aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/pubkey')
-rw-r--r--src/lib/pubkey/blinding.cpp40
-rw-r--r--src/lib/pubkey/blinding.h16
-rw-r--r--src/lib/pubkey/dl_group/dl_group.cpp4
-rw-r--r--src/lib/pubkey/elgamal/elgamal.cpp15
-rw-r--r--src/lib/pubkey/pubkey.cpp36
-rw-r--r--src/lib/pubkey/pubkey.h68
-rw-r--r--src/lib/pubkey/x509_key.h2
7 files changed, 113 insertions, 68 deletions
diff --git a/src/lib/pubkey/blinding.cpp b/src/lib/pubkey/blinding.cpp
index cd2b3d118..da9def797 100644
--- a/src/lib/pubkey/blinding.cpp
+++ b/src/lib/pubkey/blinding.cpp
@@ -1,6 +1,6 @@
/*
* Blinding for public key operations
-* (C) 1999-2010 Jack Lloyd
+* (C) 1999-2010,2015 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -16,24 +16,28 @@
namespace Botan {
-// TODO: use Montgomery
-
Blinder::Blinder(const BigInt& modulus,
- std::function<BigInt (const BigInt&)> fwd_func,
- std::function<BigInt (const BigInt&)> inv_func)
+ std::function<BigInt (const BigInt&)> fwd,
+ std::function<BigInt (const BigInt&)> inv) :
+ m_fwd_fn(fwd), m_inv_fn(inv)
{
m_reducer = Modular_Reducer(modulus);
+ m_modulus_bits = modulus.bits();
#if defined(BOTAN_HAS_SYSTEM_RNG)
- auto& rng = system_rng();
+ m_rng.reset(new System_RNG);
#else
- AutoSeeded_RNG rng;
+ m_rng.reset(new AutoSeeded_RNG);
#endif
- const BigInt k(rng, modulus.bits() - 1);
+ const BigInt k = blinding_nonce();
+ m_e = m_fwd_fn(k);
+ m_d = m_inv_fn(k);
+ }
- m_e = fwd_func(k);
- m_d = inv_func(k);
+BigInt Blinder::blinding_nonce() const
+ {
+ return BigInt(*m_rng, m_modulus_bits - 1);
}
BigInt Blinder::blind(const BigInt& i) const
@@ -41,8 +45,20 @@ BigInt Blinder::blind(const BigInt& i) const
if(!m_reducer.initialized())
throw std::runtime_error("Blinder not initialized, cannot blind");
- m_e = m_reducer.square(m_e);
- m_d = m_reducer.square(m_d);
+ ++m_counter;
+
+ if(BOTAN_BLINDING_REINIT_INTERVAL > 0 && (m_counter % BOTAN_BLINDING_REINIT_INTERVAL == 0))
+ {
+ const BigInt k = blinding_nonce();
+ m_e = m_fwd_fn(k);
+ m_d = m_inv_fn(k);
+ }
+ else
+ {
+ m_e = m_reducer.square(m_e);
+ m_d = m_reducer.square(m_d);
+ }
+
return m_reducer.multiply(i, m_e);
}
diff --git a/src/lib/pubkey/blinding.h b/src/lib/pubkey/blinding.h
index e57c7888e..c1999feb7 100644
--- a/src/lib/pubkey/blinding.h
+++ b/src/lib/pubkey/blinding.h
@@ -1,6 +1,6 @@
/*
* Blinding for public key operations
-* (C) 1999-2010 Jack Lloyd
+* (C) 1999-2010,2015 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -14,6 +14,8 @@
namespace Botan {
+class RandomNumberGenerator;
+
/**
* Blinding Function Object
*/
@@ -32,9 +34,21 @@ class BOTAN_DLL Blinder
std::function<BigInt (const BigInt&)> fwd_func,
std::function<BigInt (const BigInt&)> inv_func);
+ Blinder(const Blinder&) = delete;
+
+ Blinder& operator=(const Blinder&) = delete;
+
private:
+ BigInt blinding_nonce() const;
+
Modular_Reducer m_reducer;
+ std::unique_ptr<RandomNumberGenerator> m_rng;
+ std::function<BigInt (const BigInt&)> m_fwd_fn;
+ std::function<BigInt (const BigInt&)> m_inv_fn;
+ size_t m_modulus_bits = 0;
+
mutable BigInt m_e, m_d;
+ mutable size_t m_counter = 0;
};
}
diff --git a/src/lib/pubkey/dl_group/dl_group.cpp b/src/lib/pubkey/dl_group/dl_group.cpp
index c519dcb99..fbaa67eaa 100644
--- a/src/lib/pubkey/dl_group/dl_group.cpp
+++ b/src/lib/pubkey/dl_group/dl_group.cpp
@@ -1,6 +1,6 @@
/*
* Discrete Logarithm Parameters
-* (C) 1999-2008 Jack Lloyd
+* (C) 1999-2008,2015 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -42,7 +42,7 @@ DL_Group::DL_Group(const std::string& name)
DL_Group::DL_Group(RandomNumberGenerator& rng,
PrimeType type, size_t pbits, size_t qbits)
{
- if(pbits < 512)
+ if(pbits < 1024)
throw Invalid_Argument("DL_Group: prime size " + std::to_string(pbits) +
" is too small");
diff --git a/src/lib/pubkey/elgamal/elgamal.cpp b/src/lib/pubkey/elgamal/elgamal.cpp
index 4d0344610..5bcdd5689 100644
--- a/src/lib/pubkey/elgamal/elgamal.cpp
+++ b/src/lib/pubkey/elgamal/elgamal.cpp
@@ -145,16 +145,13 @@ class ElGamal_Decryption_Operation : public PK_Ops::Decryption_with_EME
ElGamal_Decryption_Operation::ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key,
const std::string& eme) :
- PK_Ops::Decryption_with_EME(eme)
+ PK_Ops::Decryption_with_EME(eme),
+ powermod_x_p(Fixed_Exponent_Power_Mod(key.get_x(), key.group_p())),
+ mod_p(Modular_Reducer(key.group_p())),
+ blinder(key.group_p(),
+ [](const BigInt& k) { return k; },
+ [this](const BigInt& k) { return powermod_x_p(k); })
{
- const BigInt& p = key.group_p();
-
- powermod_x_p = Fixed_Exponent_Power_Mod(key.get_x(), p);
- mod_p = Modular_Reducer(p);
-
- blinder = Blinder(p,
- [](const BigInt& k) { return k; },
- [this](const BigInt& k) { return powermod_x_p(k); });
}
secure_vector<byte>
diff --git a/src/lib/pubkey/pubkey.cpp b/src/lib/pubkey/pubkey.cpp
index 74b6a2053..b9923f54b 100644
--- a/src/lib/pubkey/pubkey.cpp
+++ b/src/lib/pubkey/pubkey.cpp
@@ -15,19 +15,26 @@ namespace Botan {
namespace {
template<typename T, typename Key>
-T* get_pk_op(const std::string& what, const Key& key, const std::string& pad)
+T* get_pk_op(const std::string& what, const Key& key, const std::string& pad,
+ const std::string& provider = "")
{
- T* p = Algo_Registry<T>::global_registry().make(typename T::Spec(key, pad));
- if(!p)
- throw Lookup_Error(what + " with " + key.algo_name() + "/" + pad + " not supported");
- return p;
+ if(T* p = Algo_Registry<T>::global_registry().make(typename T::Spec(key, pad), provider))
+ return p;
+
+ const std::string err = what + " with " + key.algo_name() + "/" + pad + " not supported";
+ if(provider != "")
+ throw Lookup_Error(err + " with provider " + provider);
+ else
+ throw Lookup_Error(err);
}
}
-PK_Encryptor_EME::PK_Encryptor_EME(const Public_Key& key, const std::string& eme)
+PK_Encryptor_EME::PK_Encryptor_EME(const Public_Key& key,
+ const std::string& padding,
+ const std::string& provider)
{
- m_op.reset(get_pk_op<PK_Ops::Encryption>("Encryption", key, eme));
+ m_op.reset(get_pk_op<PK_Ops::Encryption>("Encryption", key, padding, provider));
}
std::vector<byte>
@@ -41,9 +48,10 @@ size_t PK_Encryptor_EME::maximum_input_size() const
return m_op->max_input_bits() / 8;
}
-PK_Decryptor_EME::PK_Decryptor_EME(const Private_Key& key, const std::string& eme)
+PK_Decryptor_EME::PK_Decryptor_EME(const Private_Key& key, const std::string& padding,
+ const std::string& provider)
{
- m_op.reset(get_pk_op<PK_Ops::Decryption>("Decryption", key, eme));
+ m_op.reset(get_pk_op<PK_Ops::Decryption>("Decryption", key, padding, provider));
}
secure_vector<byte> PK_Decryptor_EME::dec(const byte msg[], size_t length) const
@@ -108,9 +116,10 @@ std::vector<byte> der_decode_signature(const byte sig[], size_t len,
PK_Signer::PK_Signer(const Private_Key& key,
const std::string& emsa,
- Signature_Format format)
+ Signature_Format format,
+ const std::string& provider)
{
- m_op.reset(get_pk_op<PK_Ops::Signature>("Signing", key, emsa));
+ m_op.reset(get_pk_op<PK_Ops::Signature>("Signing", key, emsa, provider));
m_sig_format = format;
}
@@ -135,9 +144,10 @@ std::vector<byte> PK_Signer::signature(RandomNumberGenerator& rng)
PK_Verifier::PK_Verifier(const Public_Key& key,
const std::string& emsa_name,
- Signature_Format format)
+ Signature_Format format,
+ const std::string& provider)
{
- m_op.reset(get_pk_op<PK_Ops::Verification>("Verification", key, emsa_name));
+ m_op.reset(get_pk_op<PK_Ops::Verification>("Verification", key, emsa_name, provider));
m_sig_format = format;
}
diff --git a/src/lib/pubkey/pubkey.h b/src/lib/pubkey/pubkey.h
index 687485c68..67116a9ec 100644
--- a/src/lib/pubkey/pubkey.h
+++ b/src/lib/pubkey/pubkey.h
@@ -120,6 +120,19 @@ class BOTAN_DLL PK_Decryptor
class BOTAN_DLL PK_Signer
{
public:
+
+ /**
+ * Construct a PK Signer.
+ * @param key the key to use inside this signer
+ * @param emsa the EMSA to use
+ * An example would be "EMSA1(SHA-224)".
+ * @param format the signature format to use
+ */
+ PK_Signer(const Private_Key& key,
+ const std::string& emsa,
+ Signature_Format format = IEEE_1363,
+ const std::string& provider = "");
+
/**
* Sign a message.
* @param in the message to sign as a byte array
@@ -180,17 +193,6 @@ class BOTAN_DLL PK_Signer
* @param format the signature format to use
*/
void set_output_format(Signature_Format format) { m_sig_format = format; }
-
- /**
- * Construct a PK Signer.
- * @param key the key to use inside this signer
- * @param emsa the EMSA to use
- * An example would be "EMSA1(SHA-224)".
- * @param format the signature format to use
- */
- PK_Signer(const Private_Key& key,
- const std::string& emsa,
- Signature_Format format = IEEE_1363);
private:
std::unique_ptr<PK_Ops::Signature> m_op;
Signature_Format m_sig_format;
@@ -205,6 +207,17 @@ class BOTAN_DLL PK_Verifier
{
public:
/**
+ * Construct a PK Verifier.
+ * @param pub_key the public key to verify against
+ * @param emsa the EMSA to use (eg "EMSA3(SHA-1)")
+ * @param format the signature format to use
+ */
+ PK_Verifier(const Public_Key& pub_key,
+ const std::string& emsa,
+ Signature_Format format = IEEE_1363,
+ const std::string& provider = "");
+
+ /**
* Verify a signature.
* @param msg the message that the signature belongs to, as a byte array
* @param msg_length the length of the above byte array msg
@@ -278,15 +291,6 @@ class BOTAN_DLL PK_Verifier
*/
void set_input_format(Signature_Format format);
- /**
- * Construct a PK Verifier.
- * @param pub_key the public key to verify against
- * @param emsa the EMSA to use (eg "EMSA3(SHA-1)")
- * @param format the signature format to use
- */
- PK_Verifier(const Public_Key& pub_key,
- const std::string& emsa,
- Signature_Format format = IEEE_1363);
private:
std::unique_ptr<PK_Ops::Verification> m_op;
Signature_Format m_sig_format;
@@ -299,6 +303,13 @@ class BOTAN_DLL PK_Key_Agreement
{
public:
+ /**
+ * Construct a PK Key Agreement.
+ * @param key the key to use
+ * @param kdf name of the KDF to use (or 'Raw' for no KDF)
+ */
+ PK_Key_Agreement(const Private_Key& key, const std::string& kdf);
+
/*
* Perform Key Agreement Operation
* @param key_len the desired key output size
@@ -361,18 +372,13 @@ class BOTAN_DLL PK_Key_Agreement
params.length());
}
- /**
- * Construct a PK Key Agreement.
- * @param key the key to use
- * @param kdf name of the KDF to use (or 'Raw' for no KDF)
- */
- PK_Key_Agreement(const Private_Key& key, const std::string& kdf);
private:
std::unique_ptr<PK_Ops::Key_Agreement> m_op;
};
/**
-* Encryption with an MR algorithm and an EME.
+* Encryption using a standard message recovery algorithm like RSA or
+* ElGamal, paired with an encoding scheme like OAEP.
*/
class BOTAN_DLL PK_Encryptor_EME : public PK_Encryptor
{
@@ -382,10 +388,11 @@ class BOTAN_DLL PK_Encryptor_EME : public PK_Encryptor
/**
* Construct an instance.
* @param key the key to use inside the decryptor
- * @param eme the EME to use
+ * @param padding the message encoding scheme to use (eg "OAEP(SHA-256)")
*/
PK_Encryptor_EME(const Public_Key& key,
- const std::string& eme);
+ const std::string& padding,
+ const std::string& provider = "");
private:
std::vector<byte> enc(const byte[], size_t,
RandomNumberGenerator& rng) const override;
@@ -405,7 +412,8 @@ class BOTAN_DLL PK_Decryptor_EME : public PK_Decryptor
* @param eme the EME to use
*/
PK_Decryptor_EME(const Private_Key& key,
- const std::string& eme);
+ const std::string& eme,
+ const std::string& provider = "");
private:
secure_vector<byte> dec(const byte[], size_t) const override;
diff --git a/src/lib/pubkey/x509_key.h b/src/lib/pubkey/x509_key.h
index 1bfa248ff..cbb0412d2 100644
--- a/src/lib/pubkey/x509_key.h
+++ b/src/lib/pubkey/x509_key.h
@@ -10,7 +10,7 @@
#include <botan/pk_keys.h>
#include <botan/alg_id.h>
-#include <botan/pipe.h>
+#include <botan/data_src.h>
#include <string>
namespace Botan {
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-20 19:20:52 +0000