diff options
Diffstat (limited to 'src/pubkey')
-rw-r--r-- | src/pubkey/dl_group/dl_group.cpp | 8 | ||||
-rw-r--r-- | src/pubkey/dsa/dsa.cpp | 20 | ||||
-rw-r--r-- | src/pubkey/nr/nr.cpp | 6 | ||||
-rw-r--r-- | src/pubkey/pkcs8.cpp | 56 | ||||
-rw-r--r-- | src/pubkey/pkcs8.h | 24 | ||||
-rw-r--r-- | src/pubkey/pubkey.cpp | 4 | ||||
-rw-r--r-- | src/pubkey/rsa/rsa.cpp | 6 | ||||
-rw-r--r-- | src/pubkey/rw/rw.cpp | 2 |
8 files changed, 85 insertions, 41 deletions
diff --git a/src/pubkey/dl_group/dl_group.cpp b/src/pubkey/dl_group/dl_group.cpp index d4e306ac3..cd75e5796 100644 --- a/src/pubkey/dl_group/dl_group.cpp +++ b/src/pubkey/dl_group/dl_group.cpp @@ -46,7 +46,7 @@ DL_Group::DL_Group(RandomNumberGenerator& rng, PrimeType type, u32bit pbits, u32bit qbits) { if(pbits < 512) - throw Invalid_Argument("DL_Group: prime size " + to_string(pbits) + + throw Invalid_Argument("DL_Group: prime size " + std::to_string(pbits) + " is too small"); if(type == Strong) @@ -238,7 +238,7 @@ SecureVector<byte> DL_Group::DER_encode(Format format) const .get_contents(); } - throw Invalid_Argument("Unknown DL_Group encoding " + to_string(format)); + throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format)); } /* @@ -254,7 +254,7 @@ std::string DL_Group::PEM_encode(Format format) const else if(format == ANSI_X9_42) return PEM_Code::encode(encoding, "X942 DH PARAMETERS"); else - throw Invalid_Argument("Unknown DL_Group encoding " + to_string(format)); + throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format)); } /* @@ -288,7 +288,7 @@ void DL_Group::BER_decode(DataSource& source, Format format) .discard_remaining(); } else - throw Invalid_Argument("Unknown DL_Group encoding " + to_string(format)); + throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format)); initialize(new_p, new_q, new_g); } diff --git a/src/pubkey/dsa/dsa.cpp b/src/pubkey/dsa/dsa.cpp index 7eefa5923..7a84bf313 100644 --- a/src/pubkey/dsa/dsa.cpp +++ b/src/pubkey/dsa/dsa.cpp @@ -8,7 +8,7 @@ #include <botan/dsa.h> #include <botan/numthry.h> #include <botan/keypair.h> - +#include <future> namespace Botan { /* @@ -89,8 +89,12 @@ DSA_Signature_Operation::sign(const byte msg[], u32bit msg_len, k.randomize(rng, q.bits()); while(k >= q); - r = mod_q.reduce(powermod_g_p(k)); - s = mod_q.multiply(inverse_mod(k, q), mul_add(x, r, i)); + auto future_r = std::async(std::launch::async, + [&]() { return mod_q.reduce(powermod_g_p(k)); }); + + s = inverse_mod(k, q); + r = future_r.get(); + s = mod_q.multiply(s, mul_add(x, r, i)); } SecureVector<byte> output(2*q.bytes()); @@ -124,8 +128,14 @@ bool DSA_Verification_Operation::verify(const byte msg[], u32bit msg_len, return false; s = inverse_mod(s, q); - s = mod_p.multiply(powermod_g_p(mod_q.multiply(s, i)), - powermod_y_p(mod_q.multiply(s, r))); + + auto future_s_i = std::async(std::launch::async, + [&]() { return powermod_g_p(mod_q.multiply(s, i)); }); + + BigInt s_r = powermod_y_p(mod_q.multiply(s, r)); + BigInt s_i = future_s_i.get(); + + s = mod_p.multiply(s_i, s_r); return (mod_q.reduce(s) == r); } diff --git a/src/pubkey/nr/nr.cpp b/src/pubkey/nr/nr.cpp index 3c5b71ad2..7eaa75581 100644 --- a/src/pubkey/nr/nr.cpp +++ b/src/pubkey/nr/nr.cpp @@ -8,6 +8,7 @@ #include <botan/nr.h> #include <botan/numthry.h> #include <botan/keypair.h> +#include <future> namespace Botan { @@ -132,7 +133,10 @@ NR_Verification_Operation::verify_mr(const byte msg[], u32bit msg_len) if(c.is_zero() || c >= q || d >= q) throw Invalid_Argument("NR verification: Invalid signature"); - BigInt i = mod_p.multiply(powermod_g_p(d), powermod_y_p(c)); + auto future_y_c = std::async(std::launch::async, powermod_y_p, c); + BigInt g_d = powermod_g_p(d); + + BigInt i = mod_p.multiply(g_d, future_y_c.get()); return BigInt::encode(mod_q.reduce(c - i)); } diff --git a/src/pubkey/pkcs8.cpp b/src/pubkey/pkcs8.cpp index 5eed776be..cc2ed8941 100644 --- a/src/pubkey/pkcs8.cpp +++ b/src/pubkey/pkcs8.cpp @@ -41,8 +41,10 @@ SecureVector<byte> PKCS8_extract(DataSource& source, /* * PEM decode and/or decrypt a private key */ -SecureVector<byte> PKCS8_decode(DataSource& source, const User_Interface& ui, - AlgorithmIdentifier& pk_alg_id) +SecureVector<byte> PKCS8_decode( + DataSource& source, + std::function<std::pair<bool,std::string> ()> get_passphrase, + AlgorithmIdentifier& pk_alg_id) { AlgorithmIdentifier pbe_alg_id; SecureVector<byte> key_data, key; @@ -89,16 +91,14 @@ SecureVector<byte> PKCS8_decode(DataSource& source, const User_Interface& ui, if(is_encrypted) { DataSource_Memory params(pbe_alg_id.parameters); - std::auto_ptr<PBE> pbe(get_pbe(pbe_alg_id.oid, params)); + std::unique_ptr<PBE> pbe(get_pbe(pbe_alg_id.oid, params)); - User_Interface::UI_Result result = User_Interface::OK; - const std::string passphrase = - ui.get_passphrase("PKCS #8 private key", source.id(), result); + std::pair<bool, std::string> pass = get_passphrase(); - if(result == User_Interface::CANCEL_ACTION) + if(pass.first == false) break; - pbe->set_key(passphrase); + pbe->set_key(pass.second); Pipe decryptor(pbe.release()); decryptor.process_msg(key_data, key_data.size()); @@ -162,7 +162,7 @@ SecureVector<byte> BER_encode(const Private_Key& key, { const std::string DEFAULT_PBE = "PBE-PKCS5v20(SHA-1,AES-256/CBC)"; - std::auto_ptr<PBE> pbe(get_pbe(((pbe_algo != "") ? pbe_algo : DEFAULT_PBE))); + std::unique_ptr<PBE> pbe(get_pbe(((pbe_algo != "") ? pbe_algo : DEFAULT_PBE))); pbe->new_params(rng); pbe->set_key(pass); @@ -200,10 +200,10 @@ std::string PEM_encode(const Private_Key& key, */ Private_Key* load_key(DataSource& source, RandomNumberGenerator& rng, - const User_Interface& ui) + std::function<std::pair<bool, std::string> ()> get_pass) { AlgorithmIdentifier alg_id; - SecureVector<byte> pkcs8_key = PKCS8_decode(source, ui, alg_id); + SecureVector<byte> pkcs8_key = PKCS8_decode(source, get_pass, alg_id); const std::string alg_name = OIDS::lookup(alg_id.oid); if(alg_name == "" || alg_name == alg_id.oid.as_string()) @@ -218,12 +218,38 @@ Private_Key* load_key(DataSource& source, */ Private_Key* load_key(const std::string& fsname, RandomNumberGenerator& rng, - const User_Interface& ui) + std::function<std::pair<bool, std::string> ()> get_pass) { DataSource_Stream source(fsname, true); - return PKCS8::load_key(source, rng, ui); + return PKCS8::load_key(source, rng, get_pass); } +namespace { + +class Single_Shot_Passphrase + { + public: + Single_Shot_Passphrase(const std::string& pass) : + passphrase(pass), first(true) {} + + std::pair<bool, std::string> operator()() + { + if(first) + { + first = false; + return std::make_pair(true, passphrase); + } + else + return std::make_pair(false, ""); + } + + private: + std::string passphrase; + bool first; + }; + +} + /* * Extract a private key and return it */ @@ -231,7 +257,7 @@ Private_Key* load_key(DataSource& source, RandomNumberGenerator& rng, const std::string& pass) { - return PKCS8::load_key(source, rng, User_Interface(pass)); + return PKCS8::load_key(source, rng, Single_Shot_Passphrase(pass)); } /* @@ -241,7 +267,7 @@ Private_Key* load_key(const std::string& fsname, RandomNumberGenerator& rng, const std::string& pass) { - return PKCS8::load_key(fsname, rng, User_Interface(pass)); + return PKCS8::load_key(fsname, rng, Single_Shot_Passphrase(pass)); } /* diff --git a/src/pubkey/pkcs8.h b/src/pubkey/pkcs8.h index 376429d5b..93f2f92c6 100644 --- a/src/pubkey/pkcs8.h +++ b/src/pubkey/pkcs8.h @@ -9,7 +9,7 @@ #define BOTAN_PKCS8_H__ #include <botan/x509_key.h> -#include <botan/ui.h> +#include <functional> namespace Botan { @@ -121,18 +121,19 @@ inline void encrypt_key(const Private_Key& key, * Load a key from a data source. * @param source the data source providing the encoded key * @param rng the rng to use -* @param ui the user interface to be used for passphrase dialog +* @param get_passphrase a function that returns passphrases * @return loaded private key object */ -BOTAN_DLL Private_Key* load_key(DataSource& source, - RandomNumberGenerator& rng, - const User_Interface& ui); +BOTAN_DLL Private_Key* load_key( + DataSource& source, + RandomNumberGenerator& rng, + std::function<std::pair<bool, std::string> ()> get_passphrase); /** Load a key from a data source. * @param source the data source providing the encoded key * @param rng the rng to use * @param pass the passphrase to decrypt the key. Provide an empty -* string if the key is not encoded. +* string if the key is not encrypted * @return loaded private key object */ BOTAN_DLL Private_Key* load_key(DataSource& source, @@ -143,18 +144,19 @@ BOTAN_DLL Private_Key* load_key(DataSource& source, * Load a key from a file. * @param filename the path to the file containing the encoded key * @param rng the rng to use -* @param ui the user interface to be used for passphrase dialog +* @param get_passphrase a function that returns passphrases * @return loaded private key object */ -BOTAN_DLL Private_Key* load_key(const std::string& filename, - RandomNumberGenerator& rng, - const User_Interface& ui); +BOTAN_DLL Private_Key* load_key( + const std::string& filename, + RandomNumberGenerator& rng, + std::function<std::pair<bool, std::string> ()> get_passphrase); /** Load a key from a file. * @param filename the path to the file containing the encoded key * @param rng the rng to use * @param pass the passphrase to decrypt the key. Provide an empty -* string if the key is not encoded. +* string if the key is not encrypted * @return loaded private key object */ BOTAN_DLL Private_Key* load_key(const std::string& filename, diff --git a/src/pubkey/pubkey.cpp b/src/pubkey/pubkey.cpp index c8ffccf53..0bc6900d7 100644 --- a/src/pubkey/pubkey.cpp +++ b/src/pubkey/pubkey.cpp @@ -227,7 +227,7 @@ SecureVector<byte> PK_Signer::signature(RandomNumberGenerator& rng) } else throw Encoding_Error("PK_Signer: Unknown signature format " + - to_string(sig_format)); + std::to_string(sig_format)); } /* @@ -314,7 +314,7 @@ bool PK_Verifier::check_signature(const byte sig[], u32bit length) } else throw Decoding_Error("PK_Verifier: Unknown signature format " + - to_string(sig_format)); + std::to_string(sig_format)); } catch(Invalid_Argument) { return false; } } diff --git a/src/pubkey/rsa/rsa.cpp b/src/pubkey/rsa/rsa.cpp index 133164c31..4a673e2b4 100644 --- a/src/pubkey/rsa/rsa.cpp +++ b/src/pubkey/rsa/rsa.cpp @@ -10,6 +10,7 @@ #include <botan/parsing.h> #include <botan/numthry.h> #include <botan/keypair.h> +#include <future> namespace Botan { @@ -21,7 +22,7 @@ RSA_PrivateKey::RSA_PrivateKey(RandomNumberGenerator& rng, { if(bits < 512) throw Invalid_Argument(algo_name() + ": Can't make a key that is only " + - to_string(bits) + " bits long"); + std::to_string(bits) + " bits long"); if(exp < 3 || exp % 2 == 0) throw Invalid_Argument(algo_name() + ": Invalid encryption exponent"); @@ -76,8 +77,9 @@ BigInt RSA_Private_Operation::private_op(const BigInt& m) const if(m >= n) throw Invalid_Argument("RSA private op - input is too large"); - BigInt j1 = powermod_d1_p(m); + auto future_j1 = std::async(std::launch::async, powermod_d1_p, m); BigInt j2 = powermod_d2_q(m); + BigInt j1 = future_j1.get(); j1 = mod_p.reduce(sub_mul(j1, j2, c)); diff --git a/src/pubkey/rw/rw.cpp b/src/pubkey/rw/rw.cpp index 91cebc5a8..18ef9a399 100644 --- a/src/pubkey/rw/rw.cpp +++ b/src/pubkey/rw/rw.cpp @@ -21,7 +21,7 @@ RW_PrivateKey::RW_PrivateKey(RandomNumberGenerator& rng, { if(bits < 512) throw Invalid_Argument(algo_name() + ": Can't make a key that is only " + - to_string(bits) + " bits long"); + std::to_string(bits) + " bits long"); if(exp < 2 || exp % 2 == 1) throw Invalid_Argument(algo_name() + ": Invalid encryption exponent"); |