aboutsummaryrefslogtreecommitdiffstats
path: root/src/pubkey
diff options
context:
space:
mode:
Diffstat (limited to 'src/pubkey')
-rw-r--r--src/pubkey/dlies/dlies.cpp57
-rw-r--r--src/pubkey/dlies/dlies.h34
-rw-r--r--src/pubkey/pk_lookup/look_pk.cpp2
-rw-r--r--src/pubkey/pubkey/pubkey.cpp13
-rw-r--r--src/pubkey/pubkey/pubkey.h9
5 files changed, 67 insertions, 48 deletions
diff --git a/src/pubkey/dlies/dlies.cpp b/src/pubkey/dlies/dlies.cpp
index 2a2f33925..06a08f7f9 100644
--- a/src/pubkey/dlies/dlies.cpp
+++ b/src/pubkey/dlies/dlies.cpp
@@ -4,7 +4,6 @@
*************************************************/
#include <botan/dlies.h>
-#include <botan/lookup.h>
#include <botan/look_pk.h>
#include <botan/xor_buf.h>
#include <memory>
@@ -15,12 +14,19 @@ namespace Botan {
* DLIES_Encryptor Constructor *
*************************************************/
DLIES_Encryptor::DLIES_Encryptor(const PK_Key_Agreement_Key& k,
- const std::string& kdf,
- const std::string& mac, u32bit mk_len) :
- key(k), kdf_algo(kdf), mac_algo(mac), MAC_KEYLEN(mk_len)
+ KDF* kdf_obj,
+ MessageAuthenticationCode* mac_obj,
+ u32bit mac_kl) :
+ key(k), kdf(kdf_obj), mac(mac_obj), mac_keylen(mac_kl)
{
}
+DLIES_Encryptor::~DLIES_Encryptor()
+ {
+ delete kdf;
+ delete mac;
+ }
+
/*************************************************
* DLIES Encryption *
*************************************************/
@@ -32,9 +38,6 @@ SecureVector<byte> DLIES_Encryptor::enc(const byte in[], u32bit length,
if(other_key.is_empty())
throw Invalid_State("DLIES: The other key was never set");
- std::auto_ptr<KDF> kdf(get_kdf(kdf_algo));
- std::auto_ptr<MessageAuthenticationCode> mac(get_mac(mac_algo));
-
MemoryVector<byte> v = key.public_value();
SecureVector<byte> out(v.size() + length + mac->OUTPUT_LENGTH);
@@ -43,14 +46,14 @@ SecureVector<byte> DLIES_Encryptor::enc(const byte in[], u32bit length,
SecureVector<byte> vz(v, key.derive_key(other_key, other_key.size()));
- const u32bit K_LENGTH = length + MAC_KEYLEN;
+ const u32bit K_LENGTH = length + mac_keylen;
OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size());
if(K.length() != K_LENGTH)
throw Encoding_Error("DLIES: KDF did not provide sufficient output");
byte* C = out + v.size();
- xor_buf(C, K.begin() + MAC_KEYLEN, length);
- mac->set_key(K.begin(), MAC_KEYLEN);
+ xor_buf(C, K.begin() + mac_keylen, length);
+ mac->set_key(K.begin(), mac_keylen);
mac->update(C, length);
for(u32bit j = 0; j != 8; ++j)
@@ -81,39 +84,43 @@ u32bit DLIES_Encryptor::maximum_input_size() const
* DLIES_Decryptor Constructor *
*************************************************/
DLIES_Decryptor::DLIES_Decryptor(const PK_Key_Agreement_Key& k,
- const std::string& kdf,
- const std::string& mac, u32bit mk_len) :
- key(k), kdf_algo(kdf), mac_algo(mac),
- MAC_KEYLEN(mk_len), PUBLIC_LEN(key.public_value().size())
+ KDF* kdf_obj,
+ MessageAuthenticationCode* mac_obj,
+ u32bit mac_kl) :
+ key(k), kdf(kdf_obj), mac(mac_obj), mac_keylen(mac_kl)
{
}
+DLIES_Decryptor::~DLIES_Decryptor()
+ {
+ delete kdf;
+ delete mac;
+ }
+
/*************************************************
* DLIES Decryption *
*************************************************/
SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], u32bit length) const
{
- std::auto_ptr<MessageAuthenticationCode> mac(get_mac(mac_algo));
+ const u32bit public_len = key.public_value().size();
- if(length < PUBLIC_LEN + mac->OUTPUT_LENGTH)
+ if(length < public_len + mac->OUTPUT_LENGTH)
throw Decoding_Error("DLIES decryption: ciphertext is too short");
- std::auto_ptr<KDF> kdf(get_kdf(kdf_algo));
-
- const u32bit CIPHER_LEN = length - PUBLIC_LEN - mac->OUTPUT_LENGTH;
+ const u32bit CIPHER_LEN = length - public_len - mac->OUTPUT_LENGTH;
- SecureVector<byte> v(msg, PUBLIC_LEN);
- SecureVector<byte> C(msg + PUBLIC_LEN, CIPHER_LEN);
- SecureVector<byte> T(msg + PUBLIC_LEN + CIPHER_LEN, mac->OUTPUT_LENGTH);
+ SecureVector<byte> v(msg, public_len);
+ SecureVector<byte> C(msg + public_len, CIPHER_LEN);
+ SecureVector<byte> T(msg + public_len + CIPHER_LEN, mac->OUTPUT_LENGTH);
SecureVector<byte> vz(v, key.derive_key(v, v.size()));
- const u32bit K_LENGTH = C.size() + MAC_KEYLEN;
+ const u32bit K_LENGTH = C.size() + mac_keylen;
OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size());
if(K.length() != K_LENGTH)
throw Encoding_Error("DLIES: KDF did not provide sufficient output");
- mac->set_key(K.begin(), MAC_KEYLEN);
+ mac->set_key(K.begin(), mac_keylen);
mac->update(C);
for(u32bit j = 0; j != 8; ++j)
mac->update(0);
@@ -121,7 +128,7 @@ SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], u32bit length) const
if(T != T2)
throw Integrity_Failure("DLIES: message authentication failed");
- xor_buf(C, K.begin() + MAC_KEYLEN, C.size());
+ xor_buf(C, K.begin() + mac_keylen, C.size());
return C;
}
diff --git a/src/pubkey/dlies/dlies.h b/src/pubkey/dlies/dlies.h
index ef0f4d493..d452f1a4f 100644
--- a/src/pubkey/dlies/dlies.h
+++ b/src/pubkey/dlies/dlies.h
@@ -7,6 +7,8 @@
#define BOTAN_DLIES_H__
#include <botan/pubkey.h>
+#include <botan/mac.h>
+#include <botan/kdf.h>
namespace Botan {
@@ -17,18 +19,24 @@ class BOTAN_DLL DLIES_Encryptor : public PK_Encryptor
{
public:
DLIES_Encryptor(const PK_Key_Agreement_Key&,
- const std::string& = "KDF2(SHA-160)",
- const std::string& = "HMAC(SHA-160)", u32bit = 20);
+ KDF* kdf,
+ MessageAuthenticationCode* mac,
+ u32bit mac_key_len = 20);
+
+ ~DLIES_Encryptor();
+
void set_other_key(const MemoryRegion<byte>&);
private:
SecureVector<byte> enc(const byte[], u32bit,
RandomNumberGenerator&) const;
u32bit maximum_input_size() const;
+
const PK_Key_Agreement_Key& key;
SecureVector<byte> other_key;
- const std::string kdf_algo;
- const std::string mac_algo;
- const u32bit MAC_KEYLEN;
+
+ KDF* kdf;
+ MessageAuthenticationCode* mac;
+ u32bit mac_keylen;
};
/*************************************************
@@ -38,14 +46,20 @@ class BOTAN_DLL DLIES_Decryptor : public PK_Decryptor
{
public:
DLIES_Decryptor(const PK_Key_Agreement_Key&,
- const std::string& = "KDF2(SHA-160)",
- const std::string& = "HMAC(SHA-160)", u32bit = 20);
+ KDF* kdf,
+ MessageAuthenticationCode* mac,
+ u32bit mac_key_len = 20);
+
+ ~DLIES_Decryptor();
+
private:
SecureVector<byte> dec(const byte[], u32bit) const;
+
const PK_Key_Agreement_Key& key;
- const std::string kdf_algo;
- const std::string mac_algo;
- const u32bit MAC_KEYLEN, PUBLIC_LEN;
+
+ KDF* kdf;
+ MessageAuthenticationCode* mac;
+ u32bit mac_keylen;
};
}
diff --git a/src/pubkey/pk_lookup/look_pk.cpp b/src/pubkey/pk_lookup/look_pk.cpp
index 1a90eb82c..d72c1ce0f 100644
--- a/src/pubkey/pk_lookup/look_pk.cpp
+++ b/src/pubkey/pk_lookup/look_pk.cpp
@@ -68,7 +68,7 @@ PK_Verifier* get_pk_verifier(const PK_Verifying_wo_MR_Key& key,
PK_Key_Agreement* get_pk_kas(const PK_Key_Agreement_Key& key,
const std::string& kdf)
{
- return new PK_Key_Agreement(key, kdf);
+ return new PK_Key_Agreement(key, get_kdf(kdf));
}
}
diff --git a/src/pubkey/pubkey/pubkey.cpp b/src/pubkey/pubkey/pubkey.cpp
index 61b51d081..0e7890c5d 100644
--- a/src/pubkey/pubkey/pubkey.cpp
+++ b/src/pubkey/pubkey/pubkey.cpp
@@ -4,7 +4,6 @@
*************************************************/
#include <botan/pubkey.h>
-#include <botan/lookup.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/bigint.h>
@@ -361,8 +360,8 @@ bool PK_Verifier_wo_MR::validate_signature(const MemoryRegion<byte>& msg,
* PK_Key_Agreement Constructor *
*************************************************/
PK_Key_Agreement::PK_Key_Agreement(const PK_Key_Agreement_Key& k,
- const std::string& k_name) :
- key(k), kdf_name(k_name)
+ KDF* kdf_obj) :
+ key(k), kdf(kdf_obj)
{
}
@@ -385,13 +384,11 @@ SymmetricKey PK_Key_Agreement::derive_key(u32bit key_len, const byte in[],
u32bit in_len, const byte params[],
u32bit params_len) const
{
- std::auto_ptr<KDF> kdf((kdf_name == "Raw") ? 0 : get_kdf(kdf_name));
OctetString z = key.derive_key(in, in_len);
+ if(!kdf)
+ return z;
- if(kdf.get())
- z = kdf->derive_key(key_len, z.bits_of(), params, params_len);
-
- return z;
+ return kdf->derive_key(key_len, z.bits_of(), params, params_len);
}
}
diff --git a/src/pubkey/pubkey/pubkey.h b/src/pubkey/pubkey/pubkey.h
index 7e8de9f4c..6073fef21 100644
--- a/src/pubkey/pubkey/pubkey.h
+++ b/src/pubkey/pubkey/pubkey.h
@@ -11,6 +11,7 @@
#include <botan/rng.h>
#include <botan/eme.h>
#include <botan/emsa.h>
+#include <botan/kdf.h>
namespace Botan {
@@ -268,17 +269,17 @@ class BOTAN_DLL PK_Key_Agreement
/**
* Construct a PK Key Agreement.
* @param key the key to use
- * @param kdf_name the name of the key derivation function to use
+ * @param kdf the KDF to use
*/
- PK_Key_Agreement(const PK_Key_Agreement_Key& key,
- const std::string& kdf_name);
+ PK_Key_Agreement(const PK_Key_Agreement_Key& key, KDF* kdf);
+ ~PK_Key_Agreement() { delete kdf; }
private:
PK_Key_Agreement(const PK_Key_Agreement_Key&);
PK_Key_Agreement& operator=(const PK_Key_Agreement&);
const PK_Key_Agreement_Key& key;
- const std::string kdf_name;
+ KDF* kdf;
};
/**