diff options
Diffstat (limited to 'src/lib/pk_pad/emsa_pkcs1')
-rw-r--r-- | src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp | 116 | ||||
-rw-r--r-- | src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h | 67 | ||||
-rw-r--r-- | src/lib/pk_pad/emsa_pkcs1/info.txt | 6 |
3 files changed, 189 insertions, 0 deletions
diff --git a/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp new file mode 100644 index 000000000..3ba236784 --- /dev/null +++ b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp @@ -0,0 +1,116 @@ +/* +* PKCS #1 v1.5 signature padding +* (C) 1999-2008 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#include <botan/emsa_pkcs1.h> +#include <botan/hash_id.h> + +namespace Botan { + +namespace { + +secure_vector<byte> emsa3_encoding(const secure_vector<byte>& msg, + size_t output_bits, + const byte hash_id[], + size_t hash_id_length) + { + size_t output_length = output_bits / 8; + if(output_length < hash_id_length + msg.size() + 10) + throw Encoding_Error("emsa3_encoding: Output length is too small"); + + secure_vector<byte> T(output_length); + const size_t P_LENGTH = output_length - msg.size() - hash_id_length - 2; + + T[0] = 0x01; + set_mem(&T[1], P_LENGTH, 0xFF); + T[P_LENGTH+1] = 0x00; + buffer_insert(T, P_LENGTH+2, hash_id, hash_id_length); + buffer_insert(T, output_length-msg.size(), &msg[0], msg.size()); + return T; + } + +} + +void EMSA_PKCS1v15::update(const byte input[], size_t length) + { + m_hash->update(input, length); + } + +secure_vector<byte> EMSA_PKCS1v15::raw_data() + { + return m_hash->final(); + } + +secure_vector<byte> +EMSA_PKCS1v15::encoding_of(const secure_vector<byte>& msg, + size_t output_bits, + RandomNumberGenerator&) + { + if(msg.size() != m_hash->output_length()) + throw Encoding_Error("EMSA_PKCS1v15::encoding_of: Bad input length"); + + return emsa3_encoding(msg, output_bits, + &m_hash_id[0], m_hash_id.size()); + } + +bool EMSA_PKCS1v15::verify(const secure_vector<byte>& coded, + const secure_vector<byte>& raw, + size_t key_bits) + { + if(raw.size() != m_hash->output_length()) + return false; + + try + { + return (coded == emsa3_encoding(raw, key_bits, + &m_hash_id[0], m_hash_id.size())); + } + catch(...) + { + return false; + } + } + +EMSA_PKCS1v15::EMSA_PKCS1v15(HashFunction* hash) : m_hash(hash) + { + m_hash_id = pkcs_hash_id(m_hash->name()); + } + +void EMSA_PKCS1v15_Raw::update(const byte input[], size_t length) + { + message += std::make_pair(input, length); + } + +secure_vector<byte> EMSA_PKCS1v15_Raw::raw_data() + { + secure_vector<byte> ret; + std::swap(ret, message); + return ret; + } + +secure_vector<byte> +EMSA_PKCS1v15_Raw::encoding_of(const secure_vector<byte>& msg, + size_t output_bits, + RandomNumberGenerator&) + { + return emsa3_encoding(msg, output_bits, nullptr, 0); + } + +bool EMSA_PKCS1v15_Raw::verify(const secure_vector<byte>& coded, + const secure_vector<byte>& raw, + size_t key_bits) + { + try + { + return (coded == emsa3_encoding(raw, key_bits, nullptr, 0)); + } + catch(...) + { + return false; + } + } + +} diff --git a/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h new file mode 100644 index 000000000..5c7b38c0c --- /dev/null +++ b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h @@ -0,0 +1,67 @@ +/* +* PKCS #1 v1.5 signature padding +* (C) 1999-2008 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#ifndef BOTAN_EMSA_PKCS1_H__ +#define BOTAN_EMSA_PKCS1_H__ + +#include <botan/emsa.h> +#include <botan/hash.h> + +namespace Botan { + +/** +* PKCS #1 v1.5 signature padding +* aka PKCS #1 block type 1 +* aka EMSA3 from IEEE 1363 +*/ +class BOTAN_DLL EMSA_PKCS1v15 : public EMSA + { + public: + /** + * @param hash the hash object to use + */ + EMSA_PKCS1v15(HashFunction* hash); + + void update(const byte[], size_t); + + secure_vector<byte> raw_data(); + + secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t, + RandomNumberGenerator& rng); + + bool verify(const secure_vector<byte>&, const secure_vector<byte>&, + size_t); + private: + std::unique_ptr<HashFunction> m_hash; + std::vector<byte> m_hash_id; + }; + +/** +* EMSA_PKCS1v15_Raw which is EMSA_PKCS1v15 without a hash or digest id +* (which according to QCA docs is "identical to PKCS#11's CKM_RSA_PKCS +* mechanism", something I have not confirmed) +*/ +class BOTAN_DLL EMSA_PKCS1v15_Raw : public EMSA + { + public: + void update(const byte[], size_t); + + secure_vector<byte> raw_data(); + + secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t, + RandomNumberGenerator& rng); + + bool verify(const secure_vector<byte>&, const secure_vector<byte>&, + size_t); + + private: + secure_vector<byte> message; + }; + +} + +#endif diff --git a/src/lib/pk_pad/emsa_pkcs1/info.txt b/src/lib/pk_pad/emsa_pkcs1/info.txt new file mode 100644 index 000000000..f497b45e3 --- /dev/null +++ b/src/lib/pk_pad/emsa_pkcs1/info.txt @@ -0,0 +1,6 @@ +define EMSA_PKCS1 20140118 + +<requires> +hash +hash_id +</requires> |