diff options
Diffstat (limited to 'src/lib/pubkey')
-rw-r--r-- | src/lib/pubkey/ecies/ecies.cpp | 32 | ||||
-rw-r--r-- | src/lib/pubkey/ecies/ecies.h | 14 | ||||
-rw-r--r-- | src/lib/pubkey/info.txt | 5 | ||||
-rw-r--r-- | src/lib/pubkey/mce/mce_internal.h | 2 | ||||
-rw-r--r-- | src/lib/pubkey/pk_keys.cpp | 2 | ||||
-rw-r--r-- | src/lib/pubkey/pk_ops_impl.h | 2 | ||||
-rw-r--r-- | src/lib/pubkey/pubkey.cpp | 29 | ||||
-rw-r--r-- | src/lib/pubkey/pubkey.h | 52 |
8 files changed, 107 insertions, 31 deletions
diff --git a/src/lib/pubkey/ecies/ecies.cpp b/src/lib/pubkey/ecies/ecies.cpp index d2e453bdf..ba7140bd0 100644 --- a/src/lib/pubkey/ecies/ecies.cpp +++ b/src/lib/pubkey/ecies/ecies.cpp @@ -96,8 +96,10 @@ ECIES_PrivateKey::create_key_agreement_op(RandomNumberGenerator& /*rng*/, * @param for_encryption disable cofactor mode if the secret will be used for encryption * (according to ISO 18033 cofactor mode is only used during decryption) */ -PK_Key_Agreement create_key_agreement(const PK_Key_Agreement_Key& private_key, const ECIES_KA_Params& ecies_params, - bool for_encryption) +PK_Key_Agreement create_key_agreement(const PK_Key_Agreement_Key& private_key, + const ECIES_KA_Params& ecies_params, + bool for_encryption, + RandomNumberGenerator& rng) { const ECDH_PrivateKey* ecdh_key = dynamic_cast<const ECDH_PrivateKey*>(&private_key); @@ -114,16 +116,18 @@ PK_Key_Agreement create_key_agreement(const PK_Key_Agreement_Key& private_key, c if(ecdh_key && (for_encryption || !ecies_params.cofactor_mode())) { // ECDH_KA_Operation uses cofactor mode: use own key agreement method if cofactor should not be used. - return PK_Key_Agreement(ECIES_PrivateKey(*ecdh_key), "Raw"); + return PK_Key_Agreement(ECIES_PrivateKey(*ecdh_key), rng, "Raw"); } - return PK_Key_Agreement(private_key, "Raw"); // use default implementation + return PK_Key_Agreement(private_key, rng, "Raw"); // use default implementation } } -ECIES_KA_Operation::ECIES_KA_Operation(const PK_Key_Agreement_Key& private_key, const ECIES_KA_Params& ecies_params, - bool for_encryption) : - m_ka(create_key_agreement(private_key, ecies_params, for_encryption)), +ECIES_KA_Operation::ECIES_KA_Operation(const PK_Key_Agreement_Key& private_key, + const ECIES_KA_Params& ecies_params, + bool for_encryption, + RandomNumberGenerator& rng) : + m_ka(create_key_agreement(private_key, ecies_params, for_encryption, rng)), m_params(ecies_params) { } @@ -240,8 +244,10 @@ std::unique_ptr<Cipher_Mode> ECIES_System_Params::create_cipher(Botan::Cipher_Di /* * ECIES_Encryptor Constructor */ -ECIES_Encryptor::ECIES_Encryptor(const PK_Key_Agreement_Key& private_key, const ECIES_System_Params& ecies_params) : - m_ka(private_key, ecies_params, true), +ECIES_Encryptor::ECIES_Encryptor(const PK_Key_Agreement_Key& private_key, + const ECIES_System_Params& ecies_params, + RandomNumberGenerator& rng) : + m_ka(private_key, ecies_params, true, rng), m_params(ecies_params), m_eph_public_key_bin(private_key.public_value()), // returns the uncompressed public key, see conversion below m_iv(), @@ -261,7 +267,7 @@ ECIES_Encryptor::ECIES_Encryptor(const PK_Key_Agreement_Key& private_key, const * ECIES_Encryptor Constructor */ ECIES_Encryptor::ECIES_Encryptor(RandomNumberGenerator& rng, const ECIES_System_Params& ecies_params) : - ECIES_Encryptor(ECDH_PrivateKey(rng, ecies_params.domain()), ecies_params) + ECIES_Encryptor(ECDH_PrivateKey(rng, ecies_params.domain()), ecies_params, rng) { } @@ -311,8 +317,10 @@ std::vector<byte> ECIES_Encryptor::enc(const byte data[], size_t length, RandomN } -ECIES_Decryptor::ECIES_Decryptor(const PK_Key_Agreement_Key& key, const ECIES_System_Params& ecies_params) : - m_ka(key, ecies_params, false), +ECIES_Decryptor::ECIES_Decryptor(const PK_Key_Agreement_Key& key, + const ECIES_System_Params& ecies_params, + RandomNumberGenerator& rng) : + m_ka(key, ecies_params, false, rng), m_params(ecies_params), m_iv(), m_label() diff --git a/src/lib/pubkey/ecies/ecies.h b/src/lib/pubkey/ecies/ecies.h index 0bc0bf76e..6b9eba31d 100644 --- a/src/lib/pubkey/ecies/ecies.h +++ b/src/lib/pubkey/ecies/ecies.h @@ -184,8 +184,10 @@ class BOTAN_DLL ECIES_KA_Operation * @param for_encryption disable cofactor mode if the secret will be used for encryption * (according to ISO 18033 cofactor mode is only used during decryption) */ - ECIES_KA_Operation(const PK_Key_Agreement_Key& private_key, const ECIES_KA_Params& ecies_params, - bool for_encryption); + ECIES_KA_Operation(const PK_Key_Agreement_Key& private_key, + const ECIES_KA_Params& ecies_params, + bool for_encryption, + RandomNumberGenerator& rng); /** * Performs a key agreement with the provided keys and derives the secret from the result @@ -211,7 +213,9 @@ class BOTAN_DLL ECIES_Encryptor : public PK_Encryptor * @param private_key the (ephemeral) private key which is used for the key agreement * @param ecies_params settings for ecies */ - ECIES_Encryptor(const PK_Key_Agreement_Key& private_key, const ECIES_System_Params& ecies_params); + ECIES_Encryptor(const PK_Key_Agreement_Key& private_key, + const ECIES_System_Params& ecies_params, + RandomNumberGenerator& rng); /** * Creates an ephemeral private key which is used for the key agreement @@ -265,7 +269,9 @@ class BOTAN_DLL ECIES_Decryptor : public PK_Decryptor * @param private_key the private key which is used for the key agreement * @param ecies_params settings for ecies */ - ECIES_Decryptor(const PK_Key_Agreement_Key& private_key, const ECIES_System_Params& ecies_params); + ECIES_Decryptor(const PK_Key_Agreement_Key& private_key, + const ECIES_System_Params& ecies_params, + RandomNumberGenerator& rng); /// Set the initialization vector for the data encryption method inline void set_initialization_vector(const InitializationVector& iv) diff --git a/src/lib/pubkey/info.txt b/src/lib/pubkey/info.txt index 393e089e2..0e799f372 100644 --- a/src/lib/pubkey/info.txt +++ b/src/lib/pubkey/info.txt @@ -14,15 +14,16 @@ x509_key.cpp <header:public> blinding.h pk_keys.h -pk_ops.h +pk_ops_fwd.h pkcs8.h pubkey.h -x509_key.h workfactor.h +x509_key.h </header:public> <header:internal> pk_algs.h +pk_ops.h pk_ops_impl.h </header:internal> diff --git a/src/lib/pubkey/mce/mce_internal.h b/src/lib/pubkey/mce/mce_internal.h index d35479080..526552944 100644 --- a/src/lib/pubkey/mce/mce_internal.h +++ b/src/lib/pubkey/mce/mce_internal.h @@ -14,7 +14,7 @@ #include <botan/secmem.h> #include <botan/types.h> -#include <botan/pk_ops.h> +#include <botan/internal/pk_ops.h> #include <botan/mceliece.h> namespace Botan { diff --git a/src/lib/pubkey/pk_keys.cpp b/src/lib/pubkey/pk_keys.cpp index 21b56ed81..2c846d623 100644 --- a/src/lib/pubkey/pk_keys.cpp +++ b/src/lib/pubkey/pk_keys.cpp @@ -6,7 +6,7 @@ */ #include <botan/pk_keys.h> -#include <botan/pk_ops.h> +#include <botan/internal/pk_ops.h> #include <botan/der_enc.h> #include <botan/oids.h> #include <botan/hash.h> diff --git a/src/lib/pubkey/pk_ops_impl.h b/src/lib/pubkey/pk_ops_impl.h index 9d02de5e5..5fe5623e7 100644 --- a/src/lib/pubkey/pk_ops_impl.h +++ b/src/lib/pubkey/pk_ops_impl.h @@ -7,7 +7,7 @@ #ifndef BOTAN_PK_OPERATION_IMPL_H__ #define BOTAN_PK_OPERATION_IMPL_H__ -#include <botan/pk_ops.h> +#include <botan/internal/pk_ops.h> namespace Botan { diff --git a/src/lib/pubkey/pubkey.cpp b/src/lib/pubkey/pubkey.cpp index fa5777bde..178eca282 100644 --- a/src/lib/pubkey/pubkey.cpp +++ b/src/lib/pubkey/pubkey.cpp @@ -8,7 +8,7 @@ #include <botan/der_enc.h> #include <botan/ber_dec.h> #include <botan/bigint.h> -#include <botan/pk_ops.h> +#include <botan/internal/pk_ops.h> #include <botan/internal/ct_utils.h> namespace Botan { @@ -92,6 +92,8 @@ PK_Encryptor_EME::PK_Encryptor_EME(const Public_Key& key, BOTAN_ASSERT_NONNULL(m_op); } +PK_Encryptor_EME::~PK_Encryptor_EME() { /* for unique_ptr */ } + std::vector<byte> PK_Encryptor_EME::enc(const byte in[], size_t length, RandomNumberGenerator& rng) const { @@ -112,6 +114,8 @@ PK_Decryptor_EME::PK_Decryptor_EME(const Private_Key& key, BOTAN_ASSERT_NONNULL(m_op); } +PK_Decryptor_EME::~PK_Decryptor_EME() { /* for unique_ptr */ } + secure_vector<byte> PK_Decryptor_EME::do_decrypt(byte& valid_mask, const byte in[], size_t in_len) const { @@ -127,6 +131,8 @@ PK_KEM_Encryptor::PK_KEM_Encryptor(const Public_Key& key, BOTAN_ASSERT_NONNULL(m_op); } +PK_KEM_Encryptor::~PK_KEM_Encryptor() { /* for unique_ptr */ } + void PK_KEM_Encryptor::encrypt(secure_vector<byte>& out_encapsulated_key, secure_vector<byte>& out_shared_key, size_t desired_shared_key_len, @@ -151,6 +157,8 @@ PK_KEM_Decryptor::PK_KEM_Decryptor(const Private_Key& key, BOTAN_ASSERT_NONNULL(m_op); } +PK_KEM_Decryptor::~PK_KEM_Decryptor() { /* for unique_ptr */ } + secure_vector<byte> PK_KEM_Decryptor::decrypt(const byte encap_key[], size_t encap_key_len, size_t desired_shared_key_len, @@ -171,6 +179,21 @@ PK_Key_Agreement::PK_Key_Agreement(const Private_Key& key, BOTAN_ASSERT_NONNULL(m_op); } +PK_Key_Agreement::~PK_Key_Agreement() { /* for unique_ptr */ } + +PK_Key_Agreement& PK_Key_Agreement::operator=(PK_Key_Agreement&& other) + { + if(this != &other) + { + m_op = std::move(other.m_op); + } + return (*this); + } + +PK_Key_Agreement::PK_Key_Agreement(PK_Key_Agreement&& other) : + m_op(std::move(other.m_op)) + {} + SymmetricKey PK_Key_Agreement::derive_key(size_t key_len, const byte in[], size_t in_len, const byte salt[], @@ -232,6 +255,8 @@ PK_Signer::PK_Signer(const Private_Key& key, m_sig_format = format; } +PK_Signer::~PK_Signer() { /* for unique_ptr */ } + void PK_Signer::update(const byte in[], size_t length) { m_op->update(in, length); @@ -261,6 +286,8 @@ PK_Verifier::PK_Verifier(const Public_Key& key, m_sig_format = format; } +PK_Verifier::~PK_Verifier() { /* for unique_ptr */ } + void PK_Verifier::set_input_format(Signature_Format format) { if(m_op->message_parts() == 1 && format != IEEE_1363) diff --git a/src/lib/pubkey/pubkey.h b/src/lib/pubkey/pubkey.h index 077796a5d..94332c8f0 100644 --- a/src/lib/pubkey/pubkey.h +++ b/src/lib/pubkey/pubkey.h @@ -9,7 +9,7 @@ #define BOTAN_PUBKEY_H__ #include <botan/pk_keys.h> -#include <botan/pk_ops.h> +#include <botan/pk_ops_fwd.h> #include <botan/symkey.h> #include <botan/rng.h> #include <botan/eme.h> @@ -71,7 +71,6 @@ class BOTAN_DLL PK_Encryptor virtual ~PK_Encryptor() {} PK_Encryptor(const PK_Encryptor&) = delete; - PK_Encryptor& operator=(const PK_Encryptor&) = delete; private: @@ -158,7 +157,7 @@ class BOTAN_DLL PK_Decryptor * messages. Use multiple calls update() to process large messages and * generate the signature by finally calling signature(). */ -class BOTAN_DLL PK_Signer +class BOTAN_DLL PK_Signer final { public: @@ -192,6 +191,11 @@ class BOTAN_DLL PK_Signer {} #endif + ~PK_Signer(); + + PK_Signer(const PK_Signer&) = delete; + PK_Signer& operator=(const PK_Signer&) = delete; + /** * Sign a message all in one go * @param in the message to sign as a byte array @@ -271,7 +275,7 @@ class BOTAN_DLL PK_Signer * messages. Use multiple calls update() to process large messages and * verify the signature by finally calling check_signature(). */ -class BOTAN_DLL PK_Verifier +class BOTAN_DLL PK_Verifier final { public: /** @@ -285,6 +289,11 @@ class BOTAN_DLL PK_Verifier Signature_Format format = IEEE_1363, const std::string& provider = ""); + ~PK_Verifier(); + + PK_Verifier& operator=(const PK_Verifier&) = delete; + PK_Verifier(const PK_Verifier&) = delete; + /** * Verify a signature. * @param msg the message that the signature belongs to, as a byte array @@ -376,7 +385,7 @@ class BOTAN_DLL PK_Verifier /** * Key used for key agreement */ -class BOTAN_DLL PK_Key_Agreement +class BOTAN_DLL PK_Key_Agreement final { public: @@ -406,6 +415,15 @@ class BOTAN_DLL PK_Key_Agreement {} #endif + ~PK_Key_Agreement(); + + // For ECIES + PK_Key_Agreement& operator=(PK_Key_Agreement&&); + PK_Key_Agreement(PK_Key_Agreement&&); + + PK_Key_Agreement& operator=(const PK_Key_Agreement&) = delete; + PK_Key_Agreement(const PK_Key_Agreement&) = delete; + /* * Perform Key Agreement Operation * @param key_len the desired key output size @@ -476,7 +494,7 @@ class BOTAN_DLL PK_Key_Agreement * Encryption using a standard message recovery algorithm like RSA or * ElGamal, paired with an encoding scheme like OAEP. */ -class BOTAN_DLL PK_Encryptor_EME : public PK_Encryptor +class BOTAN_DLL PK_Encryptor_EME final : public PK_Encryptor { public: size_t maximum_input_size() const override; @@ -504,6 +522,10 @@ class BOTAN_DLL PK_Encryptor_EME : public PK_Encryptor PK_Encryptor_EME(key, system_rng(), padding, provider) {} #endif + ~PK_Encryptor_EME(); + + PK_Encryptor_EME& operator=(const PK_Encryptor_EME&) = delete; + PK_Encryptor_EME(const PK_Encryptor_EME&) = delete; private: std::vector<byte> enc(const byte[], size_t, RandomNumberGenerator& rng) const override; @@ -514,7 +536,7 @@ class BOTAN_DLL PK_Encryptor_EME : public PK_Encryptor /** * Decryption with an MR algorithm and an EME. */ -class BOTAN_DLL PK_Decryptor_EME : public PK_Decryptor +class BOTAN_DLL PK_Decryptor_EME final : public PK_Decryptor { public: /** @@ -542,6 +564,9 @@ class BOTAN_DLL PK_Decryptor_EME : public PK_Decryptor PK_Decryptor_EME(key, system_rng(), eme, provider) {} #endif + ~PK_Decryptor_EME(); + PK_Decryptor_EME& operator=(const PK_Decryptor_EME&) = delete; + PK_Decryptor_EME(const PK_Decryptor_EME&) = delete; private: secure_vector<byte> do_decrypt(byte& valid_mask, const byte in[], @@ -550,7 +575,7 @@ class BOTAN_DLL PK_Decryptor_EME : public PK_Decryptor std::unique_ptr<PK_Ops::Decryption> m_op; }; -class BOTAN_DLL PK_KEM_Encryptor +class BOTAN_DLL PK_KEM_Encryptor final { public: PK_KEM_Encryptor(const Public_Key& key, @@ -566,6 +591,11 @@ class BOTAN_DLL PK_KEM_Encryptor PK_KEM_Encryptor(key, system_rng(), kem_param, provider) {} #endif + ~PK_KEM_Encryptor(); + + PK_KEM_Encryptor& operator=(const PK_KEM_Encryptor&) = delete; + PK_KEM_Encryptor(const PK_KEM_Encryptor&) = delete; + void encrypt(secure_vector<byte>& out_encapsulated_key, secure_vector<byte>& out_shared_key, size_t desired_shared_key_len, @@ -604,7 +634,7 @@ class BOTAN_DLL PK_KEM_Encryptor std::unique_ptr<PK_Ops::KEM_Encryption> m_op; }; -class BOTAN_DLL PK_KEM_Decryptor +class BOTAN_DLL PK_KEM_Decryptor final { public: PK_KEM_Decryptor(const Private_Key& key, @@ -621,6 +651,10 @@ class BOTAN_DLL PK_KEM_Decryptor {} #endif + ~PK_KEM_Decryptor(); + PK_KEM_Decryptor& operator=(const PK_KEM_Decryptor&) = delete; + PK_KEM_Decryptor(const PK_KEM_Decryptor&) = delete; + secure_vector<byte> decrypt(const byte encap_key[], size_t encap_key_len, size_t desired_shared_key_len, |