diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/pk_pad/eme_raw/eme_raw.cpp | 34 | ||||
| -rw-r--r-- | src/lib/pk_pad/eme_raw/eme_raw.h | 31 | ||||
| -rw-r--r-- | src/lib/pk_pad/eme_raw/info.txt | 1 | ||||
| -rw-r--r-- | src/lib/pubkey/curve25519/curve25519.cpp | 7 | ||||
| -rw-r--r-- | src/lib/pubkey/dh/dh.cpp | 11 | ||||
| -rw-r--r-- | src/lib/pubkey/ecdh/ecdh.cpp | 26 | ||||
| -rw-r--r-- | src/lib/pubkey/elgamal/elgamal.cpp | 30 | ||||
| -rw-r--r-- | src/lib/pubkey/info.txt | 1 | ||||
| -rw-r--r-- | src/lib/pubkey/pk_ops.cpp | 80 | ||||
| -rw-r--r-- | src/lib/pubkey/pk_ops.h | 69 | ||||
| -rw-r--r-- | src/lib/pubkey/pubkey.cpp | 123 | ||||
| -rw-r--r-- | src/lib/pubkey/pubkey.h | 5 | ||||
| -rw-r--r-- | src/lib/pubkey/rsa/rsa.cpp | 20 |
13 files changed, 284 insertions, 154 deletions
diff --git a/src/lib/pk_pad/eme_raw/eme_raw.cpp b/src/lib/pk_pad/eme_raw/eme_raw.cpp new file mode 100644 index 000000000..9ae894c70 --- /dev/null +++ b/src/lib/pk_pad/eme_raw/eme_raw.cpp @@ -0,0 +1,34 @@ +/* +* (C) 2015 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include <botan/internal/pad_utils.h> +#include <botan/internal/bit_ops.h> +#include <botan/eme_raw.h> + +namespace Botan { + +BOTAN_REGISTER_EME_NAMED_NOARGS(EME_Raw, "Raw"); + +secure_vector<byte> EME_Raw::pad(const byte in[], size_t in_length, + size_t key_bits, + RandomNumberGenerator&) const + { + if(in_length > 0 && (8*(in_length - 1) + high_bit(in[0]) > key_bits)) + throw Invalid_Argument("EME_Raw: Input is too large"); + return secure_vector<byte>(in, in + in_length); + } + +secure_vector<byte> EME_Raw::unpad(const byte in[], size_t in_length, + size_t) const + { + return secure_vector<byte>(in, in + in_length); + } + +size_t EME_Raw::maximum_input_size(size_t keybits) const + { + return keybits / 8; + } +} diff --git a/src/lib/pk_pad/eme_raw/eme_raw.h b/src/lib/pk_pad/eme_raw/eme_raw.h new file mode 100644 index 000000000..903d9fc34 --- /dev/null +++ b/src/lib/pk_pad/eme_raw/eme_raw.h @@ -0,0 +1,31 @@ +/* +* (C) 2015 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#ifndef BOTAN_EME_RAW_H__ +#define BOTAN_EME_RAW_H__ + +#include <botan/eme.h> +#include <botan/kdf.h> +#include <botan/hash.h> + +namespace Botan { + +class BOTAN_DLL EME_Raw : public EME + { + public: + size_t maximum_input_size(size_t i) const; + + EME_Raw() {} + private: + secure_vector<byte> pad(const byte[], size_t, size_t, + RandomNumberGenerator&) const; + + secure_vector<byte> unpad(const byte[], size_t, size_t) const; + }; + +} + +#endif diff --git a/src/lib/pk_pad/eme_raw/info.txt b/src/lib/pk_pad/eme_raw/info.txt new file mode 100644 index 000000000..4c94824cf --- /dev/null +++ b/src/lib/pk_pad/eme_raw/info.txt @@ -0,0 +1 @@ +define EME_RAW 20150313 diff --git a/src/lib/pubkey/curve25519/curve25519.cpp b/src/lib/pubkey/curve25519/curve25519.cpp index 8fdd5b2c6..d6934748b 100644 --- a/src/lib/pubkey/curve25519/curve25519.cpp +++ b/src/lib/pubkey/curve25519/curve25519.cpp @@ -117,15 +117,16 @@ namespace { /** * Curve25519 operation */ -class Curve25519_KA_Operation : public PK_Ops::Key_Agreement +class Curve25519_KA_Operation : public PK_Ops::Key_Agreement_with_KDF { public: typedef Curve25519_PrivateKey Key_Type; - Curve25519_KA_Operation(const Curve25519_PrivateKey& key, const std::string&) : + Curve25519_KA_Operation(const Curve25519_PrivateKey& key, const std::string& kdf) : + PK_Ops::Key_Agreement_with_KDF(kdf), m_key(key) {} - secure_vector<byte> agree(const byte w[], size_t w_len) + secure_vector<byte> raw_agree(const byte w[], size_t w_len) { return m_key.agree(w, w_len); } diff --git a/src/lib/pubkey/dh/dh.cpp b/src/lib/pubkey/dh/dh.cpp index be411c5d8..57310efae 100644 --- a/src/lib/pubkey/dh/dh.cpp +++ b/src/lib/pubkey/dh/dh.cpp @@ -82,13 +82,13 @@ namespace { /** * DH operation */ -class DH_KA_Operation : public PK_Ops::Key_Agreement +class DH_KA_Operation : public PK_Ops::Key_Agreement_with_KDF { public: typedef DH_PrivateKey Key_Type; - DH_KA_Operation(const DH_PrivateKey& key, const std::string&); + DH_KA_Operation(const DH_PrivateKey& key, const std::string& kdf); - secure_vector<byte> agree(const byte w[], size_t w_len); + secure_vector<byte> raw_agree(const byte w[], size_t w_len); private: const BigInt& m_p; @@ -96,7 +96,8 @@ class DH_KA_Operation : public PK_Ops::Key_Agreement Blinder m_blinder; }; -DH_KA_Operation::DH_KA_Operation(const DH_PrivateKey& dh, const std::string&) : +DH_KA_Operation::DH_KA_Operation(const DH_PrivateKey& dh, const std::string& kdf) : + PK_Ops::Key_Agreement_with_KDF(kdf), m_p(dh.group_p()), m_powermod_x_p(dh.get_x(), m_p), m_blinder(m_p, @@ -105,7 +106,7 @@ DH_KA_Operation::DH_KA_Operation(const DH_PrivateKey& dh, const std::string&) : { } -secure_vector<byte> DH_KA_Operation::agree(const byte w[], size_t w_len) +secure_vector<byte> DH_KA_Operation::raw_agree(const byte w[], size_t w_len) { BigInt input = BigInt::decode(w, w_len); diff --git a/src/lib/pubkey/ecdh/ecdh.cpp b/src/lib/pubkey/ecdh/ecdh.cpp index 3b0502a36..61d3af816 100644 --- a/src/lib/pubkey/ecdh/ecdh.cpp +++ b/src/lib/pubkey/ecdh/ecdh.cpp @@ -17,38 +17,32 @@ namespace { /** * ECDH operation */ -class ECDH_KA_Operation : public PK_Ops::Key_Agreement +class ECDH_KA_Operation : public PK_Ops::Key_Agreement_with_KDF { public: typedef ECDH_PrivateKey Key_Type; - ECDH_KA_Operation(const ECDH_PrivateKey& key, const std::string&) : + ECDH_KA_Operation(const ECDH_PrivateKey& key, const std::string& kdf) : + PK_Ops::Key_Agreement_with_KDF(kdf), curve(key.domain().get_curve()), cofactor(key.domain().get_cofactor()) { l_times_priv = inverse_mod(cofactor, key.domain().get_order()) * key.private_value(); } - secure_vector<byte> agree(const byte w[], size_t w_len); + secure_vector<byte> raw_agree(const byte w[], size_t w_len) + { + PointGFp point = OS2ECP(w, w_len, curve); + PointGFp S = (cofactor * point) * l_times_priv; + BOTAN_ASSERT(S.on_the_curve(), "ECDH agreed value was on the curve"); + return BigInt::encode_1363(S.get_affine_x(), curve.get_p().bytes()); + } private: const CurveGFp& curve; const BigInt& cofactor; BigInt l_times_priv; }; -secure_vector<byte> ECDH_KA_Operation::agree(const byte w[], size_t w_len) - { - PointGFp point = OS2ECP(w, w_len, curve); - - PointGFp S = (cofactor * point) * l_times_priv; - - BOTAN_ASSERT(S.on_the_curve(), - "ECDH agreed value was on the curve"); - - return BigInt::encode_1363(S.get_affine_x(), - curve.get_p().bytes()); - } - } BOTAN_REGISTER_PK_KEY_AGREE_OP("ECDH", ECDH_KA_Operation); diff --git a/src/lib/pubkey/elgamal/elgamal.cpp b/src/lib/pubkey/elgamal/elgamal.cpp index aacf8ec32..2a4de7196 100644 --- a/src/lib/pubkey/elgamal/elgamal.cpp +++ b/src/lib/pubkey/elgamal/elgamal.cpp @@ -73,17 +73,17 @@ namespace { /** * ElGamal encryption operation */ -class ElGamal_Encryption_Operation : public PK_Ops::Encryption +class ElGamal_Encryption_Operation : public PK_Ops::Encryption_with_EME { public: typedef ElGamal_PublicKey Key_Type; - size_t max_input_bits() const { return mod_p.get_modulus().bits() - 1; } + size_t max_raw_input_bits() const override { return mod_p.get_modulus().bits() - 1; } - ElGamal_Encryption_Operation(const ElGamal_PublicKey& key, const std::string&); + ElGamal_Encryption_Operation(const ElGamal_PublicKey& key, const std::string& eme); - secure_vector<byte> encrypt(const byte msg[], size_t msg_len, - RandomNumberGenerator& rng); + secure_vector<byte> raw_encrypt(const byte msg[], size_t msg_len, + RandomNumberGenerator& rng) override; private: Fixed_Base_Power_Mod powermod_g_p, powermod_y_p; @@ -91,7 +91,8 @@ class ElGamal_Encryption_Operation : public PK_Ops::Encryption }; ElGamal_Encryption_Operation::ElGamal_Encryption_Operation(const ElGamal_PublicKey& key, - const std::string&) + const std::string& eme) : + PK_Ops::Encryption_with_EME(eme) { const BigInt& p = key.group_p(); @@ -101,8 +102,8 @@ ElGamal_Encryption_Operation::ElGamal_Encryption_Operation(const ElGamal_PublicK } secure_vector<byte> -ElGamal_Encryption_Operation::encrypt(const byte msg[], size_t msg_len, - RandomNumberGenerator& rng) +ElGamal_Encryption_Operation::raw_encrypt(const byte msg[], size_t msg_len, + RandomNumberGenerator& rng) { const BigInt& p = mod_p.get_modulus(); @@ -125,16 +126,16 @@ ElGamal_Encryption_Operation::encrypt(const byte msg[], size_t msg_len, /** * ElGamal decryption operation */ -class ElGamal_Decryption_Operation : public PK_Ops::Decryption +class ElGamal_Decryption_Operation : public PK_Ops::Decryption_with_EME { public: typedef ElGamal_PrivateKey Key_Type; - size_t max_input_bits() const { return mod_p.get_modulus().bits() - 1; } + size_t max_raw_input_bits() const { return mod_p.get_modulus().bits() - 1; } - ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key, const std::string& emsa); + ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key, const std::string& eme); - secure_vector<byte> decrypt(const byte msg[], size_t msg_len); + secure_vector<byte> raw_decrypt(const byte msg[], size_t msg_len) override; private: Fixed_Exponent_Power_Mod powermod_x_p; Modular_Reducer mod_p; @@ -142,7 +143,8 @@ class ElGamal_Decryption_Operation : public PK_Ops::Decryption }; ElGamal_Decryption_Operation::ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key, - const std::string&) + const std::string& eme) : + PK_Ops::Decryption_with_EME(eme) { const BigInt& p = key.group_p(); @@ -155,7 +157,7 @@ ElGamal_Decryption_Operation::ElGamal_Decryption_Operation(const ElGamal_Private } secure_vector<byte> -ElGamal_Decryption_Operation::decrypt(const byte msg[], size_t msg_len) +ElGamal_Decryption_Operation::raw_decrypt(const byte msg[], size_t msg_len) { const BigInt& p = mod_p.get_modulus(); diff --git a/src/lib/pubkey/info.txt b/src/lib/pubkey/info.txt index 655fcaae3..4bb6288f9 100644 --- a/src/lib/pubkey/info.txt +++ b/src/lib/pubkey/info.txt @@ -4,6 +4,7 @@ define PUBLIC_KEY_CRYPTO 20131128 blinding.cpp pk_algs.cpp pk_keys.cpp +pk_ops.cpp pkcs8.cpp pubkey.cpp workfactor.cpp diff --git a/src/lib/pubkey/pk_ops.cpp b/src/lib/pubkey/pk_ops.cpp new file mode 100644 index 000000000..718cd3998 --- /dev/null +++ b/src/lib/pubkey/pk_ops.cpp @@ -0,0 +1,80 @@ +/* +* PK Operation Types +* (C) 2010,2015 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include <botan/pk_ops.h> +#include <botan/eme.h> +#include <botan/kdf.h> +#include <botan/emsa.h> +#include <botan/internal/bit_ops.h> + +namespace Botan { + +PK_Ops::Encryption_with_EME::Encryption_with_EME(const std::string& eme) + { + m_eme.reset(get_eme(eme)); + if(!m_eme.get()) + throw std::runtime_error("EME " + eme + " not found"); + } + +PK_Ops::Encryption_with_EME::~Encryption_with_EME() {} + +size_t PK_Ops::Encryption_with_EME::max_input_bits() const + { + return m_eme->maximum_input_size(max_raw_input_bits()); + } + +secure_vector<byte> PK_Ops::Encryption_with_EME::encrypt(const byte msg[], size_t msg_len, + RandomNumberGenerator& rng) + { + const size_t max_raw = max_raw_input_bits(); + + const std::vector<byte> encoded = unlock(m_eme->encode(msg, msg_len, max_raw, rng)); + + if(8*(encoded.size() - 1) + high_bit(encoded[0]) > max_raw) + throw std::runtime_error("Input is too large to encrypt with this key"); + + return raw_encrypt(&encoded[0], encoded.size(), rng); + } + +PK_Ops::Decryption_with_EME::Decryption_with_EME(const std::string& eme) + { + m_eme.reset(get_eme(eme)); + if(!m_eme.get()) + throw std::runtime_error("EME " + eme + " not found"); + } + +PK_Ops::Decryption_with_EME::~Decryption_with_EME() {} + +size_t PK_Ops::Decryption_with_EME::max_input_bits() const + { + return m_eme->maximum_input_size(max_raw_input_bits()); + } + +secure_vector<byte> PK_Ops::Decryption_with_EME::decrypt(const byte msg[], size_t length) + { + return m_eme->decode(raw_decrypt(msg, length), max_raw_input_bits()); + } + +PK_Ops::Key_Agreement_with_KDF::Key_Agreement_with_KDF(const std::string& kdf) + { + if(kdf != "Raw") + m_kdf.reset(get_kdf(kdf)); + } + +PK_Ops::Key_Agreement_with_KDF::~Key_Agreement_with_KDF() {} + +secure_vector<byte> PK_Ops::Key_Agreement_with_KDF::agree(size_t key_len, + const byte w[], size_t w_len, + const byte salt[], size_t salt_len) + { + secure_vector<byte> z = raw_agree(w, w_len); + if(m_kdf) + return m_kdf->derive_key(key_len, z, salt, salt_len); + return z; + } + +} diff --git a/src/lib/pubkey/pk_ops.h b/src/lib/pubkey/pk_ops.h index 7277c7ad5..754bcf82d 100644 --- a/src/lib/pubkey/pk_ops.h +++ b/src/lib/pubkey/pk_ops.h @@ -1,6 +1,6 @@ /* * PK Operation Types -* (C) 2010 Jack Lloyd +* (C) 2010,2015 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -14,6 +14,10 @@ namespace Botan { +class EME; +class KDF; +class EMSA; + namespace PK_Ops { template<typename Key> @@ -49,6 +53,25 @@ class BOTAN_DLL Encryption virtual ~Encryption() {} }; +class BOTAN_DLL Encryption_with_EME : public Encryption + { + public: + size_t max_input_bits() const override; + + secure_vector<byte> encrypt(const byte msg[], size_t msg_len, + RandomNumberGenerator& rng) override; + + ~Encryption_with_EME(); + protected: + Encryption_with_EME(const std::string& eme); + private: + virtual size_t max_raw_input_bits() const = 0; + + virtual secure_vector<byte> raw_encrypt(const byte msg[], size_t len, + RandomNumberGenerator& rng) = 0; + std::unique_ptr<EME> m_eme; + }; + /** * Public key decryption interface */ @@ -64,6 +87,23 @@ class BOTAN_DLL Decryption virtual ~Decryption() {} }; +class BOTAN_DLL Decryption_with_EME : public Decryption + { + public: + size_t max_input_bits() const override; + + secure_vector<byte> decrypt(const byte msg[], size_t msg_len) override; + + ~Decryption_with_EME(); + protected: + Decryption_with_EME(const std::string& eme); + private: + virtual size_t max_raw_input_bits() const = 0; + virtual secure_vector<byte> raw_decrypt(const byte msg[], size_t len) = 0; + std::unique_ptr<EME> m_eme; + }; + + /** * Public key signature creation interface */ @@ -165,24 +205,35 @@ class BOTAN_DLL Verification }; /** -* A generic key agreement Operation (eg DH or ECDH) +* A generic key agreement operation (eg DH or ECDH) */ class BOTAN_DLL Key_Agreement { public: - /* - * Perform a key agreement operation - * @param w the other key value - * @param w_len the length of w in bytes - * @returns the agreed key - */ - virtual secure_vector<byte> agree(const byte w[], size_t w_len) = 0; + virtual secure_vector<byte> agree(size_t key_len, + const byte other_key[], size_t other_key_len, + const byte salt[], size_t salt_len) = 0; typedef PK_Spec<Private_Key> Spec; virtual ~Key_Agreement() {} }; +class BOTAN_DLL Key_Agreement_with_KDF : public Key_Agreement + { + public: + secure_vector<byte> agree(size_t key_len, + const byte other_key[], size_t other_key_len, + const byte salt[], size_t salt_len) override; + + protected: + Key_Agreement_with_KDF(const std::string& kdf); + ~Key_Agreement_with_KDF(); + private: + virtual secure_vector<byte> raw_agree(const byte w[], size_t w_len) = 0; + std::unique_ptr<KDF> m_kdf; + }; + } } diff --git a/src/lib/pubkey/pubkey.cpp b/src/lib/pubkey/pubkey.cpp index cea065a66..a2bb44e5c 100644 --- a/src/lib/pubkey/pubkey.cpp +++ b/src/lib/pubkey/pubkey.cpp @@ -1,6 +1,5 @@ /* -* Public Key Base -* (C) 1999-2010 Jack Lloyd +* (C) 1999-2010,2015 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -31,104 +30,66 @@ T* get_pk_op(const Key& key, const std::string& pad) } -/* -* PK_Encryptor_EME Constructor -*/ -PK_Encryptor_EME::PK_Encryptor_EME(const Public_Key& key, - const std::string& eme_name) +PK_Encryptor_EME::PK_Encryptor_EME(const Public_Key& key, const std::string& eme) { - m_op.reset(get_pk_op<PK_Ops::Encryption>(key, eme_name)); - + m_op.reset(get_pk_op<PK_Ops::Encryption>(key, eme)); if(!m_op) - throw Lookup_Error("Encryption with " + key.algo_name() + " not supported"); - - m_eme.reset(get_eme(eme_name)); + throw Lookup_Error("Encryption with " + key.algo_name() + "/" + eme + " not supported"); } -/* -* Encrypt a message -*/ std::vector<byte> -PK_Encryptor_EME::enc(const byte in[], - size_t length, - RandomNumberGenerator& rng) const +PK_Encryptor_EME::enc(const byte in[], size_t length, RandomNumberGenerator& rng) const { - if(m_eme) - { - secure_vector<byte> encoded = - m_eme->encode(in, length, m_op->max_input_bits(), rng); - - if(8*(encoded.size() - 1) + high_bit(encoded[0]) > m_op->max_input_bits()) - throw Invalid_Argument("PK_Encryptor_EME: Input is too large"); + return unlock(m_op->encrypt(in, length, rng)); + } - return unlock(m_op->encrypt(&encoded[0], encoded.size(), rng)); - } - else - { - if(8*(length - 1) + high_bit(in[0]) > m_op->max_input_bits()) - throw Invalid_Argument("PK_Encryptor_EME: Input is too large"); +size_t PK_Encryptor_EME::maximum_input_size() const + { + return m_op->max_input_bits() / 8; + } - return unlock(m_op->encrypt(&in[0], length, rng)); - } +PK_Decryptor_EME::PK_Decryptor_EME(const Private_Key& key, const std::string& eme) + { + m_op.reset(get_pk_op<PK_Ops::Decryption>(key, eme)); + if(!m_op) + throw Lookup_Error("Decryption with " + key.algo_name() + "/" + eme + " not supported"); } -/* -* Return the max size, in bytes, of a message -*/ -size_t PK_Encryptor_EME::maximum_input_size() const +secure_vector<byte> PK_Decryptor_EME::dec(const byte msg[], size_t length) const { - if(!m_eme) - return (m_op->max_input_bits() / 8); - else - return m_eme->maximum_input_size(m_op->max_input_bits()); + return m_op->decrypt(msg, length); } -/* -* PK_Decryptor_EME Constructor -*/ -PK_Decryptor_EME::PK_Decryptor_EME(const Private_Key& key, - const std::string& eme_name) +PK_Key_Agreement::PK_Key_Agreement(const Private_Key& key, const std::string& kdf_name) { - m_op.reset(get_pk_op<PK_Ops::Decryption>(key, eme_name)); - m_eme.reset(get_eme(eme_name)); + m_op.reset(get_pk_op<PK_Ops::Key_Agreement>(key, kdf_name)); } -/* -* Decrypt a message -*/ -secure_vector<byte> PK_Decryptor_EME::dec(const byte msg[], - size_t length) const +SymmetricKey PK_Key_Agreement::derive_key(size_t key_len, + const byte in[], size_t in_len, + const byte salt[], + size_t salt_len) const { - try { - const secure_vector<byte> decrypted = m_op->decrypt(msg, length); - if(m_eme) - return m_eme->decode(decrypted, m_op->max_input_bits()); - else - return decrypted; - } - catch(Invalid_Argument) - { - throw Decoding_Error("PK_Decryptor_EME: Input is invalid"); - } + return m_op->agree(key_len, in, in_len, salt, salt_len); } /* * PK_Signer Constructor */ PK_Signer::PK_Signer(const Private_Key& key, - const std::string& emsa_name, + const std::string& emsa, Signature_Format format, Fault_Protection prot) { - m_op.reset(get_pk_op<PK_Ops::Signature>(key, emsa_name)); + m_op.reset(get_pk_op<PK_Ops::Signature>(key, emsa)); if(prot == ENABLE_FAULT_PROTECTION) - m_verify_op.reset(get_pk_op<PK_Ops::Verification>(key, emsa_name)); + m_verify_op.reset(get_pk_op<PK_Ops::Verification>(key, emsa)); if(!m_op || (prot == ENABLE_FAULT_PROTECTION && !m_verify_op)) throw Lookup_Error("Signing with " + key.algo_name() + " not supported"); - m_emsa.reset(get_emsa(emsa_name)); + m_emsa.reset(get_emsa(emsa)); m_sig_format = format; } @@ -321,30 +282,4 @@ bool PK_Verifier::validate_signature(const secure_vector<byte>& msg, } } -/* -* PK_Key_Agreement Constructor -*/ -PK_Key_Agreement::PK_Key_Agreement(const Private_Key& key, - const std::string& kdf_name) - { - m_op.reset(get_pk_op<PK_Ops::Key_Agreement>(key, kdf_name)); - - if(!m_op) - throw Lookup_Error("Key agreement with " + key.algo_name() + " not supported"); - - m_kdf.reset(get_kdf(kdf_name)); - } - -SymmetricKey PK_Key_Agreement::derive_key(size_t key_len, const byte in[], - size_t in_len, const byte params[], - size_t params_len) const - { - secure_vector<byte> z = m_op->agree(in, in_len); - - if(!m_kdf) - return z; - - return m_kdf->derive_key(key_len, z, params, params_len); - } - } diff --git a/src/lib/pubkey/pubkey.h b/src/lib/pubkey/pubkey.h index 7341cb9c8..ffb00979d 100644 --- a/src/lib/pubkey/pubkey.h +++ b/src/lib/pubkey/pubkey.h @@ -79,7 +79,7 @@ class BOTAN_DLL PK_Encryptor private: virtual std::vector<byte> enc(const byte[], size_t, - RandomNumberGenerator&) const = 0; + RandomNumberGenerator&) const = 0; }; /** @@ -384,7 +384,6 @@ class BOTAN_DLL PK_Key_Agreement PK_Key_Agreement(const Private_Key& key, const std::string& kdf); private: std::unique_ptr<PK_Ops::Key_Agreement> m_op; - std::unique_ptr<KDF> m_kdf; }; /** @@ -407,7 +406,6 @@ class BOTAN_DLL PK_Encryptor_EME : public PK_Encryptor RandomNumberGenerator& rng) const; std::unique_ptr<PK_Ops::Encryption> m_op; - std::unique_ptr<EME> m_eme; }; /** @@ -427,7 +425,6 @@ class BOTAN_DLL PK_Decryptor_EME : public PK_Decryptor secure_vector<byte> dec(const byte[], size_t) const; std::unique_ptr<PK_Ops::Decryption> m_op; - std::unique_ptr<EME> m_eme; }; } diff --git a/src/lib/pubkey/rsa/rsa.cpp b/src/lib/pubkey/rsa/rsa.cpp index c371e20e0..464055cd7 100644 --- a/src/lib/pubkey/rsa/rsa.cpp +++ b/src/lib/pubkey/rsa/rsa.cpp @@ -138,20 +138,21 @@ class RSA_Signature_Operation : public PK_Ops::Signature, } }; -class RSA_Decryption_Operation : public PK_Ops::Decryption, +class RSA_Decryption_Operation : public PK_Ops::Decryption_with_EME, private RSA_Private_Operation { public: typedef RSA_PrivateKey Key_Type; - size_t max_input_bits() const override { return get_max_input_bits(); }; + size_t max_raw_input_bits() const override { return get_max_input_bits(); }; - RSA_Decryption_Operation(const RSA_PrivateKey& rsa, const std::string&) : + RSA_Decryption_Operation(const RSA_PrivateKey& rsa, const std::string& eme) : + PK_Ops::Decryption_with_EME(eme), RSA_Private_Operation(rsa) { } - secure_vector<byte> decrypt(const byte msg[], size_t msg_len) override + secure_vector<byte> raw_decrypt(const byte msg[], size_t msg_len) override { const BigInt m(msg, msg_len); const BigInt x = blinded_private_op(m); @@ -185,21 +186,22 @@ class RSA_Public_Operation Fixed_Exponent_Power_Mod powermod_e_n; }; -class RSA_Encryption_Operation : public PK_Ops::Encryption, +class RSA_Encryption_Operation : public PK_Ops::Encryption_with_EME, private RSA_Public_Operation { public: typedef RSA_PublicKey Key_Type; - RSA_Encryption_Operation(const RSA_PublicKey& rsa, const std::string&) : + RSA_Encryption_Operation(const RSA_PublicKey& rsa, const std::string& eme) : + PK_Ops::Encryption_with_EME(eme), RSA_Public_Operation(rsa) { } - size_t max_input_bits() const override { return get_max_input_bits(); }; + size_t max_raw_input_bits() const override { return get_max_input_bits(); }; - secure_vector<byte> encrypt(const byte msg[], size_t msg_len, - RandomNumberGenerator&) + secure_vector<byte> raw_encrypt(const byte msg[], size_t msg_len, + RandomNumberGenerator&) override { BigInt m(msg, msg_len); return BigInt::encode_1363(public_op(m), n.bytes()); |