diff options
Diffstat (limited to 'src/pubkey/pubkey.h')
-rw-r--r-- | src/pubkey/pubkey.h | 265 |
1 files changed, 153 insertions, 112 deletions
diff --git a/src/pubkey/pubkey.h b/src/pubkey/pubkey.h index c73a54d35..c31aed67b 100644 --- a/src/pubkey/pubkey.h +++ b/src/pubkey/pubkey.h @@ -1,6 +1,6 @@ /* * Public Key Interface -* (C) 1999-2007 Jack Lloyd +* (C) 1999-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -9,6 +9,7 @@ #define BOTAN_PUBKEY_H__ #include <botan/pk_keys.h> +#include <botan/pk_ops.h> #include <botan/symkey.h> #include <botan/rng.h> #include <botan/eme.h> @@ -37,7 +38,10 @@ class BOTAN_DLL PK_Encryptor * @return the encrypted message */ SecureVector<byte> encrypt(const byte in[], u32bit length, - RandomNumberGenerator& rng) const; + RandomNumberGenerator& rng) const + { + return enc(in, length, rng); + } /** * Encrypt a message. @@ -46,7 +50,10 @@ class BOTAN_DLL PK_Encryptor * @return the encrypted message */ SecureVector<byte> encrypt(const MemoryRegion<byte>& in, - RandomNumberGenerator& rng) const; + RandomNumberGenerator& rng) const + { + return enc(&in[0], in.size(), rng); + } /** * Return the maximum allowed message size in bytes. @@ -54,8 +61,12 @@ class BOTAN_DLL PK_Encryptor */ virtual u32bit maximum_input_size() const = 0; + PK_Encryptor() {} virtual ~PK_Encryptor() {} private: + PK_Encryptor(const PK_Encryptor&) {} + PK_Encryptor& operator=(const PK_Encryptor&) { return *this; } + virtual SecureVector<byte> enc(const byte[], u32bit, RandomNumberGenerator&) const = 0; }; @@ -72,17 +83,27 @@ class BOTAN_DLL PK_Decryptor * @param length the length of the above byte array * @return the decrypted message */ - SecureVector<byte> decrypt(const byte in[], u32bit length) const; + SecureVector<byte> decrypt(const byte in[], u32bit length) const + { + return dec(in, length); + } /** * Decrypt a ciphertext. * @param in the ciphertext * @return the decrypted message */ - SecureVector<byte> decrypt(const MemoryRegion<byte>& in) const; + SecureVector<byte> decrypt(const MemoryRegion<byte>& in) const + { + return dec(&in[0], in.size()); + } + PK_Decryptor() {} virtual ~PK_Decryptor() {} private: + PK_Decryptor(const PK_Decryptor&) {} + PK_Decryptor& operator=(const PK_Decryptor&) { return *this; } + virtual SecureVector<byte> dec(const byte[], u32bit) const = 0; }; @@ -111,13 +132,14 @@ class BOTAN_DLL PK_Signer * @return the signature */ SecureVector<byte> sign_message(const MemoryRegion<byte>& in, - RandomNumberGenerator& rng); + RandomNumberGenerator& rng) + { return sign_message(&in[0], in.size(), rng); } /** * Add a message part (single byte). * @param the byte to add */ - void update(byte in); + void update(byte in) { update(&in, 1); } /** * Add a message part. @@ -130,7 +152,7 @@ class BOTAN_DLL PK_Signer * Add a message part. * @param in the message part to add */ - void update(const MemoryRegion<byte>& in); + void update(const MemoryRegion<byte>& in) { update(&in[0], in.size()); } /** * Get the signature of the so far processed message (provided by the @@ -144,24 +166,31 @@ class BOTAN_DLL PK_Signer * Set the output format of the signature. * @param format the signature format to use */ - void set_output_format(Signature_Format format); + void set_output_format(Signature_Format format) { sig_format = format; } /** * Construct a PK Signer. * @param key the key to use inside this signer * @param emsa the EMSA to use * An example would be "EMSA1(SHA-224)". + * @param format the signature format to use */ - PK_Signer(const PK_Signing_Key& key, EMSA* emsa); + PK_Signer(const Private_Key& key, + const std::string& emsa, + Signature_Format format = IEEE_1363); - ~PK_Signer() { delete emsa; } + ~PK_Signer() { delete op; delete verify_op; delete emsa; } private: - PK_Signer(const PK_Signer&); - PK_Signer& operator=(const PK_Signer&); + bool self_test_signature(const MemoryRegion<byte>& msg, + const MemoryRegion<byte>& sig) const; - const PK_Signing_Key& key; - Signature_Format sig_format; + PK_Signer(const PK_Signer&) {} + PK_Signer& operator=(const PK_Signer&) { return *this; } + + PK_Ops::Signature* op; + PK_Ops::Verification* verify_op; EMSA* emsa; + Signature_Format sig_format; }; /** @@ -189,14 +218,17 @@ class BOTAN_DLL PK_Verifier * @return true if the signature is valid */ bool verify_message(const MemoryRegion<byte>& msg, - const MemoryRegion<byte>& sig); + const MemoryRegion<byte>& sig) + { + return verify_message(msg, msg.size(), sig, sig.size()); + } /** * Add a message part (single byte) of the message corresponding to the * signature to be verified. - * @param msg_part the byte to add + * @param in the byte to add */ - void update(byte msg_part); + void update(byte in) { update(&in, 1); } /** * Add a message part of the message corresponding to the @@ -209,9 +241,10 @@ class BOTAN_DLL PK_Verifier /** * Add a message part of the message corresponding to the * signature to be verified. - * @param msg_part the new message part + * @param in the new message part */ - void update(const MemoryRegion<byte>& msg_part); + void update(const MemoryRegion<byte>& in) + { update(&in[0], in.size()); } /** * Check the signature of the buffered message, i.e. the one build @@ -228,7 +261,10 @@ class BOTAN_DLL PK_Verifier * @param sig the signature to be verified * @return true if the signature is valid, false otherwise */ - bool check_signature(const MemoryRegion<byte>& sig); + bool check_signature(const MemoryRegion<byte>& sig) + { + return check_signature(&sig[0], sig.size()); + } /** * Set the format of the signatures fed to this verifier. @@ -238,23 +274,25 @@ class BOTAN_DLL PK_Verifier /** * Construct a PK Verifier. - * @param emsa the EMSA to use - * An example would be new EMSA1(new SHA_224) + * @param pub_key the public key to verify against + * @param emsa the EMSA to use (eg "EMSA3(SHA-1)") + * @param format the signature format to use */ - PK_Verifier(EMSA* emsa); + PK_Verifier(const Public_Key& pub_key, + const std::string& emsa, + Signature_Format format = IEEE_1363); - virtual ~PK_Verifier(); - protected: - virtual bool validate_signature(const MemoryRegion<byte>&, - const byte[], u32bit) = 0; - virtual u32bit key_message_parts() const = 0; - virtual u32bit key_message_part_size() const = 0; + ~PK_Verifier() { delete op; delete emsa; } + private: + PK_Verifier(const PK_Verifier&) {} + PK_Verifier& operator=(const PK_Verifier&) { return *this; } - Signature_Format sig_format; + bool validate_signature(const MemoryRegion<byte>& msg, + const byte sig[], u32bit sig_len); + + PK_Ops::Verification* op; EMSA* emsa; - private: - PK_Verifier(const PK_Verifier&); - PK_Verifier& operator=(const PK_Verifier&); + Signature_Format sig_format; }; /* @@ -263,31 +301,90 @@ class BOTAN_DLL PK_Verifier class BOTAN_DLL PK_Key_Agreement { public: - SymmetricKey derive_key(u32bit, const byte[], u32bit, - const std::string& = "") const; - SymmetricKey derive_key(u32bit, const byte[], u32bit, - const byte[], u32bit) const; + + /* + * Perform Key Agreement Operation + * @param key_len the desired key output size + * @param in the other parties key + * @param in_len the length of in in bytes + * @param params extra derivation params + * @param params_len the length of params in bytes + */ + SymmetricKey derive_key(u32bit key_len, + const byte in[], + u32bit in_len, + const byte params[], + u32bit params_len) const; + + /* + * Perform Key Agreement Operation + * @param key_len the desired key output size + * @param in the other parties key + * @param in_len the length of in in bytes + * @param params extra derivation params + * @param params_len the length of params in bytes + */ + SymmetricKey derive_key(u32bit key_len, + const MemoryRegion<byte>& in, + const byte params[], + u32bit params_len) const + { + return derive_key(key_len, &in[0], in.size(), + params, params_len); + } + + /* + * Perform Key Agreement Operation + * @param key_len the desired key output size + * @param in the other parties key + * @param in_len the length of in in bytes + * @param params extra derivation params + */ + SymmetricKey derive_key(u32bit key_len, + const byte in[], u32bit in_len, + const std::string& params = "") const + { + return derive_key(key_len, in, in_len, + reinterpret_cast<const byte*>(params.data()), + params.length()); + } + + /* + * Perform Key Agreement Operation + * @param key_len the desired key output size + * @param in the other parties key + * @param params extra derivation params + */ + SymmetricKey derive_key(u32bit key_len, + const MemoryRegion<byte>& in, + const std::string& params = "") const + { + return derive_key(key_len, &in[0], in.size(), + reinterpret_cast<const byte*>(params.data()), + params.length()); + } /** * Construct a PK Key Agreement. * @param key the key to use - * @param kdf the KDF to use + * @param kdf name of the KDF to use (or 'Raw' for no KDF) */ - PK_Key_Agreement(const PK_Key_Agreement_Key& key, KDF* kdf); + PK_Key_Agreement(const PK_Key_Agreement_Key& key, + const std::string& kdf); - ~PK_Key_Agreement() { delete kdf; } + ~PK_Key_Agreement() { delete op; delete kdf; } private: - PK_Key_Agreement(const PK_Key_Agreement_Key&); - PK_Key_Agreement& operator=(const PK_Key_Agreement&); + PK_Key_Agreement(const PK_Key_Agreement_Key&) {} + PK_Key_Agreement& operator=(const PK_Key_Agreement&) { return *this; } - const PK_Key_Agreement_Key& key; + PK_Ops::Key_Agreement* op; KDF* kdf; }; /** * Encryption with an MR algorithm and an EME. */ -class BOTAN_DLL PK_Encryptor_MR_with_EME : public PK_Encryptor +class BOTAN_DLL PK_Encryptor_EME : public PK_Encryptor { public: u32bit maximum_input_size() const; @@ -297,25 +394,22 @@ class BOTAN_DLL PK_Encryptor_MR_with_EME : public PK_Encryptor * @param key the key to use inside the decryptor * @param eme the EME to use */ - PK_Encryptor_MR_with_EME(const PK_Encrypting_Key& key, - EME* eme); + PK_Encryptor_EME(const Public_Key& key, + const std::string& eme); - ~PK_Encryptor_MR_with_EME() { delete encoder; } + ~PK_Encryptor_EME() { delete op; delete eme; } private: - PK_Encryptor_MR_with_EME(const PK_Encryptor_MR_with_EME&); - PK_Encryptor_MR_with_EME& operator=(const PK_Encryptor_MR_with_EME&); - SecureVector<byte> enc(const byte[], u32bit, RandomNumberGenerator& rng) const; - const PK_Encrypting_Key& key; - const EME* encoder; + PK_Ops::Encryption* op; + const EME* eme; }; /** * Decryption with an MR algorithm and an EME. */ -class BOTAN_DLL PK_Decryptor_MR_with_EME : public PK_Decryptor +class BOTAN_DLL PK_Decryptor_EME : public PK_Decryptor { public: /** @@ -323,68 +417,15 @@ class BOTAN_DLL PK_Decryptor_MR_with_EME : public PK_Decryptor * @param key the key to use inside the encryptor * @param eme the EME to use */ - PK_Decryptor_MR_with_EME(const PK_Decrypting_Key& key, - EME* eme); + PK_Decryptor_EME(const Private_Key& key, + const std::string& eme); - ~PK_Decryptor_MR_with_EME() { delete encoder; } + ~PK_Decryptor_EME() { delete op; delete eme; } private: - PK_Decryptor_MR_with_EME(const PK_Decryptor_MR_with_EME&); - PK_Decryptor_MR_with_EME& operator=(const PK_Decryptor_MR_with_EME&); - SecureVector<byte> dec(const byte[], u32bit) const; - const PK_Decrypting_Key& key; - const EME* encoder; - }; - -/** -* Public Key Verifier with Message Recovery. -*/ -class BOTAN_DLL PK_Verifier_with_MR : public PK_Verifier - { - public: - /** - * Construct an instance. - * @param key the key to use inside the verifier - * @param emsa_name the name of the EMSA to use - */ - PK_Verifier_with_MR(const PK_Verifying_with_MR_Key& k, - EMSA* emsa_obj) : PK_Verifier(emsa_obj), key(k) {} - - private: - PK_Verifier_with_MR(const PK_Verifying_with_MR_Key&); - PK_Verifier_with_MR& operator=(const PK_Verifier_with_MR&); - - bool validate_signature(const MemoryRegion<byte>&, const byte[], u32bit); - u32bit key_message_parts() const { return key.message_parts(); } - u32bit key_message_part_size() const { return key.message_part_size(); } - - const PK_Verifying_with_MR_Key& key; - }; - -/** -* Public Key Verifier without Message Recovery -*/ -class BOTAN_DLL PK_Verifier_wo_MR : public PK_Verifier - { - public: - /** - * Construct an instance. - * @param key the key to use inside the verifier - * @param emsa_name the name of the EMSA to use - */ - PK_Verifier_wo_MR(const PK_Verifying_wo_MR_Key& k, - EMSA* emsa_obj) : PK_Verifier(emsa_obj), key(k) {} - - private: - PK_Verifier_wo_MR(const PK_Verifying_wo_MR_Key&); - PK_Verifier_wo_MR& operator=(const PK_Verifier_wo_MR&); - - bool validate_signature(const MemoryRegion<byte>&, const byte[], u32bit); - u32bit key_message_parts() const { return key.message_parts(); } - u32bit key_message_part_size() const { return key.message_part_size(); } - - const PK_Verifying_wo_MR_Key& key; + PK_Ops::Decryption* op; + const EME* eme; }; } |