1 files changed, 56 insertions, 2 deletions

diff --git a/src/lib/pubkey/rsa/rsa.cpp b/src/lib/pubkey/rsa/rsa.cpp
index 5804d0034..57fab94c5 100644
--- a/src/lib/pubkey/rsa/rsa.cpp
+++ b/src/lib/pubkey/rsa/rsa.cpp
@@ -1,6 +1,6 @@
 /*
 * RSA
-* (C) 1999-2010 Jack Lloyd
+* (C) 1999-2010,2015 Jack Lloyd
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */
@@ -156,11 +156,34 @@ class RSA_Decryption_Operation : public PK_Ops::Decryption_with_EME,
          const BigInt m(msg, msg_len);
          const BigInt x = blinded_private_op(m);
          const BigInt c = m_powermod_e_n(x);
-         BOTAN_ASSERT(m == c, "RSA sign consistency check");
+         BOTAN_ASSERT(m == c, "RSA decrypt consistency check");
          return BigInt::encode_locked(x);
          }
    };
 
+class RSA_KEM_Decryption_Operation : public PK_Ops::KEM_Decryption_with_KDF,
+                                     private RSA_Private_Operation
+   {
+   public:
+      typedef RSA_PrivateKey Key_Type;
+
+      RSA_KEM_Decryption_Operation(const RSA_PrivateKey& key,
+                                   const std::string& kdf) :
+         PK_Ops::KEM_Decryption_with_KDF(kdf),
+         RSA_Private_Operation(key)
+         {}
+
+      secure_vector<byte>
+      raw_kem_decrypt(const byte encap_key[], size_t len) override
+         {
+         const BigInt m(encap_key, len);
+         const BigInt x = blinded_private_op(m);
+         const BigInt c = m_powermod_e_n(x);
+         BOTAN_ASSERT(m == c, "RSA KEM consistency check");
+         return BigInt::encode_1363(x, n.bytes());
+         }
+   };
+
 /**
 * RSA public (encrypt/verify) operation
 */
@@ -181,6 +204,8 @@ class RSA_Public_Operation
          return powermod_e_n(m);
          }
 
+      const BigInt& get_n() const { return n; }
+
       const BigInt& n;
       Fixed_Exponent_Power_Mod powermod_e_n;
    };
@@ -230,11 +255,40 @@ class RSA_Verify_Operation : public PK_Ops::Verification_with_EMSA,
          }
    };
 
+class RSA_KEM_Encryption_Operation : public PK_Ops::KEM_Encryption_with_KDF,
+                                     private RSA_Public_Operation
+   {
+   public:
+      typedef RSA_PublicKey Key_Type;
+
+      RSA_KEM_Encryption_Operation(const RSA_PublicKey& key,
+                                   const std::string& kdf) :
+         PK_Ops::KEM_Encryption_with_KDF(kdf),
+         RSA_Public_Operation(key) {}
+
+   private:
+      void raw_kem_encrypt(secure_vector<byte>& out_encapsulated_key,
+                           secure_vector<byte>& raw_shared_key,
+                           Botan::RandomNumberGenerator& rng) override
+         {
+         const BigInt r = BigInt::random_integer(rng, 1, get_n());
+         const BigInt c = public_op(r);
+
+         out_encapsulated_key = BigInt::encode_locked(c);
+         raw_shared_key = BigInt::encode_locked(r);
+         }
+   };
+
+
 BOTAN_REGISTER_PK_ENCRYPTION_OP("RSA", RSA_Encryption_Operation);
 BOTAN_REGISTER_PK_DECRYPTION_OP("RSA", RSA_Decryption_Operation);
+
 BOTAN_REGISTER_PK_SIGNATURE_OP("RSA", RSA_Signature_Operation);
 BOTAN_REGISTER_PK_VERIFY_OP("RSA", RSA_Verify_Operation);
 
+BOTAN_REGISTER_PK_KEM_ENCRYPTION_OP("RSA", RSA_KEM_Encryption_Operation);
+BOTAN_REGISTER_PK_KEM_DECRYPTION_OP("RSA", RSA_KEM_Decryption_Operation);
+
 }
 
 }