aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/pubkey')
-rw-r--r--src/lib/pubkey/nr/info.txt8
-rw-r--r--src/lib/pubkey/nr/nr.cpp192
-rw-r--r--src/lib/pubkey/nr/nr.h57
-rw-r--r--src/lib/pubkey/pk_algs.cpp28
-rw-r--r--src/lib/pubkey/rw/info.txt7
-rw-r--r--src/lib/pubkey/rw/rw.cpp182
-rw-r--r--src/lib/pubkey/rw/rw.h61
7 files changed, 0 insertions, 535 deletions
diff --git a/src/lib/pubkey/nr/info.txt b/src/lib/pubkey/nr/info.txt
deleted file mode 100644
index 78ca6ef29..000000000
--- a/src/lib/pubkey/nr/info.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-define NYBERG_RUEPPEL 20131128
-
-<requires>
-dl_algo
-dl_group
-keypair
-numbertheory
-</requires>
diff --git a/src/lib/pubkey/nr/nr.cpp b/src/lib/pubkey/nr/nr.cpp
deleted file mode 100644
index 5e2cb1be5..000000000
--- a/src/lib/pubkey/nr/nr.cpp
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
-* Nyberg-Rueppel
-* (C) 1999-2010 Jack Lloyd
-*
-* Botan is released under the Simplified BSD License (see license.txt)
-*/
-
-#include <botan/internal/pk_utils.h>
-#include <botan/nr.h>
-#include <botan/keypair.h>
-#include <botan/reducer.h>
-#include <future>
-
-namespace Botan {
-
-NR_PublicKey::NR_PublicKey(const AlgorithmIdentifier& alg_id,
- const secure_vector<byte>& key_bits) :
- DL_Scheme_PublicKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
- {
- }
-
-/*
-* NR_PublicKey Constructor
-*/
-NR_PublicKey::NR_PublicKey(const DL_Group& grp, const BigInt& y1)
- {
- m_group = grp;
- m_y = y1;
- }
-
-/*
-* Create a NR private key
-*/
-NR_PrivateKey::NR_PrivateKey(RandomNumberGenerator& rng,
- const DL_Group& grp,
- const BigInt& x_arg)
- {
- m_group = grp;
- m_x = x_arg;
-
- if(m_x == 0)
- m_x = BigInt::random_integer(rng, 2, group_q() - 1);
-
- m_y = power_mod(group_g(), m_x, group_p());
-
- if(x_arg == 0)
- gen_check(rng);
- else
- load_check(rng);
- }
-
-NR_PrivateKey::NR_PrivateKey(const AlgorithmIdentifier& alg_id,
- const secure_vector<byte>& key_bits,
- RandomNumberGenerator& rng) :
- DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
- {
- m_y = power_mod(group_g(), m_x, group_p());
-
- load_check(rng);
- }
-
-/*
-* Check Private Nyberg-Rueppel Parameters
-*/
-bool NR_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
- {
- if(!DL_Scheme_PrivateKey::check_key(rng, strong) || m_x >= group_q())
- return false;
-
- if(!strong)
- return true;
-
- return KeyPair::signature_consistency_check(rng, *this, "EMSA1(SHA-1)");
- }
-
-namespace {
-
-/**
-* Nyberg-Rueppel signature operation
-*/
-class NR_Signature_Operation : public PK_Ops::Signature_with_EMSA
- {
- public:
- typedef NR_PrivateKey Key_Type;
- NR_Signature_Operation(const NR_PrivateKey& nr, const std::string& emsa) :
- PK_Ops::Signature_with_EMSA(emsa),
- m_q(nr.group_q()),
- m_x(nr.get_x()),
- m_powermod_g_p(nr.group_g(), nr.group_p()),
- m_mod_q(nr.group_q())
- {
- }
-
- size_t message_parts() const override { return 2; }
- size_t message_part_size() const override { return m_q.bytes(); }
- size_t max_input_bits() const override { return (m_q.bits() - 1); }
-
- secure_vector<byte> raw_sign(const byte msg[], size_t msg_len,
- RandomNumberGenerator& rng) override;
- private:
- const BigInt& m_q;
- const BigInt& m_x;
- Fixed_Base_Power_Mod m_powermod_g_p;
- Modular_Reducer m_mod_q;
- };
-
-secure_vector<byte>
-NR_Signature_Operation::raw_sign(const byte msg[], size_t msg_len,
- RandomNumberGenerator& rng)
- {
- rng.add_entropy(msg, msg_len);
-
- BigInt f(msg, msg_len);
-
- if(f >= m_q)
- throw Invalid_Argument("NR_Signature_Operation: Input is out of range");
-
- BigInt c, d;
-
- while(c == 0)
- {
- BigInt k;
- do
- k.randomize(rng, m_q.bits());
- while(k >= m_q);
-
- c = m_mod_q.reduce(m_powermod_g_p(k) + f);
- d = m_mod_q.reduce(k - m_x * c);
- }
-
- secure_vector<byte> output(2*m_q.bytes());
- c.binary_encode(&output[output.size() / 2 - c.bytes()]);
- d.binary_encode(&output[output.size() - d.bytes()]);
- return output;
- }
-
-
-/**
-* Nyberg-Rueppel verification operation
-*/
-class NR_Verification_Operation : public PK_Ops::Verification_with_EMSA
- {
- public:
- typedef NR_PublicKey Key_Type;
- NR_Verification_Operation(const NR_PublicKey& nr, const std::string& emsa) :
- PK_Ops::Verification_with_EMSA(emsa),
- m_q(nr.group_q()), m_y(nr.get_y()), m_powermod_g_p{Fixed_Base_Power_Mod(nr.group_g(), nr.group_p())},
- m_powermod_y_p{Fixed_Base_Power_Mod(m_y, nr.group_p())}, m_mod_p{Modular_Reducer(nr.group_p())},
- m_mod_q{Modular_Reducer(nr.group_q())}
- {}
-
- size_t message_parts() const override { return 2; }
- size_t message_part_size() const override { return m_q.bytes(); }
- size_t max_input_bits() const override { return (m_q.bits() - 1); }
-
- bool with_recovery() const override { return true; }
-
- secure_vector<byte> verify_mr(const byte msg[], size_t msg_len) override;
- private:
- const BigInt& m_q;
- const BigInt& m_y;
-
- Fixed_Base_Power_Mod m_powermod_g_p, m_powermod_y_p;
- Modular_Reducer m_mod_p, m_mod_q;
- };
-
-secure_vector<byte>
-NR_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
- {
- const BigInt& q = m_mod_q.get_modulus();
-
- if(msg_len != 2*q.bytes())
- throw Invalid_Argument("NR verification: Invalid signature");
-
- BigInt c(msg, q.bytes());
- BigInt d(msg + q.bytes(), q.bytes());
-
- if(c.is_zero() || c >= q || d >= q)
- throw Invalid_Argument("NR verification: Invalid signature");
-
- auto future_y_c = std::async(std::launch::async, m_powermod_y_p, c);
- BigInt g_d = m_powermod_g_p(d);
-
- BigInt i = m_mod_p.multiply(g_d, future_y_c.get());
- return BigInt::encode_locked(m_mod_q.reduce(c - i));
- }
-}
-
-BOTAN_REGISTER_PK_SIGNATURE_OP("NR", NR_Signature_Operation);
-BOTAN_REGISTER_PK_VERIFY_OP("NR", NR_Verification_Operation);
-
-}
diff --git a/src/lib/pubkey/nr/nr.h b/src/lib/pubkey/nr/nr.h
deleted file mode 100644
index 425ad2642..000000000
--- a/src/lib/pubkey/nr/nr.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
-* Nyberg-Rueppel
-* (C) 1999-2010 Jack Lloyd
-*
-* Botan is released under the Simplified BSD License (see license.txt)
-*/
-
-#ifndef BOTAN_NYBERG_RUEPPEL_H__
-#define BOTAN_NYBERG_RUEPPEL_H__
-
-#include <botan/dl_algo.h>
-
-namespace Botan {
-
-/**
-* Nyberg-Rueppel Public Key
-*/
-class BOTAN_DLL NR_PublicKey : public virtual DL_Scheme_PublicKey
- {
- public:
- std::string algo_name() const override { return "NR"; }
-
- DL_Group::Format group_format() const override { return DL_Group::ANSI_X9_57; }
-
- size_t message_parts() const override { return 2; }
- size_t message_part_size() const override { return group_q().bytes(); }
- size_t max_input_bits() const override { return (group_q().bits() - 1); }
-
- NR_PublicKey(const AlgorithmIdentifier& alg_id,
- const secure_vector<byte>& key_bits);
-
- NR_PublicKey(const DL_Group& group, const BigInt& pub_key);
- protected:
- NR_PublicKey() {}
- };
-
-/**
-* Nyberg-Rueppel Private Key
-*/
-class BOTAN_DLL NR_PrivateKey : public NR_PublicKey,
- public virtual DL_Scheme_PrivateKey
- {
- public:
- bool check_key(RandomNumberGenerator& rng, bool strong) const override;
-
- NR_PrivateKey(const AlgorithmIdentifier& alg_id,
- const secure_vector<byte>& key_bits,
- RandomNumberGenerator& rng);
-
- NR_PrivateKey(RandomNumberGenerator& rng,
- const DL_Group& group,
- const BigInt& x = 0);
- };
-
-}
-
-#endif
diff --git a/src/lib/pubkey/pk_algs.cpp b/src/lib/pubkey/pk_algs.cpp
index 9dbde28af..ac6f4a11f 100644
--- a/src/lib/pubkey/pk_algs.cpp
+++ b/src/lib/pubkey/pk_algs.cpp
@@ -36,14 +36,6 @@
#include <botan/gost_3410.h>
#endif
-#if defined(BOTAN_HAS_NYBERG_RUEPPEL)
- #include <botan/nr.h>
-#endif
-
-#if defined(BOTAN_HAS_RW)
- #include <botan/rw.h>
-#endif
-
#if defined(BOTAN_HAS_ELGAMAL)
#include <botan/elgamal.h>
#endif
@@ -74,11 +66,6 @@ Public_Key* make_public_key(const AlgorithmIdentifier& alg_id,
return new RSA_PublicKey(alg_id, key_bits);
#endif
-#if defined(BOTAN_HAS_RW)
- if(alg_name == "RW")
- return new RW_PublicKey(alg_id, key_bits);
-#endif
-
#if defined(BOTAN_HAS_DSA)
if(alg_name == "DSA")
return new DSA_PublicKey(alg_id, key_bits);
@@ -89,11 +76,6 @@ Public_Key* make_public_key(const AlgorithmIdentifier& alg_id,
return new DH_PublicKey(alg_id, key_bits);
#endif
-#if defined(BOTAN_HAS_NYBERG_RUEPPEL)
- if(alg_name == "NR")
- return new NR_PublicKey(alg_id, key_bits);
-#endif
-
#if defined(BOTAN_HAS_ELGAMAL)
if(alg_name == "ElGamal")
return new ElGamal_PublicKey(alg_id, key_bits);
@@ -150,11 +132,6 @@ Private_Key* make_private_key(const AlgorithmIdentifier& alg_id,
return new RSA_PrivateKey(alg_id, key_bits, rng);
#endif
-#if defined(BOTAN_HAS_RW)
- if(alg_name == "RW")
- return new RW_PrivateKey(alg_id, key_bits, rng);
-#endif
-
#if defined(BOTAN_HAS_DSA)
if(alg_name == "DSA")
return new DSA_PrivateKey(alg_id, key_bits, rng);
@@ -165,11 +142,6 @@ Private_Key* make_private_key(const AlgorithmIdentifier& alg_id,
return new DH_PrivateKey(alg_id, key_bits, rng);
#endif
-#if defined(BOTAN_HAS_NYBERG_RUEPPEL)
- if(alg_name == "NR")
- return new NR_PrivateKey(alg_id, key_bits, rng);
-#endif
-
#if defined(BOTAN_HAS_ELGAMAL)
if(alg_name == "ElGamal")
return new ElGamal_PrivateKey(alg_id, key_bits, rng);
diff --git a/src/lib/pubkey/rw/info.txt b/src/lib/pubkey/rw/info.txt
deleted file mode 100644
index 7cf1d1780..000000000
--- a/src/lib/pubkey/rw/info.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-define RW 20131128
-
-<requires>
-if_algo
-keypair
-numbertheory
-</requires>
diff --git a/src/lib/pubkey/rw/rw.cpp b/src/lib/pubkey/rw/rw.cpp
deleted file mode 100644
index bf6b647a1..000000000
--- a/src/lib/pubkey/rw/rw.cpp
+++ /dev/null
@@ -1,182 +0,0 @@
-/*
-* Rabin-Williams
-* (C) 1999-2008 Jack Lloyd
-*
-* Botan is released under the Simplified BSD License (see license.txt)
-*/
-
-#include <botan/internal/pk_utils.h>
-#include <botan/rw.h>
-#include <botan/keypair.h>
-#include <botan/parsing.h>
-#include <botan/reducer.h>
-#include <botan/blinding.h>
-#include <algorithm>
-#include <future>
-
-namespace Botan {
-
-/*
-* Create a Rabin-Williams private key
-*/
-RW_PrivateKey::RW_PrivateKey(RandomNumberGenerator& rng,
- size_t bits, size_t exp)
- {
- if(bits < 1024)
- throw Invalid_Argument(algo_name() + ": Can't make a key that is only " +
- std::to_string(bits) + " bits long");
- if(exp < 2 || exp % 2 == 1)
- throw Invalid_Argument(algo_name() + ": Invalid encryption exponent");
-
- m_e = exp;
-
- do
- {
- m_p = random_prime(rng, (bits + 1) / 2, m_e / 2, 3, 4);
- m_q = random_prime(rng, bits - m_p.bits(), m_e / 2, ((m_p % 8 == 3) ? 7 : 3), 8);
- m_n = m_p * m_q;
- } while(m_n.bits() != bits);
-
- m_d = inverse_mod(m_e, lcm(m_p - 1, m_q - 1) >> 1);
- m_d1 = m_d % (m_p - 1);
- m_d2 = m_d % (m_q - 1);
- m_c = inverse_mod(m_q, m_p);
-
- gen_check(rng);
- }
-
-/*
-* Check Private Rabin-Williams Parameters
-*/
-bool RW_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
- {
- if(!IF_Scheme_PrivateKey::check_key(rng, strong))
- return false;
-
- if(!strong)
- return true;
-
- if((m_e * m_d) % (lcm(m_p - 1, m_q - 1) / 2) != 1)
- return false;
-
- return KeyPair::signature_consistency_check(rng, *this, "EMSA2(SHA-1)");
- }
-
-namespace {
-
-/**
-* Rabin-Williams Signature Operation
-*/
-class RW_Signature_Operation : public PK_Ops::Signature_with_EMSA
- {
- public:
- typedef RW_PrivateKey Key_Type;
-
- RW_Signature_Operation(const RW_PrivateKey& rw,
- const std::string& emsa) :
- PK_Ops::Signature_with_EMSA(emsa),
- m_n(rw.get_n()),
- m_e(rw.get_e()),
- m_q(rw.get_q()),
- m_c(rw.get_c()),
- m_powermod_d1_p(rw.get_d1(), rw.get_p()),
- m_powermod_d2_q(rw.get_d2(), rw.get_q()),
- m_mod_p(rw.get_p()),
- m_blinder(m_n,
- [this](const BigInt& k) { return power_mod(k, m_e, m_n); },
- [this](const BigInt& k) { return inverse_mod(k, m_n); })
- {
- }
-
- size_t max_input_bits() const override { return (m_n.bits() - 1); }
-
- secure_vector<byte> raw_sign(const byte msg[], size_t msg_len,
- RandomNumberGenerator& rng) override;
- private:
- const BigInt& m_n;
- const BigInt& m_e;
- const BigInt& m_q;
- const BigInt& m_c;
-
- Fixed_Exponent_Power_Mod m_powermod_d1_p, m_powermod_d2_q;
- Modular_Reducer m_mod_p;
- Blinder m_blinder;
- };
-
-secure_vector<byte>
-RW_Signature_Operation::raw_sign(const byte msg[], size_t msg_len,
- RandomNumberGenerator&)
- {
- BigInt i(msg, msg_len);
-
- if(i >= m_n || i % 16 != 12)
- throw Invalid_Argument("Rabin-Williams: invalid input");
-
- if(jacobi(i, m_n) != 1)
- i >>= 1;
-
- i = m_blinder.blind(i);
-
- auto future_j1 = std::async(std::launch::async, m_powermod_d1_p, i);
- const BigInt j2 = m_powermod_d2_q(i);
- BigInt j1 = future_j1.get();
-
- j1 = m_mod_p.reduce(sub_mul(j1, j2, m_c));
-
- const BigInt r = m_blinder.unblind(mul_add(j1, m_q, j2));
-
- return BigInt::encode_1363(std::min(r, m_n - r), m_n.bytes());
- }
-
-/**
-* Rabin-Williams Verification Operation
-*/
-class RW_Verification_Operation : public PK_Ops::Verification_with_EMSA
- {
- public:
- typedef RW_PublicKey Key_Type;
-
- RW_Verification_Operation(const RW_PublicKey& rw, const std::string& emsa) :
- PK_Ops::Verification_with_EMSA(emsa),
- m_n(rw.get_n()), m_powermod_e_n(rw.get_e(), rw.get_n())
- {}
-
- size_t max_input_bits() const override { return (m_n.bits() - 1); }
- bool with_recovery() const override { return true; }
-
- secure_vector<byte> verify_mr(const byte msg[], size_t msg_len) override;
-
- private:
- const BigInt& m_n;
- Fixed_Exponent_Power_Mod m_powermod_e_n;
- };
-
-secure_vector<byte>
-RW_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
- {
- BigInt m(msg, msg_len);
-
- if((m > (m_n >> 1)) || m.is_negative())
- throw Invalid_Argument("RW signature verification: m > n / 2 || m < 0");
-
- BigInt r = m_powermod_e_n(m);
- if(r % 16 == 12)
- return BigInt::encode_locked(r);
- if(r % 8 == 6)
- return BigInt::encode_locked(2*r);
-
- r = m_n - r;
- if(r % 16 == 12)
- return BigInt::encode_locked(r);
- if(r % 8 == 6)
- return BigInt::encode_locked(2*r);
-
- throw Invalid_Argument("RW signature verification: Invalid signature");
- }
-
-BOTAN_REGISTER_PK_SIGNATURE_OP("RW", RW_Signature_Operation);
-BOTAN_REGISTER_PK_VERIFY_OP("RW", RW_Verification_Operation);
-
-}
-
-}
diff --git a/src/lib/pubkey/rw/rw.h b/src/lib/pubkey/rw/rw.h
deleted file mode 100644
index 2a010441e..000000000
--- a/src/lib/pubkey/rw/rw.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
-* Rabin-Williams
-* (C) 1999-2007 Jack Lloyd
-*
-* Botan is released under the Simplified BSD License (see license.txt)
-*/
-
-#ifndef BOTAN_RW_H__
-#define BOTAN_RW_H__
-
-#include <botan/if_algo.h>
-
-namespace Botan {
-
-/**
-* Rabin-Williams Public Key
-*/
-class BOTAN_DLL RW_PublicKey : public virtual IF_Scheme_PublicKey
- {
- public:
- std::string algo_name() const override { return "RW"; }
-
- RW_PublicKey(const AlgorithmIdentifier& alg_id,
- const secure_vector<byte>& key_bits) :
- IF_Scheme_PublicKey(alg_id, key_bits)
- {}
-
- RW_PublicKey(const BigInt& mod, const BigInt& exponent) :
- IF_Scheme_PublicKey(mod, exponent)
- {}
-
- protected:
- RW_PublicKey() {}
- };
-
-/**
-* Rabin-Williams Private Key
-*/
-class BOTAN_DLL RW_PrivateKey : public RW_PublicKey,
- public IF_Scheme_PrivateKey
- {
- public:
- RW_PrivateKey(const AlgorithmIdentifier& alg_id,
- const secure_vector<byte>& key_bits,
- RandomNumberGenerator& rng) :
- IF_Scheme_PrivateKey(rng, alg_id, key_bits) {}
-
- RW_PrivateKey(RandomNumberGenerator& rng,
- const BigInt& p, const BigInt& q,
- const BigInt& e, const BigInt& d = 0,
- const BigInt& n = 0) :
- IF_Scheme_PrivateKey(rng, p, q, e, d, n) {}
-
- RW_PrivateKey(RandomNumberGenerator& rng, size_t bits, size_t = 2);
-
- bool check_key(RandomNumberGenerator& rng, bool) const override;
- };
-
-}
-
-#endif