bits, - const secure_vector<byte>& empty_hash, - byte hash_id) - { - const size_t HASH_SIZE = empty_hash.size(); - - size_t output_length = (output_bits + 1) / 8; - - if(msg.size() != HASH_SIZE) - throw Encoding_Error("EMSA2::encoding_of: Bad input length"); - if(output_length < HASH_SIZE + 4) - throw Encoding_Error("EMSA2::encoding_of: Output length is too small"); - - bool empty = true; - for(size_t j = 0; j != HASH_SIZE; ++j) - if(empty_hash[j] != msg[j]) - empty = false; - - secure_vector<byte> output(output_length); - - output[0] = (empty ? 0x4B : 0x6B); - output[output_length - 3 - HASH_SIZE] = 0xBA; - set_mem(&output[1], output_length - 4 - HASH_SIZE, 0xBB); - buffer_insert(output, output_length - (HASH_SIZE + 2), &msg[0], msg.size()); - output[output_length-2] = hash_id; - output[output_length-1] = 0xCC; - - return output; - } - -} - -/* -* EMSA2 Update Operation -*/ -void EMSA2::update(const byte input[], size_t length) - { - hash->update(input, length); - } - -/* -* Return the raw (unencoded) data -*/ -secure_vector<byte> EMSA2::raw_data() - { - return hash->final(); - } - -/* -* EMSA2 Encode Operation -*/ -secure_vector<byte> EMSA2::encoding_of(const secure_vector<byte>& msg, - size_t output_bits, - RandomNumberGenerator&) - { - return emsa2_encoding(msg, output_bits, empty_hash, hash_id); - } - -/* -* EMSA2 Verify Operation -*/ -bool EMSA2::verify(const secure_vector<byte>& coded, - const secure_vector<byte>& raw, - size_t key_bits) - { - try - { - return (coded == emsa2_encoding(raw, key_bits, - empty_hash, hash_id)); - } - catch(...) - { - return false; - } - } - -/* -* EMSA2 Constructor -*/ -EMSA2::EMSA2(HashFunction* hash_in) : hash(hash_in) - { - empty_hash = hash->final(); - - const std::string hash_name = hash->name(); - hash_id = ieee1363_hash_id(hash_name); - - if(hash_id == 0) - { - delete hash; - throw Encoding_Error("EMSA2 no hash identifier for " + hash_name); - } - } - -} diff --git a/src/lib/pk_pad/emsa3/emsa3.cpp b/src/lib/pk_pad/emsa3/emsa3.cpp deleted file mode 100644 index 0d603c508..000000000 --- a/src/lib/pk_pad/emsa3/emsa3.cpp +++ /dev/null @@ -1,152 +0,0 @@ -/* -* EMSA3 and EMSA3_Raw -* (C) 1999-2008 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/emsa3.h> -#include <botan/hash_id.h> - -namespace Botan { - -namespace { - -/* -* EMSA3 Encode Operation -*/ -secure_vector<byte> emsa3_encoding(const secure_vector<byte>& msg, - size_t output_bits, - const byte hash_id[], - size_t hash_id_length) - { - size_t output_length = output_bits / 8; - if(output_length < hash_id_length + msg.size() + 10) - throw Encoding_Error("emsa3_encoding: Output length is too small"); - - secure_vector<byte> T(output_length); - const size_t P_LENGTH = output_length - msg.size() - hash_id_length - 2; - - T[0] = 0x01; - set_mem(&T[1], P_LENGTH, 0xFF); - T[P_LENGTH+1] = 0x00; - buffer_insert(T, P_LENGTH+2, hash_id, hash_id_length); - buffer_insert(T, output_length-msg.size(), &msg[0], msg.size()); - return T; - } - -} - -/* -* EMSA3 Update Operation -*/ -void EMSA3::update(const byte input[], size_t length) - { - hash->update(input, length); - } - -/* -* Return the raw (unencoded) data -*/ -secure_vector<byte> EMSA3::raw_data() - { - return hash->final(); - } - -/* -* EMSA3 Encode Operation -*/ -secure_vector<byte> EMSA3::encoding_of(const secure_vector<byte>& msg, - size_t output_bits, - RandomNumberGenerator&) - { - if(msg.size() != hash->output_length()) - throw Encoding_Error("EMSA3::encoding_of: Bad input length"); - - return emsa3_encoding(msg, output_bits, - &hash_id[0], hash_id.size()); - } - -/* -* Default signature decoding -*/ -bool EMSA3::verify(const secure_vector<byte>& coded, - const secure_vector<byte>& raw, - size_t key_bits) - { - if(raw.size() != hash->output_length()) - return false; - - try - { - return (coded == emsa3_encoding(raw, key_bits, - &hash_id[0], hash_id.size())); - } - catch(...) - { - return false; - } - } - -/* -* EMSA3 Constructor -*/ -EMSA3::EMSA3(HashFunction* hash_in) : hash(hash_in) - { - hash_id = pkcs_hash_id(hash->name()); - } - -/* -* EMSA3 Destructor -*/ -EMSA3::~EMSA3() - { - delete hash; - } - -/* -* EMSA3_Raw Update Operation -*/ -void EMSA3_Raw::update(const byte input[], size_t length) - { - message += std::make_pair(input, length); - } - -/* -* Return the raw (unencoded) data -*/ -secure_vector<byte> EMSA3_Raw::raw_data() - { - secure_vector<byte> ret; - std::swap(ret, message); - return ret; - } - -/* -* EMSA3_Raw Encode Operation -*/ -secure_vector<byte> EMSA3_Raw::encoding_of(const secure_vector<byte>& msg, - size_t output_bits, - RandomNumberGenerator&) - { - return emsa3_encoding(msg, output_bits, nullptr, 0); - } - -/* -* Default signature decoding -*/ -bool EMSA3_Raw::verify(const secure_vector<byte>& coded, - const secure_vector<byte>& raw, - size_t key_bits) - { - try - { - return (coded == emsa3_encoding(raw, key_bits, nullptr, 0)); - } - catch(...) - { - return false; - } - } - -} diff --git a/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp new file mode 100644 index 000000000..3ba236784 --- /dev/null +++ b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp @@ -0,0 +1,116 @@ +/* +* PKCS #1 v1.5 signature padding +* (C) 1999-2008 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#include <botan/emsa_pkcs1.h> +#include <botan/hash_id.h> + +namespace Botan { + +namespace { + +secure_vector<byte> emsa3_encoding(const secure_vector<byte>& msg, + size_t output_bits, + const byte hash_id[], + size_t hash_id_length) + { + size_t output_length = output_bits / 8; + if(output_length < hash_id_length + msg.size() + 10) + throw Encoding_Error("emsa3_encoding: Output length is too small"); + + secure_vector<byte> T(output_length); + const size_t P_LENGTH = output_length - msg.size() - hash_id_length - 2; + + T[0] = 0x01; + set_mem(&T[1], P_LENGTH, 0xFF); + T[P_LENGTH+1] = 0x00; + buffer_insert(T, P_LENGTH+2, hash_id, hash_id_length); + buffer_insert(T, output_length-msg.size(), &msg[0], msg.size()); + return T; + } + +} + +void EMSA_PKCS1v15::update(const byte input[], size_t length) + { + m_hash->update(input, length); + } + +secure_vector<byte> EMSA_PKCS1v15::raw_data() + { + return m_hash->final(); + } + +secure_vector<byte> +EMSA_PKCS1v15::encoding_of(const secure_vector<byte>& msg, + size_t output_bits, + RandomNumberGenerator&) + { + if(msg.size() != m_hash->output_length()) + throw Encoding_Error("EMSA_PKCS1v15::encoding_of: Bad input length"); + + return emsa3_encoding(msg, output_bits, + &m_hash_id[0], m_hash_id.size()); + } + +bool EMSA_PKCS1v15::verify(const secure_vector<byte>& coded, + const secure_vector<byte>& raw, + size_t key_bits) + { + if(raw.size() != m_hash->output_length()) + return false; + + try + { + return (coded == emsa3_encoding(raw, key_bits, + &m_hash_id[0], m_hash_id.size())); + } + catch(...) + { + return false; + } + } + +EMSA_PKCS1v15::EMSA_PKCS1v15(HashFunction* hash) : m_hash(hash) + { + m_hash_id = pkcs_hash_id(m_hash->name()); + } + +void EMSA_PKCS1v15_Raw::update(const byte input[], size_t length) + { + message += std::make_pair(input, length); + } + +secure_vector<byte> EMSA_PKCS1v15_Raw::raw_data() + { + secure_vector<byte> ret; + std::swap(ret, message); + return ret; + } + +secure_vector<byte> +EMSA_PKCS1v15_Raw::encoding_of(const secure_vector<byte>& msg, + size_t output_bits, + RandomNumberGenerator&) + { + return emsa3_encoding(msg, output_bits, nullptr, 0); + } + +bool EMSA_PKCS1v15_Raw::verify(const secure_vector<byte>& coded, + const secure_vector<byte>& raw, + size_t key_bits) + { + try + { + return (coded == emsa3_encoding(raw, key_bits, nullptr, 0)); + } + catch(...) + { + return false; + } + } + +} diff --git a/src/lib/pk_pad/emsa3/emsa3.h b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h index 9fbda67ee..5c7b38c0c 100644 --- a/src/lib/pk_pad/emsa3/emsa3.h +++ b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h @@ -1,12 +1,12 @@ /* -* EMSA3 and EMSA3_Raw +* PKCS #1 v1.5 signature padding * (C) 1999-2008 Jack Lloyd * * Distributed under the terms of the Botan license */ -#ifndef BOTAN_EMSA3_H__ -#define BOTAN_EMSA3_H__ +#ifndef BOTAN_EMSA_PKCS1_H__ +#define BOTAN_EMSA_PKCS1_H__ #include <botan/emsa.h> #include <botan/hash.h> @@ -14,18 +14,17 @@ namespace Botan { /** -* EMSA3 from IEEE 1363 -* aka PKCS #1 v1.5 signature padding +* PKCS #1 v1.5 signature padding * aka PKCS #1 block type 1 +* aka EMSA3 from IEEE 1363 */ -class BOTAN_DLL EMSA3 : public EMSA +class BOTAN_DLL EMSA_PKCS1v15 : public EMSA { public: /** * @param hash the hash object to use */ - EMSA3(HashFunction* hash); - ~EMSA3(); + EMSA_PKCS1v15(HashFunction* hash); void update(const byte[], size_t); @@ -37,16 +36,16 @@ class BOTAN_DLL EMSA3 : public EMSA bool verify(const secure_vector<byte>&, const secure_vector<byte>&, size_t); private: - HashFunction* hash; - std::vector<byte> hash_id; + std::unique_ptr<HashFunction> m_hash; + std::vector<byte> m_hash_id; }; /** -* EMSA3_Raw which is EMSA3 without a hash or digest id (which -* according to QCA docs is "identical to PKCS#11's CKM_RSA_PKCS +* EMSA_PKCS1v15_Raw which is EMSA_PKCS1v15 without a hash or digest id +* (which according to QCA docs is "identical to PKCS#11's CKM_RSA_PKCS * mechanism", something I have not confirmed) */ -class BOTAN_DLL EMSA3_Raw : public EMSA +class BOTAN_DLL EMSA_PKCS1v15_Raw : public EMSA { public: void update(const byte[], size_t); diff --git a/src/lib/pk_pad/emsa3/info.txt b/src/lib/pk_pad/emsa_pkcs1/info.txt index aea998f13..f497b45e3 100644 --- a/src/lib/pk_pad/emsa3/info.txt +++ b/src/lib/pk_pad/emsa_pkcs1/info.txt @@ -1,4 +1,4 @@ -define EMSA3 20131128 +define EMSA_PKCS1 20140118 <requires> hash diff --git a/src/lib/pk_pad/emsa4/info.txt b/src/lib/pk_pad/emsa_pssr/info.txt index 28214d547..349cc0988 100644 --- a/src/lib/pk_pad/emsa4/info.txt +++ b/src/lib/pk_pad/emsa_pssr/info.txt @@ -1,4 +1,4 @@ -define EMSA4 20131128 +define EMSA_PSSR 20131128 <requires> hash diff --git a/src/lib/pk_pad/emsa4/emsa4.cpp b/src/lib/pk_pad/emsa_pssr/pssr.cpp index d05c9bef2..663d8089c 100644 --- a/src/lib/pk_pad/emsa4/emsa4.cpp +++ b/src/lib/pk_pad/emsa_pssr/pssr.cpp @@ -1,11 +1,11 @@ /* -* EMSA4 +* PSSR * (C) 1999-2007 Jack Lloyd * * Distributed under the terms of the Botan license */ -#include <botan/emsa4.h> +#include <botan/pssr.h> #include <botan/mgf1.h> #include <botan/internal/bit_ops.h> #include <botan/internal/xor_buf.h> @@ -13,9 +13,9 @@ namespace Botan { /* -* EMSA4 Update Operation +* PSSR Update Operation */ -void EMSA4::update(const byte input[], size_t length) +void PSSR::update(const byte input[], size_t length) { hash->update(input, length); } @@ -23,24 +23,24 @@ void EMSA4::update(const byte input[], size_t length) /* * Return the raw (unencoded) data */ -secure_vector<byte> EMSA4::raw_data() +secure_vector<byte> PSSR::raw_data() { return hash->final(); } /* -* EMSA4 Encode Operation +* PSSR Encode Operation */ -secure_vector<byte> EMSA4::encoding_of(const secure_vector<byte>& msg, +secure_vector<byte> PSSR::encoding_of(const secure_vector<byte>& msg, size_t output_bits, RandomNumberGenerator& rng) { const size_t HASH_SIZE = hash->output_length(); if(msg.size() != HASH_SIZE) - throw Encoding_Error("EMSA4::encoding_of: Bad input length"); + throw Encoding_Error("PSSR::encoding_of: Bad input length"); if(output_bits < 8*HASH_SIZE + 8*SALT_SIZE + 9) - throw Encoding_Error("EMSA4::encoding_of: Output length is too small"); + throw Encoding_Error("PSSR::encoding_of: Output length is too small"); const size_t output_length = (output_bits + 7) / 8; @@ -65,9 +65,9 @@ secure_vector<byte> EMSA4::encoding_of(const secure_vector<byte>& msg, } /* -* EMSA4 Decode/Verify Operation +* PSSR Decode/Verify Operation */ -bool EMSA4::verify(const secure_vector<byte>& const_coded, +bool PSSR::verify(const secure_vector<byte>& const_coded, const secure_vector<byte>& raw, size_t key_bits) { const size_t HASH_SIZE = hash->output_length(); @@ -126,19 +126,8 @@ bool EMSA4::verify(const secure_vector<byte>& const_coded, return same_mem(&H[0], &H2[0], HASH_SIZE); } -/* -* EMSA4 Constructor -*/ -EMSA4::EMSA4(HashFunction* h) : - SALT_SIZE(h->output_length()), hash(h) - { - } - -/* -* EMSA4 Constructor -*/ -EMSA4::EMSA4(HashFunction* h, size_t salt_size) : - SALT_SIZE(salt_size), hash(h) +PSSR::PSSR(HashFunction* h, size_t salt_size) : + SALT_SIZE(salt_size ? salt_size : h->output_length()), hash(h) { } diff --git a/src/lib/pk_pad/emsa4/emsa4.h b/src/lib/pk_pad/emsa_pssr/pssr.h index 5202ccbb5..19f490607 100644 --- a/src/lib/pk_pad/emsa4/emsa4.h +++ b/src/lib/pk_pad/emsa_pssr/pssr.h @@ -1,12 +1,12 @@ /* -* EMSA4 +* PSSR * (C) 1999-2007 Jack Lloyd * * Distributed under the terms of the Botan license */ -#ifndef BOTAN_EMSA4_H__ -#define BOTAN_EMSA4_H__ +#ifndef BOTAN_PSSR_H__ +#define BOTAN_PSSR_H__ #include <botan/emsa.h> #include <botan/hash.h> @@ -15,21 +15,18 @@ namespace Botan { /** -* EMSA4 aka PSS-R +* PSSR (called EMSA4 in IEEE 1363 and in old versions of the library) */ -class BOTAN_DLL EMSA4 : public EMSA +class BOTAN_DLL PSSR : public EMSA { public: - /** - * @param hash the hash object to use - */ - EMSA4(HashFunction* hash); /** * @param hash the hash object to use * @param salt_size the size of the salt to use in bytes + * or zero to use the default */ - EMSA4(HashFunction* hash, size_t salt_size); + PSSR(HashFunction* hash, size_t salt_size = 0); private: void update(const byte input[], size_t length); diff --git a/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.cpp b/src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.cpp index 9096edfbf..9096edfbf 100644 --- a/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.cpp +++ b/src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.cpp diff --git a/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.h b/src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.h index 1b90f48df..1b90f48df 100644 --- a/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.h +++ b/src/lib/pk_pad/emsa_raw_bsi/emsa1_bsi.h diff --git a/src/lib/pk_pad/emsa1_bsi/info.txt b/src/lib/pk_pad/emsa_raw_bsi/info.txt index 021c99720..021c99720 100644 --- a/src/lib/pk_pad/emsa1_bsi/info.txt +++ b/src/lib/pk_pad/emsa_raw_bsi/info.txt diff --git a/src/lib/pk_pad/emsa_x931/emsa_x931.cpp b/src/lib/pk_pad/emsa_x931/emsa_x931.cpp new file mode 100644 index 000000000..20571fe61 --- /dev/null +++ b/src/lib/pk_pad/emsa_x931/emsa_x931.cpp @@ -0,0 +1,96 @@ +/* +* EMSA_X931 +* (C) 1999-2007 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#include <botan/emsa_x931.h> +#include <botan/hash_id.h> + +namespace Botan { + +namespace { + +secure_vector<byte> emsa2_encoding(const secure_vector<byte>& msg, + size_t output_bits, + const secure_vector<byte>& empty_hash, + byte hash_id) + { + const size_t HASH_SIZE = empty_hash.size(); + + size_t output_length = (output_bits + 1) / 8; + + if(msg.size() != HASH_SIZE) + throw Encoding_Error("EMSA_X931::encoding_of: Bad input length"); + if(output_length < HASH_SIZE + 4) + throw Encoding_Error("EMSA_X931::encoding_of: Output length is too small"); + + const bool empty_input = (msg == empty_hash); + + secure_vector<byte> output(output_length); + + output[0] = (empty_input ? 0x4B : 0x6B); + output[output_length - 3 - HASH_SIZE] = 0xBA; + set_mem(&output[1], output_length - 4 - HASH_SIZE, 0xBB); + buffer_insert(output, output_length - (HASH_SIZE + 2), &msg[0], msg.size()); + output[output_length-2] = hash_id; + output[output_length-1] = 0xCC; + + return output; + } + +} + +void EMSA_X931::update(const byte input[], size_t length) + { + m_hash->update(input, length); + } + +secure_vector<byte> EMSA_X931::raw_data() + { + return m_hash->final(); + } + +/* +* EMSA_X931 Encode Operation +*/ +secure_vector<byte> EMSA_X931::encoding_of(const secure_vector<byte>& msg, + size_t output_bits, + RandomNumberGenerator&) + { + return emsa2_encoding(msg, output_bits, m_empty_hash, m_hash_id); + } + +/* +* EMSA_X931 Verify Operation +*/ +bool EMSA_X931::verify(const secure_vector<byte>& coded, + const secure_vector<byte>& raw, + size_t key_bits) + { + try + { + return (coded == emsa2_encoding(raw, key_bits, + m_empty_hash, m_hash_id)); + } + catch(...) + { + return false; + } + } + +/* +* EMSA_X931 Constructor +*/ +EMSA_X931::EMSA_X931(HashFunction* hash) : m_hash(hash) + { + m_empty_hash = m_hash->final(); + + m_hash_id = ieee1363_hash_id(hash->name()); + + if(!m_hash_id) + throw Encoding_Error("EMSA_X931 no hash identifier for " + hash->name()); + } + +} diff --git a/src/lib/pk_pad/emsa2/emsa2.h b/src/lib/pk_pad/emsa_x931/emsa_x931.h index fb0cecb21..1436f27eb 100644 --- a/src/lib/pk_pad/emsa2/emsa2.h +++ b/src/lib/pk_pad/emsa_x931/emsa_x931.h @@ -1,30 +1,31 @@ /* -* EMSA2 +* X9.31 EMSA * (C) 1999-2007 Jack Lloyd * * Distributed under the terms of the Botan license */ -#ifndef BOTAN_EMSA2_H__ -#define BOTAN_EMSA2_H__ +#ifndef BOTAN_EMSA_X931_H__ +#define BOTAN_EMSA_X931_H__ #include <botan/emsa.h> #include <botan/hash.h> +#include <memory> namespace Botan { /** -* EMSA2 from IEEE 1363 -* Useful for Rabin-Williams +* EMSA from X9.31 (EMSA2 in IEEE 1363) +* Useful for Rabin-Williams, also sometimes used with RSA in +* odd protocols. */ -class BOTAN_DLL EMSA2 : public EMSA +class BOTAN_DLL EMSA_X931 : public EMSA { public: /** * @param hash the hash object to use */ - EMSA2(HashFunction* hash); - ~EMSA2() { delete hash; } + EMSA_X931(HashFunction* hash); private: void update(const byte[], size_t); secure_vector<byte> raw_data(); @@ -35,9 +36,9 @@ class BOTAN_DLL EMSA2 : public EMSA bool verify(const secure_vector<byte>&, const secure_vector<byte>&, size_t); - secure_vector<byte> empty_hash; - HashFunction* hash; - byte hash_id; + secure_vector<byte> m_empty_hash; + std::unique_ptr<HashFunction> m_hash; + byte m_hash_id; }; } diff --git a/src/lib/pk_pad/emsa2/info.txt b/src/lib/pk_pad/emsa_x931/info.txt index 0c9bd2289..57ff1d2b3 100644 --- a/src/lib/pk_pad/emsa2/info.txt +++ b/src/lib/pk_pad/emsa_x931/info.txt @@ -1,4 +1,4 @@ -define EMSA2 20131128 +define EMSA_X931 20140118 <requires> hash diff --git a/src/lib/pk_pad/get_pk_pad.cpp b/src/lib/pk_pad/get_pk_pad.cpp index 2809f1714..5b4052cde 100644 --- a/src/lib/pk_pad/get_pk_pad.cpp +++ b/src/lib/pk_pad/get_pk_pad.cpp @@ -18,24 +18,24 @@ #include <botan/emsa1_bsi.h> #endif -#if defined(BOTAN_HAS_EMSA2) - #include <botan/emsa2.h> +#if defined(BOTAN_HAS_EMSA_X931) + #include <botan/emsa_x931.h> #endif -#if defined(BOTAN_HAS_EMSA3) - #include <botan/emsa3.h> +#if defined(BOTAN_HAS_EMSA_PKCS1) + #include <botan/emsa_pkcs1.h> #endif -#if defined(BOTAN_HAS_EMSA4) - #include <botan/emsa4.h> +#if defined(BOTAN_HAS_EMSA_PSSR) + #include <botan/pssr.h> #endif #if defined(BOTAN_HAS_EMSA_RAW) #include <botan/emsa_raw.h> #endif -#if defined(BOTAN_HAS_EME1) - #include <botan/eme1.h> +#if defined(BOTAN_HAS_EME_OAEP) + #include <botan/oaep.h> #endif #if defined(BOTAN_HAS_EME_PKCS1v15) @@ -72,33 +72,33 @@ EMSA* get_emsa(const std::string& algo_spec) return new EMSA1_BSI(af.make_hash_function(request.arg(0))); #endif -#if defined(BOTAN_HAS_EMSA2) - if(request.algo_name() == "EMSA2" && request.arg_count() == 1) - return new EMSA2(af.make_hash_function(request.arg(0))); +#if defined(BOTAN_HAS_EMSA_X931) + if(request.algo_name() == "EMSA_X931" && request.arg_count() == 1) + return new EMSA_X931(af.make_hash_function(request.arg(0))); #endif -#if defined(BOTAN_HAS_EMSA3) - if(request.algo_name() == "EMSA3" && request.arg_count() == 1) +#if defined(BOTAN_HAS_EMSA_PKCS1) + if(request.algo_name() == "EMSA_PKCS1" && request.arg_count() == 1) { if(request.arg(0) == "Raw") - return new EMSA3_Raw; - return new EMSA3(af.make_hash_function(request.arg(0))); + return new EMSA_PKCS1v15_Raw; + return new EMSA_PKCS1v15(af.make_hash_function(request.arg(0))); } #endif -#if defined(BOTAN_HAS_EMSA4) - if(request.algo_name() == "EMSA4" && request.arg_count_between(1, 3)) +#if defined(BOTAN_HAS_EMSA_PSSR) + if(request.algo_name() == "PSSR" && request.arg_count_between(1, 3)) { // 3 args: Hash, MGF, salt size (MGF is hardcoded MGF1 in Botan) if(request.arg_count() == 1) - return new EMSA4(af.make_hash_function(request.arg(0))); + return new PSSR(af.make_hash_function(request.arg(0))); if(request.arg_count() == 2 && request.arg(1) != "MGF1") - return new EMSA4(af.make_hash_function(request.arg(0))); + return new PSSR(af.make_hash_function(request.arg(0))); if(request.arg_count() == 3) - return new EMSA4(af.make_hash_function(request.arg(0)), - request.arg_as_integer(2, 0)); + return new PSSR(af.make_hash_function(request.arg(0)), + request.arg_as_integer(2, 0)); } #endif @@ -120,15 +120,15 @@ EME* get_eme(const std::string& algo_spec) return new EME_PKCS1v15; #endif -#if defined(BOTAN_HAS_EME1) +#if defined(BOTAN_HAS_EME_OAEP) Algorithm_Factory& af = global_state().algorithm_factory(); - if(request.algo_name() == "EME1" && request.arg_count_between(1, 2)) + if(request.algo_name() == "OAEP" && request.arg_count_between(1, 2)) { if(request.arg_count() == 1 || (request.arg_count() == 2 && request.arg(1) == "MGF1")) { - return new EME1(af.make_hash_function(request.arg(0))); + return new OAEP(af.make_hash_function(request.arg(0))); } } #endif diff --git a/src/lib/tls/info.txt b/src/lib/tls/info.txt index 5a5601df5..b3d9066b6 100644 --- a/src/lib/tls/info.txt +++ b/src/lib/tls/info.txt @@ -74,8 +74,8 @@ cryptobox_psk dh ecdh ecdsa -eme_pkcs -emsa3 +eme_pkcs1 +emsa_pkcs1 gcm hmac kdf2 |