aboutsummaryrefslogtreecommitdiffstats
path: root/src/pubkey
diff options
context:
space:
mode:
Diffstat (limited to 'src/pubkey')
-rw-r--r--src/pubkey/dl_group/dl_group.cpp8
-rw-r--r--src/pubkey/dsa/dsa.cpp20
-rw-r--r--src/pubkey/nr/nr.cpp6
-rw-r--r--src/pubkey/pkcs8.cpp56
-rw-r--r--src/pubkey/pkcs8.h24
-rw-r--r--src/pubkey/pubkey.cpp4
-rw-r--r--src/pubkey/rsa/rsa.cpp6
-rw-r--r--src/pubkey/rw/rw.cpp2
8 files changed, 85 insertions, 41 deletions
diff --git a/src/pubkey/dl_group/dl_group.cpp b/src/pubkey/dl_group/dl_group.cpp
index 7f0160b6b..3904841ba 100644
--- a/src/pubkey/dl_group/dl_group.cpp
+++ b/src/pubkey/dl_group/dl_group.cpp
@@ -47,7 +47,7 @@ DL_Group::DL_Group(RandomNumberGenerator& rng,
PrimeType type, size_t pbits, size_t qbits)
{
if(pbits < 512)
- throw Invalid_Argument("DL_Group: prime size " + to_string(pbits) +
+ throw Invalid_Argument("DL_Group: prime size " + std::to_string(pbits) +
" is too small");
if(type == Strong)
@@ -239,7 +239,7 @@ SecureVector<byte> DL_Group::DER_encode(Format format) const
.get_contents();
}
- throw Invalid_Argument("Unknown DL_Group encoding " + to_string(format));
+ throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format));
}
/*
@@ -255,7 +255,7 @@ std::string DL_Group::PEM_encode(Format format) const
else if(format == ANSI_X9_42)
return PEM_Code::encode(encoding, "X942 DH PARAMETERS");
else
- throw Invalid_Argument("Unknown DL_Group encoding " + to_string(format));
+ throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format));
}
/*
@@ -289,7 +289,7 @@ void DL_Group::BER_decode(DataSource& source, Format format)
.discard_remaining();
}
else
- throw Invalid_Argument("Unknown DL_Group encoding " + to_string(format));
+ throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format));
initialize(new_p, new_q, new_g);
}
diff --git a/src/pubkey/dsa/dsa.cpp b/src/pubkey/dsa/dsa.cpp
index 5e511840f..c3b4f260b 100644
--- a/src/pubkey/dsa/dsa.cpp
+++ b/src/pubkey/dsa/dsa.cpp
@@ -8,7 +8,7 @@
#include <botan/dsa.h>
#include <botan/numthry.h>
#include <botan/keypair.h>
-
+#include <future>
namespace Botan {
/*
@@ -89,8 +89,12 @@ DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
k.randomize(rng, q.bits());
while(k >= q);
- r = mod_q.reduce(powermod_g_p(k));
- s = mod_q.multiply(inverse_mod(k, q), mul_add(x, r, i));
+ auto future_r = std::async(std::launch::async,
+ [&]() { return mod_q.reduce(powermod_g_p(k)); });
+
+ s = inverse_mod(k, q);
+ r = future_r.get();
+ s = mod_q.multiply(s, mul_add(x, r, i));
}
SecureVector<byte> output(2*q.bytes());
@@ -124,8 +128,14 @@ bool DSA_Verification_Operation::verify(const byte msg[], size_t msg_len,
return false;
s = inverse_mod(s, q);
- s = mod_p.multiply(powermod_g_p(mod_q.multiply(s, i)),
- powermod_y_p(mod_q.multiply(s, r)));
+
+ auto future_s_i = std::async(std::launch::async,
+ [&]() { return powermod_g_p(mod_q.multiply(s, i)); });
+
+ BigInt s_r = powermod_y_p(mod_q.multiply(s, r));
+ BigInt s_i = future_s_i.get();
+
+ s = mod_p.multiply(s_i, s_r);
return (mod_q.reduce(s) == r);
}
diff --git a/src/pubkey/nr/nr.cpp b/src/pubkey/nr/nr.cpp
index 61cf7eb3f..e1c5e51da 100644
--- a/src/pubkey/nr/nr.cpp
+++ b/src/pubkey/nr/nr.cpp
@@ -8,6 +8,7 @@
#include <botan/nr.h>
#include <botan/numthry.h>
#include <botan/keypair.h>
+#include <future>
namespace Botan {
@@ -132,7 +133,10 @@ NR_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
if(c.is_zero() || c >= q || d >= q)
throw Invalid_Argument("NR verification: Invalid signature");
- BigInt i = mod_p.multiply(powermod_g_p(d), powermod_y_p(c));
+ auto future_y_c = std::async(std::launch::async, powermod_y_p, c);
+ BigInt g_d = powermod_g_p(d);
+
+ BigInt i = mod_p.multiply(g_d, future_y_c.get());
return BigInt::encode(mod_q.reduce(c - i));
}
diff --git a/src/pubkey/pkcs8.cpp b/src/pubkey/pkcs8.cpp
index 16440b648..57bb5c1e2 100644
--- a/src/pubkey/pkcs8.cpp
+++ b/src/pubkey/pkcs8.cpp
@@ -41,8 +41,10 @@ SecureVector<byte> PKCS8_extract(DataSource& source,
/*
* PEM decode and/or decrypt a private key
*/
-SecureVector<byte> PKCS8_decode(DataSource& source, const User_Interface& ui,
- AlgorithmIdentifier& pk_alg_id)
+SecureVector<byte> PKCS8_decode(
+ DataSource& source,
+ std::function<std::pair<bool,std::string> ()> get_passphrase,
+ AlgorithmIdentifier& pk_alg_id)
{
AlgorithmIdentifier pbe_alg_id;
SecureVector<byte> key_data, key;
@@ -89,16 +91,14 @@ SecureVector<byte> PKCS8_decode(DataSource& source, const User_Interface& ui,
if(is_encrypted)
{
DataSource_Memory params(pbe_alg_id.parameters);
- std::auto_ptr<PBE> pbe(get_pbe(pbe_alg_id.oid, params));
+ std::unique_ptr<PBE> pbe(get_pbe(pbe_alg_id.oid, params));
- User_Interface::UI_Result result = User_Interface::OK;
- const std::string passphrase =
- ui.get_passphrase("PKCS #8 private key", source.id(), result);
+ std::pair<bool, std::string> pass = get_passphrase();
- if(result == User_Interface::CANCEL_ACTION)
+ if(pass.first == false)
break;
- pbe->set_key(passphrase);
+ pbe->set_key(pass.second);
Pipe decryptor(pbe.release());
decryptor.process_msg(key_data);
@@ -162,7 +162,7 @@ SecureVector<byte> BER_encode(const Private_Key& key,
{
const std::string DEFAULT_PBE = "PBE-PKCS5v20(SHA-1,AES-256/CBC)";
- std::auto_ptr<PBE> pbe(get_pbe(((pbe_algo != "") ? pbe_algo : DEFAULT_PBE)));
+ std::unique_ptr<PBE> pbe(get_pbe(((pbe_algo != "") ? pbe_algo : DEFAULT_PBE)));
pbe->new_params(rng);
pbe->set_key(pass);
@@ -200,10 +200,10 @@ std::string PEM_encode(const Private_Key& key,
*/
Private_Key* load_key(DataSource& source,
RandomNumberGenerator& rng,
- const User_Interface& ui)
+ std::function<std::pair<bool, std::string> ()> get_pass)
{
AlgorithmIdentifier alg_id;
- SecureVector<byte> pkcs8_key = PKCS8_decode(source, ui, alg_id);
+ SecureVector<byte> pkcs8_key = PKCS8_decode(source, get_pass, alg_id);
const std::string alg_name = OIDS::lookup(alg_id.oid);
if(alg_name == "" || alg_name == alg_id.oid.as_string())
@@ -218,12 +218,38 @@ Private_Key* load_key(DataSource& source,
*/
Private_Key* load_key(const std::string& fsname,
RandomNumberGenerator& rng,
- const User_Interface& ui)
+ std::function<std::pair<bool, std::string> ()> get_pass)
{
DataSource_Stream source(fsname, true);
- return PKCS8::load_key(source, rng, ui);
+ return PKCS8::load_key(source, rng, get_pass);
}
+namespace {
+
+class Single_Shot_Passphrase
+ {
+ public:
+ Single_Shot_Passphrase(const std::string& pass) :
+ passphrase(pass), first(true) {}
+
+ std::pair<bool, std::string> operator()()
+ {
+ if(first)
+ {
+ first = false;
+ return std::make_pair(true, passphrase);
+ }
+ else
+ return std::make_pair(false, "");
+ }
+
+ private:
+ std::string passphrase;
+ bool first;
+ };
+
+}
+
/*
* Extract a private key and return it
*/
@@ -231,7 +257,7 @@ Private_Key* load_key(DataSource& source,
RandomNumberGenerator& rng,
const std::string& pass)
{
- return PKCS8::load_key(source, rng, User_Interface(pass));
+ return PKCS8::load_key(source, rng, Single_Shot_Passphrase(pass));
}
/*
@@ -241,7 +267,7 @@ Private_Key* load_key(const std::string& fsname,
RandomNumberGenerator& rng,
const std::string& pass)
{
- return PKCS8::load_key(fsname, rng, User_Interface(pass));
+ return PKCS8::load_key(fsname, rng, Single_Shot_Passphrase(pass));
}
/*
diff --git a/src/pubkey/pkcs8.h b/src/pubkey/pkcs8.h
index 00607b329..d573fb460 100644
--- a/src/pubkey/pkcs8.h
+++ b/src/pubkey/pkcs8.h
@@ -9,7 +9,7 @@
#define BOTAN_PKCS8_H__
#include <botan/x509_key.h>
-#include <botan/ui.h>
+#include <functional>
namespace Botan {
@@ -123,18 +123,19 @@ inline void encrypt_key(const Private_Key& key,
* Load a key from a data source.
* @param source the data source providing the encoded key
* @param rng the rng to use
-* @param ui the user interface to be used for passphrase dialog
+* @param get_passphrase a function that returns passphrases
* @return loaded private key object
*/
-BOTAN_DLL Private_Key* load_key(DataSource& source,
- RandomNumberGenerator& rng,
- const User_Interface& ui);
+BOTAN_DLL Private_Key* load_key(
+ DataSource& source,
+ RandomNumberGenerator& rng,
+ std::function<std::pair<bool, std::string> ()> get_passphrase);
/** Load a key from a data source.
* @param source the data source providing the encoded key
* @param rng the rng to use
* @param pass the passphrase to decrypt the key. Provide an empty
-* string if the key is not encoded.
+* string if the key is not encrypted
* @return loaded private key object
*/
BOTAN_DLL Private_Key* load_key(DataSource& source,
@@ -145,18 +146,19 @@ BOTAN_DLL Private_Key* load_key(DataSource& source,
* Load a key from a file.
* @param filename the path to the file containing the encoded key
* @param rng the rng to use
-* @param ui the user interface to be used for passphrase dialog
+* @param get_passphrase a function that returns passphrases
* @return loaded private key object
*/
-BOTAN_DLL Private_Key* load_key(const std::string& filename,
- RandomNumberGenerator& rng,
- const User_Interface& ui);
+BOTAN_DLL Private_Key* load_key(
+ const std::string& filename,
+ RandomNumberGenerator& rng,
+ std::function<std::pair<bool, std::string> ()> get_passphrase);
/** Load a key from a file.
* @param filename the path to the file containing the encoded key
* @param rng the rng to use
* @param pass the passphrase to decrypt the key. Provide an empty
-* string if the key is not encoded.
+* string if the key is not encrypted
* @return loaded private key object
*/
BOTAN_DLL Private_Key* load_key(const std::string& filename,
diff --git a/src/pubkey/pubkey.cpp b/src/pubkey/pubkey.cpp
index 6e63f9fc9..d0b74071c 100644
--- a/src/pubkey/pubkey.cpp
+++ b/src/pubkey/pubkey.cpp
@@ -238,7 +238,7 @@ SecureVector<byte> PK_Signer::signature(RandomNumberGenerator& rng)
}
else
throw Encoding_Error("PK_Signer: Unknown signature format " +
- to_string(sig_format));
+ std::to_string(sig_format));
}
/*
@@ -324,7 +324,7 @@ bool PK_Verifier::check_signature(const byte sig[], size_t length)
}
else
throw Decoding_Error("PK_Verifier: Unknown signature format " +
- to_string(sig_format));
+ std::to_string(sig_format));
}
catch(Invalid_Argument) { return false; }
}
diff --git a/src/pubkey/rsa/rsa.cpp b/src/pubkey/rsa/rsa.cpp
index 40c3968af..2da366699 100644
--- a/src/pubkey/rsa/rsa.cpp
+++ b/src/pubkey/rsa/rsa.cpp
@@ -11,6 +11,7 @@
#include <botan/numthry.h>
#include <botan/keypair.h>
#include <botan/internal/assert.h>
+#include <future>
namespace Botan {
@@ -22,7 +23,7 @@ RSA_PrivateKey::RSA_PrivateKey(RandomNumberGenerator& rng,
{
if(bits < 512)
throw Invalid_Argument(algo_name() + ": Can't make a key that is only " +
- to_string(bits) + " bits long");
+ std::to_string(bits) + " bits long");
if(exp < 3 || exp % 2 == 0)
throw Invalid_Argument(algo_name() + ": Invalid encryption exponent");
@@ -78,8 +79,9 @@ BigInt RSA_Private_Operation::private_op(const BigInt& m) const
if(m >= n)
throw Invalid_Argument("RSA private op - input is too large");
- BigInt j1 = powermod_d1_p(m);
+ auto future_j1 = std::async(std::launch::async, powermod_d1_p, m);
BigInt j2 = powermod_d2_q(m);
+ BigInt j1 = future_j1.get();
j1 = mod_p.reduce(sub_mul(j1, j2, c));
diff --git a/src/pubkey/rw/rw.cpp b/src/pubkey/rw/rw.cpp
index 5f58d8e88..dab84b59f 100644
--- a/src/pubkey/rw/rw.cpp
+++ b/src/pubkey/rw/rw.cpp
@@ -21,7 +21,7 @@ RW_PrivateKey::RW_PrivateKey(RandomNumberGenerator& rng,
{
if(bits < 512)
throw Invalid_Argument(algo_name() + ": Can't make a key that is only " +
- to_string(bits) + " bits long");
+ std::to_string(bits) + " bits long");
if(exp < 2 || exp % 2 == 1)
throw Invalid_Argument(algo_name() + ": Invalid encryption exponent");