diff options
Diffstat (limited to 'src/pubkey')
-rw-r--r-- | src/pubkey/dlies/dlies.cpp | 57 | ||||
-rw-r--r-- | src/pubkey/dlies/dlies.h | 34 | ||||
-rw-r--r-- | src/pubkey/pk_lookup/look_pk.cpp | 2 | ||||
-rw-r--r-- | src/pubkey/pubkey/pubkey.cpp | 13 | ||||
-rw-r--r-- | src/pubkey/pubkey/pubkey.h | 9 |
5 files changed, 67 insertions, 48 deletions
diff --git a/src/pubkey/dlies/dlies.cpp b/src/pubkey/dlies/dlies.cpp index 2a2f33925..06a08f7f9 100644 --- a/src/pubkey/dlies/dlies.cpp +++ b/src/pubkey/dlies/dlies.cpp @@ -4,7 +4,6 @@ *************************************************/ #include <botan/dlies.h> -#include <botan/lookup.h> #include <botan/look_pk.h> #include <botan/xor_buf.h> #include <memory> @@ -15,12 +14,19 @@ namespace Botan { * DLIES_Encryptor Constructor * *************************************************/ DLIES_Encryptor::DLIES_Encryptor(const PK_Key_Agreement_Key& k, - const std::string& kdf, - const std::string& mac, u32bit mk_len) : - key(k), kdf_algo(kdf), mac_algo(mac), MAC_KEYLEN(mk_len) + KDF* kdf_obj, + MessageAuthenticationCode* mac_obj, + u32bit mac_kl) : + key(k), kdf(kdf_obj), mac(mac_obj), mac_keylen(mac_kl) { } +DLIES_Encryptor::~DLIES_Encryptor() + { + delete kdf; + delete mac; + } + /************************************************* * DLIES Encryption * *************************************************/ @@ -32,9 +38,6 @@ SecureVector<byte> DLIES_Encryptor::enc(const byte in[], u32bit length, if(other_key.is_empty()) throw Invalid_State("DLIES: The other key was never set"); - std::auto_ptr<KDF> kdf(get_kdf(kdf_algo)); - std::auto_ptr<MessageAuthenticationCode> mac(get_mac(mac_algo)); - MemoryVector<byte> v = key.public_value(); SecureVector<byte> out(v.size() + length + mac->OUTPUT_LENGTH); @@ -43,14 +46,14 @@ SecureVector<byte> DLIES_Encryptor::enc(const byte in[], u32bit length, SecureVector<byte> vz(v, key.derive_key(other_key, other_key.size())); - const u32bit K_LENGTH = length + MAC_KEYLEN; + const u32bit K_LENGTH = length + mac_keylen; OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size()); if(K.length() != K_LENGTH) throw Encoding_Error("DLIES: KDF did not provide sufficient output"); byte* C = out + v.size(); - xor_buf(C, K.begin() + MAC_KEYLEN, length); - mac->set_key(K.begin(), MAC_KEYLEN); + xor_buf(C, K.begin() + mac_keylen, length); + mac->set_key(K.begin(), mac_keylen); mac->update(C, length); for(u32bit j = 0; j != 8; ++j) @@ -81,39 +84,43 @@ u32bit DLIES_Encryptor::maximum_input_size() const * DLIES_Decryptor Constructor * *************************************************/ DLIES_Decryptor::DLIES_Decryptor(const PK_Key_Agreement_Key& k, - const std::string& kdf, - const std::string& mac, u32bit mk_len) : - key(k), kdf_algo(kdf), mac_algo(mac), - MAC_KEYLEN(mk_len), PUBLIC_LEN(key.public_value().size()) + KDF* kdf_obj, + MessageAuthenticationCode* mac_obj, + u32bit mac_kl) : + key(k), kdf(kdf_obj), mac(mac_obj), mac_keylen(mac_kl) { } +DLIES_Decryptor::~DLIES_Decryptor() + { + delete kdf; + delete mac; + } + /************************************************* * DLIES Decryption * *************************************************/ SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], u32bit length) const { - std::auto_ptr<MessageAuthenticationCode> mac(get_mac(mac_algo)); + const u32bit public_len = key.public_value().size(); - if(length < PUBLIC_LEN + mac->OUTPUT_LENGTH) + if(length < public_len + mac->OUTPUT_LENGTH) throw Decoding_Error("DLIES decryption: ciphertext is too short"); - std::auto_ptr<KDF> kdf(get_kdf(kdf_algo)); - - const u32bit CIPHER_LEN = length - PUBLIC_LEN - mac->OUTPUT_LENGTH; + const u32bit CIPHER_LEN = length - public_len - mac->OUTPUT_LENGTH; - SecureVector<byte> v(msg, PUBLIC_LEN); - SecureVector<byte> C(msg + PUBLIC_LEN, CIPHER_LEN); - SecureVector<byte> T(msg + PUBLIC_LEN + CIPHER_LEN, mac->OUTPUT_LENGTH); + SecureVector<byte> v(msg, public_len); + SecureVector<byte> C(msg + public_len, CIPHER_LEN); + SecureVector<byte> T(msg + public_len + CIPHER_LEN, mac->OUTPUT_LENGTH); SecureVector<byte> vz(v, key.derive_key(v, v.size())); - const u32bit K_LENGTH = C.size() + MAC_KEYLEN; + const u32bit K_LENGTH = C.size() + mac_keylen; OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size()); if(K.length() != K_LENGTH) throw Encoding_Error("DLIES: KDF did not provide sufficient output"); - mac->set_key(K.begin(), MAC_KEYLEN); + mac->set_key(K.begin(), mac_keylen); mac->update(C); for(u32bit j = 0; j != 8; ++j) mac->update(0); @@ -121,7 +128,7 @@ SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], u32bit length) const if(T != T2) throw Integrity_Failure("DLIES: message authentication failed"); - xor_buf(C, K.begin() + MAC_KEYLEN, C.size()); + xor_buf(C, K.begin() + mac_keylen, C.size()); return C; } diff --git a/src/pubkey/dlies/dlies.h b/src/pubkey/dlies/dlies.h index ef0f4d493..d452f1a4f 100644 --- a/src/pubkey/dlies/dlies.h +++ b/src/pubkey/dlies/dlies.h @@ -7,6 +7,8 @@ #define BOTAN_DLIES_H__ #include <botan/pubkey.h> +#include <botan/mac.h> +#include <botan/kdf.h> namespace Botan { @@ -17,18 +19,24 @@ class BOTAN_DLL DLIES_Encryptor : public PK_Encryptor { public: DLIES_Encryptor(const PK_Key_Agreement_Key&, - const std::string& = "KDF2(SHA-160)", - const std::string& = "HMAC(SHA-160)", u32bit = 20); + KDF* kdf, + MessageAuthenticationCode* mac, + u32bit mac_key_len = 20); + + ~DLIES_Encryptor(); + void set_other_key(const MemoryRegion<byte>&); private: SecureVector<byte> enc(const byte[], u32bit, RandomNumberGenerator&) const; u32bit maximum_input_size() const; + const PK_Key_Agreement_Key& key; SecureVector<byte> other_key; - const std::string kdf_algo; - const std::string mac_algo; - const u32bit MAC_KEYLEN; + + KDF* kdf; + MessageAuthenticationCode* mac; + u32bit mac_keylen; }; /************************************************* @@ -38,14 +46,20 @@ class BOTAN_DLL DLIES_Decryptor : public PK_Decryptor { public: DLIES_Decryptor(const PK_Key_Agreement_Key&, - const std::string& = "KDF2(SHA-160)", - const std::string& = "HMAC(SHA-160)", u32bit = 20); + KDF* kdf, + MessageAuthenticationCode* mac, + u32bit mac_key_len = 20); + + ~DLIES_Decryptor(); + private: SecureVector<byte> dec(const byte[], u32bit) const; + const PK_Key_Agreement_Key& key; - const std::string kdf_algo; - const std::string mac_algo; - const u32bit MAC_KEYLEN, PUBLIC_LEN; + + KDF* kdf; + MessageAuthenticationCode* mac; + u32bit mac_keylen; }; } diff --git a/src/pubkey/pk_lookup/look_pk.cpp b/src/pubkey/pk_lookup/look_pk.cpp index 1a90eb82c..d72c1ce0f 100644 --- a/src/pubkey/pk_lookup/look_pk.cpp +++ b/src/pubkey/pk_lookup/look_pk.cpp @@ -68,7 +68,7 @@ PK_Verifier* get_pk_verifier(const PK_Verifying_wo_MR_Key& key, PK_Key_Agreement* get_pk_kas(const PK_Key_Agreement_Key& key, const std::string& kdf) { - return new PK_Key_Agreement(key, kdf); + return new PK_Key_Agreement(key, get_kdf(kdf)); } } diff --git a/src/pubkey/pubkey/pubkey.cpp b/src/pubkey/pubkey/pubkey.cpp index 61b51d081..0e7890c5d 100644 --- a/src/pubkey/pubkey/pubkey.cpp +++ b/src/pubkey/pubkey/pubkey.cpp @@ -4,7 +4,6 @@ *************************************************/ #include <botan/pubkey.h> -#include <botan/lookup.h> #include <botan/der_enc.h> #include <botan/ber_dec.h> #include <botan/bigint.h> @@ -361,8 +360,8 @@ bool PK_Verifier_wo_MR::validate_signature(const MemoryRegion<byte>& msg, * PK_Key_Agreement Constructor * *************************************************/ PK_Key_Agreement::PK_Key_Agreement(const PK_Key_Agreement_Key& k, - const std::string& k_name) : - key(k), kdf_name(k_name) + KDF* kdf_obj) : + key(k), kdf(kdf_obj) { } @@ -385,13 +384,11 @@ SymmetricKey PK_Key_Agreement::derive_key(u32bit key_len, const byte in[], u32bit in_len, const byte params[], u32bit params_len) const { - std::auto_ptr<KDF> kdf((kdf_name == "Raw") ? 0 : get_kdf(kdf_name)); OctetString z = key.derive_key(in, in_len); + if(!kdf) + return z; - if(kdf.get()) - z = kdf->derive_key(key_len, z.bits_of(), params, params_len); - - return z; + return kdf->derive_key(key_len, z.bits_of(), params, params_len); } } diff --git a/src/pubkey/pubkey/pubkey.h b/src/pubkey/pubkey/pubkey.h index 7e8de9f4c..6073fef21 100644 --- a/src/pubkey/pubkey/pubkey.h +++ b/src/pubkey/pubkey/pubkey.h @@ -11,6 +11,7 @@ #include <botan/rng.h> #include <botan/eme.h> #include <botan/emsa.h> +#include <botan/kdf.h> namespace Botan { @@ -268,17 +269,17 @@ class BOTAN_DLL PK_Key_Agreement /** * Construct a PK Key Agreement. * @param key the key to use - * @param kdf_name the name of the key derivation function to use + * @param kdf the KDF to use */ - PK_Key_Agreement(const PK_Key_Agreement_Key& key, - const std::string& kdf_name); + PK_Key_Agreement(const PK_Key_Agreement_Key& key, KDF* kdf); + ~PK_Key_Agreement() { delete kdf; } private: PK_Key_Agreement(const PK_Key_Agreement_Key&); PK_Key_Agreement& operator=(const PK_Key_Agreement&); const PK_Key_Agreement_Key& key; - const std::string kdf_name; + KDF* kdf; }; /** |