diff options
Diffstat (limited to 'src')
60 files changed, 798 insertions, 489 deletions
diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in index c6c4f9064..967e067e4 100644 --- a/src/build-data/buildh.in +++ b/src/build-data/buildh.in @@ -22,7 +22,7 @@ #define BOTAN_DISTRIBUTION_INFO "%{distribution_info}" -#define BOTAN_INSTALL_PREFIX "%{prefix}" +#define BOTAN_INSTALL_PREFIX R"(%{prefix})" #define BOTAN_INSTALL_HEADER_DIR "%{includedir}/botan-%{version_major}.%{version_minor}" #define BOTAN_INSTALL_LIB_DIR "%{libdir}" #define BOTAN_LIB_LINK "%{link_to}" diff --git a/src/build-data/cc/gcc.txt b/src/build-data/cc/gcc.txt index 649349256..79c9ba5f4 100644 --- a/src/build-data/cc/gcc.txt +++ b/src/build-data/cc/gcc.txt @@ -9,17 +9,21 @@ add_lib_option -l lang_flags "-std=c++11 -D_REENTRANT" maintainer_warning_flags "-Wold-style-cast -Werror -Wno-error=old-style-cast -Wno-error=zero-as-null-pointer-constant -Wno-error=unused-parameter -Wno-error=unused-variable -Wno-error=strict-overflow" -warning_flags "-Wall -Wextra -Wstrict-aliasing -Wstrict-overflow=5 -Wcast-align -Wmissing-declarations -Wpointer-arith -Wcast-qual -Wzero-as-null-pointer-constant" +warning_flags "-Wall -Wextra -Wstrict-aliasing -Wstrict-overflow=5 -Wcast-align -Wmissing-declarations -Wpointer-arith -Wcast-qual -Wzero-as-null-pointer-constant -Wnon-virtual-dtor" compile_flags "-c" debug_info_flags "-g" -optimization_flags "-O2" +optimization_flags "-O3" shared_flags "-fPIC" coverage_flags "--coverage" -#sanitizer_flags "-D_GLIBCXX_DEBUG -fsanitize=address -fsanitize=undefined" + +# GCC 4.8 sanitizer_flags "-D_GLIBCXX_DEBUG -fsanitize=address" +# GCC 4.9 and later +#sanitizer_flags "-D_GLIBCXX_DEBUG -fsanitize=address,undefined -fno-sanitize-recover=undefined" + visibility_build_flags "-fvisibility=hidden" visibility_attribute '__attribute__((visibility("default")))' diff --git a/src/cli/asn1.cpp b/src/cli/asn1.cpp index 8096f2d19..3af2be97d 100644 --- a/src/cli/asn1.cpp +++ b/src/cli/asn1.cpp @@ -147,6 +147,9 @@ std::string type_name(Botan::ASN1_Tag type) case Botan::BOOLEAN: return "BOOLEAN"; + + default: + return "TAG(" + std::to_string(static_cast<size_t>(type)) + ")"; } return "(UNKNOWN)"; @@ -376,7 +379,7 @@ class ASN1_Printer : public Command } }; -BOTAN_REGISTER_COMMAND(ASN1_Printer); +BOTAN_REGISTER_COMMAND("asn1print", ASN1_Printer); } diff --git a/src/cli/bench.cpp b/src/cli/bench.cpp index ba498d767..82d04b139 100644 --- a/src/cli/bench.cpp +++ b/src/cli/bench.cpp @@ -17,7 +17,6 @@ #include <botan/hash.h> #include <botan/mac.h> #include <botan/cipher_mode.h> -#include <botan/auto_rng.h> #if defined(BOTAN_HAS_PUBLIC_KEY_CRYPTO) #include <botan/pkcs8.h> @@ -51,7 +50,6 @@ #if defined(BOTAN_HAS_MCELIECE) #include <botan/mceliece.h> - #include <botan/mce_kem.h> #endif namespace Botan_CLI { @@ -340,9 +338,6 @@ class Benchmark : public Command private: - Botan::AutoSeeded_RNG m_rng; - Botan::RandomNumberGenerator& rng() { return m_rng; } - template<typename T> using bench_fn = std::function<void (T&, std::string, @@ -752,6 +747,6 @@ class Benchmark : public Command }; -BOTAN_REGISTER_COMMAND(Benchmark); +BOTAN_REGISTER_COMMAND("bench", Benchmark); } diff --git a/src/cli/cc_enc.cpp b/src/cli/cc_enc.cpp index 35932b487..2e2f9c12a 100644 --- a/src/cli/cc_enc.cpp +++ b/src/cli/cc_enc.cpp @@ -128,7 +128,7 @@ class CC_Encrypt : public Command } }; -BOTAN_REGISTER_COMMAND(CC_Encrypt); +BOTAN_REGISTER_COMMAND("cc_encrypt", CC_Encrypt); class CC_Decrypt : public Command { @@ -154,7 +154,7 @@ class CC_Decrypt : public Command } }; -BOTAN_REGISTER_COMMAND(CC_Decrypt); +BOTAN_REGISTER_COMMAND("cc_decrypt", CC_Decrypt); } diff --git a/src/cli/cli.h b/src/cli/cli.h index 017966eca..49167b2ad 100644 --- a/src/cli/cli.h +++ b/src/cli/cli.h @@ -10,6 +10,11 @@ #include <botan/build.h> #include <botan/parsing.h> #include <botan/rng.h> +#include <botan/auto_rng.h> + +#if defined(BOTAN_HAS_SYSTEM_RNG) + #include <botan/system_rng.h> +#endif #include <fstream> #include <iostream> @@ -106,6 +111,7 @@ class Command // for checking all spec strings at load time //parse_spec(); } + virtual ~Command() = default; int run(const std::vector<std::string>& params) { @@ -195,7 +201,7 @@ class Command if(flag_set("help")) { output() << help_text() << "\n"; - return 1; + return 2; } if(m_user_args.count("output")) @@ -308,6 +314,7 @@ class Command m_spec_flags.insert("help"); m_spec_opts.insert(std::make_pair("output", "")); m_spec_opts.insert(std::make_pair("error-output", "")); + m_spec_opts.insert(std::make_pair("rng-type", "auto")); } /* @@ -371,7 +378,7 @@ class Command { return static_cast<size_t>(std::stoul(s)); } - catch(std::exception& e) + catch(std::exception&) { throw CLI_Usage_Error("Invalid integer value '" + s + "' for option " + opt_name); } @@ -420,6 +427,8 @@ class Command else { std::ifstream in(input_file, std::ios::binary); + if(!in) + throw CLI_IO_Error("reading file", input_file); do_read_file(in, consumer_fn, buf_size); } } @@ -444,6 +453,36 @@ class Command output().write(reinterpret_cast<const char*>(vec.data()), vec.size()); } + Botan::RandomNumberGenerator& rng() + { + if(m_rng == nullptr) + { + const std::string rng_type = get_arg("rng-type"); + + if(rng_type == "system") + { +#if defined(BOTAN_HAS_SYSTEM_RNG) + m_rng.reset(new Botan::System_RNG); +#endif + } + + // TODO --rng-type=drbg + // TODO --drbg-seed=hexstr + + if(rng_type == "auto") + { + m_rng.reset(new Botan::AutoSeeded_RNG); + } + + if(!m_rng) + { + throw CLI_Error_Unsupported("rng", rng_type); + } + } + + return *m_rng.get(); + } + private: // set in constructor std::string m_spec; @@ -462,34 +501,38 @@ class Command std::unique_ptr<std::ofstream> m_output_stream; std::unique_ptr<std::ofstream> m_error_output_stream; + std::unique_ptr<Botan::RandomNumberGenerator> m_rng; public: // the registry interface: - static std::map<std::string, std::unique_ptr<Command>>& global_registry() + typedef std::function<Command* ()> cmd_maker_fn; + + static std::map<std::string, cmd_maker_fn>& global_registry() { - static std::map<std::string, std::unique_ptr<Command>> g_cmds; + static std::map<std::string, cmd_maker_fn> g_cmds; return g_cmds; } - static Command* get_cmd(const std::string& name) + static std::unique_ptr<Command> get_cmd(const std::string& name) { auto& reg = Command::global_registry(); + + std::unique_ptr<Command> r; auto i = reg.find(name); - if(i == reg.end()) + if(i != reg.end()) { - return nullptr; + r.reset(i->second()); } - return i->second.get(); + return r; } class Registration { public: - Registration(Command* cmd) + Registration(const std::string& name, cmd_maker_fn maker_fn) { - const std::string name = cmd->cmd_name(); auto& reg = Command::global_registry(); if(reg.count(name) > 0) @@ -497,14 +540,14 @@ class Command throw CLI_Error("Duplicated registration of command " + name); } - Command::global_registry().insert( - std::make_pair(name, std::unique_ptr<Command>(cmd))); + Command::global_registry().insert(std::make_pair(name, maker_fn)); } }; }; -#define BOTAN_REGISTER_COMMAND(CLI_Class) \ - namespace { Botan_CLI::Command::Registration reg_cmd_ ## CLI_Class(new CLI_Class); } +#define BOTAN_REGISTER_COMMAND(name, CLI_Class) \ + namespace { Botan_CLI::Command::Registration \ + reg_cmd_ ## CLI_Class(name, []() -> Botan_CLI::Command* { return new CLI_Class; }); } } diff --git a/src/cli/compress.cpp b/src/cli/compress.cpp index 5d32267ce..1b7d67e57 100644 --- a/src/cli/compress.cpp +++ b/src/cli/compress.cpp @@ -101,7 +101,7 @@ class Compress : public Command } }; -BOTAN_REGISTER_COMMAND(Compress); +BOTAN_REGISTER_COMMAND("compress", Compress); class Decompress : public Command { @@ -149,6 +149,6 @@ class Decompress : public Command } }; -BOTAN_REGISTER_COMMAND(Decompress); +BOTAN_REGISTER_COMMAND("decompress", Decompress); } diff --git a/src/cli/main.cpp b/src/cli/main.cpp index f054e6005..f6bbcc30e 100644 --- a/src/cli/main.cpp +++ b/src/cli/main.cpp @@ -40,13 +40,13 @@ int main(int argc, char* argv[]) const std::string cmd_name = (argc <= 1) ? "help" : argv[1]; - if(cmd_name == "help" || cmd_name == "--help") + if(cmd_name == "help" || cmd_name == "--help" || cmd_name == "-h") { std::cout << main_help(); return 1; } - Botan_CLI::Command* cmd = Botan_CLI::Command::get_cmd(cmd_name); + std::unique_ptr<Botan_CLI::Command> cmd(Botan_CLI::Command::get_cmd(cmd_name)); if(!cmd) { diff --git a/src/cli/math.cpp b/src/cli/math.cpp index c6f40e785..27f3660d1 100644 --- a/src/cli/math.cpp +++ b/src/cli/math.cpp @@ -10,7 +10,6 @@ #include <botan/reducer.h> #include <botan/numthry.h> -#include <botan/auto_rng.h> #include <iterator> namespace Botan_CLI { @@ -22,20 +21,18 @@ class Gen_Prime : public Command void go() override { - Botan::AutoSeeded_RNG rng; - const size_t bits = get_arg_sz("bits"); const size_t cnt = get_arg_sz("count"); for(size_t i = 0; i != cnt; ++i) { - const Botan::BigInt p = Botan::random_prime(rng, bits); + const Botan::BigInt p = Botan::random_prime(rng(), bits); output() << p << "\n"; } } }; -BOTAN_REGISTER_COMMAND(Gen_Prime); +BOTAN_REGISTER_COMMAND("gen_prime", Gen_Prime); class Is_Prime : public Command { @@ -46,14 +43,13 @@ class Is_Prime : public Command { Botan::BigInt n(get_arg("n")); const size_t prob = get_arg_sz("prob"); - Botan::AutoSeeded_RNG rng; - const bool prime = Botan::is_prime(n, rng, prob); + const bool prime = Botan::is_prime(n, rng(), prob); output() << n << " is " << (prime ? "probably prime" : "composite") << "\n"; } }; -BOTAN_REGISTER_COMMAND(Is_Prime); +BOTAN_REGISTER_COMMAND("is_prime", Is_Prime); /* * Factor integers using a combination of trial division by small @@ -68,9 +64,7 @@ class Factor : public Command { Botan::BigInt n(get_arg("n")); - Botan::AutoSeeded_RNG rng; - - std::vector<Botan::BigInt> factors = factorize(n, rng); + std::vector<Botan::BigInt> factors = factorize(n, rng()); std::sort(factors.begin(), factors.end()); output() << n << ": "; @@ -181,7 +175,7 @@ class Factor : public Command } }; -BOTAN_REGISTER_COMMAND(Factor); +BOTAN_REGISTER_COMMAND("factor", Factor); } diff --git a/src/cli/pubkey.cpp b/src/cli/pubkey.cpp index 2616f6065..93a36a9cc 100644 --- a/src/cli/pubkey.cpp +++ b/src/cli/pubkey.cpp @@ -9,7 +9,6 @@ #if defined(BOTAN_HAS_PUBLIC_KEY_CRYPTO) -#include <botan/auto_rng.h> #include <botan/base64.h> #include <botan/pk_keys.h> @@ -47,9 +46,9 @@ class PK_Keygen : public Command public: PK_Keygen() : Command("keygen --algo=RSA --params= --passphrase= --pbe= --pbe-millis=300 --der-out") {} - std::unique_ptr<Botan::Private_Key> do_keygen(const std::string& algo, - const std::string& params, - Botan::RandomNumberGenerator& rng) + static std::unique_ptr<Botan::Private_Key> do_keygen(const std::string& algo, + const std::string& params, + Botan::RandomNumberGenerator& rng) { typedef std::function<std::unique_ptr<Botan::Private_Key> (std::string)> gen_fn; std::map<std::string, gen_fn> generators; @@ -114,8 +113,7 @@ class PK_Keygen : public Command void go() override { - Botan::AutoSeeded_RNG rng; - std::unique_ptr<Botan::Private_Key> key(do_keygen(get_arg("algo"), get_arg("params"), rng)); + std::unique_ptr<Botan::Private_Key> key(do_keygen(get_arg("algo"), get_arg("params"), rng())); const std::string pass = get_arg("passphrase"); const bool der_out = flag_set("der-out"); @@ -131,7 +129,7 @@ class PK_Keygen : public Command } else { - write_output(Botan::PKCS8::BER_encode(*key, rng, pass, pbe_millis, pbe)); + write_output(Botan::PKCS8::BER_encode(*key, rng(), pass, pbe_millis, pbe)); } } else @@ -142,13 +140,13 @@ class PK_Keygen : public Command } else { - output() << Botan::PKCS8::PEM_encode(*key, rng, pass, pbe_millis, pbe); + output() << Botan::PKCS8::PEM_encode(*key, rng(), pass, pbe_millis, pbe); } } } }; -BOTAN_REGISTER_COMMAND(PK_Keygen); +BOTAN_REGISTER_COMMAND("keygen", PK_Keygen); namespace { @@ -173,10 +171,8 @@ class PK_Sign : public Command void go() override { - Botan::AutoSeeded_RNG rng; - std::unique_ptr<Botan::Private_Key> key(Botan::PKCS8::load_key(get_arg("key"), - rng, + rng(), get_arg("passphrase"))); if(!key) @@ -190,11 +186,11 @@ class PK_Sign : public Command this->read_file(get_arg("file"), [&signer](const uint8_t b[], size_t l) { signer.update(b, l); }); - output() << Botan::base64_encode(signer.signature(rng)) << "\n"; + output() << Botan::base64_encode(signer.signature(rng())) << "\n"; } }; -BOTAN_REGISTER_COMMAND(PK_Sign); +BOTAN_REGISTER_COMMAND("sign", PK_Sign); class PK_Verify : public Command { @@ -223,7 +219,7 @@ class PK_Verify : public Command } }; -BOTAN_REGISTER_COMMAND(PK_Verify); +BOTAN_REGISTER_COMMAND("verify", PK_Verify); #if defined(BOTAN_HAS_DL_GROUP) @@ -234,20 +230,18 @@ class Gen_DL_Group : public Command void go() override { - Botan::AutoSeeded_RNG rng; - const size_t pbits = get_arg_sz("pbits"); const std::string type = get_arg("type"); if(type == "strong") { - Botan::DL_Group grp(rng, Botan::DL_Group::Strong, pbits); + Botan::DL_Group grp(rng(), Botan::DL_Group::Strong, pbits); output() << grp.PEM_encode(Botan::DL_Group::ANSI_X9_42); } else if(type == "subgroup") { - Botan::DL_Group grp(rng, Botan::DL_Group::Prime_Subgroup, pbits, get_arg_sz("qbits")); + Botan::DL_Group grp(rng(), Botan::DL_Group::Prime_Subgroup, pbits, get_arg_sz("qbits")); output() << grp.PEM_encode(Botan::DL_Group::ANSI_X9_42); } else @@ -255,7 +249,7 @@ class Gen_DL_Group : public Command } }; -BOTAN_REGISTER_COMMAND(Gen_DL_Group); +BOTAN_REGISTER_COMMAND("gen_dl_group", Gen_DL_Group); #endif @@ -266,11 +260,9 @@ class PKCS8_Tool : public Command void go() override { - Botan::AutoSeeded_RNG rng; - std::unique_ptr<Botan::Private_Key> key( Botan::PKCS8::load_key(get_arg("key"), - rng, + rng(), get_arg("pass-in"))); const std::chrono::milliseconds pbe_millis(get_arg_sz("pbe-millis")); @@ -300,7 +292,7 @@ class PKCS8_Tool : public Command } else { - write_output(Botan::PKCS8::BER_encode(*key, rng, pass, pbe_millis, pbe)); + write_output(Botan::PKCS8::BER_encode(*key, rng(), pass, pbe_millis, pbe)); } } else @@ -311,14 +303,14 @@ class PKCS8_Tool : public Command } else { - output() << Botan::PKCS8::PEM_encode(*key, rng, pass, pbe_millis, pbe); + output() << Botan::PKCS8::PEM_encode(*key, rng(), pass, pbe_millis, pbe); } } } } }; -BOTAN_REGISTER_COMMAND(PKCS8_Tool); +BOTAN_REGISTER_COMMAND("pkcs8", PKCS8_Tool); } diff --git a/src/cli/tls_client.cpp b/src/cli/tls_client.cpp index 1f69473c1..bf1c3a57c 100644 --- a/src/cli/tls_client.cpp +++ b/src/cli/tls_client.cpp @@ -9,7 +9,6 @@ #if defined(BOTAN_HAS_TLS) && defined(BOTAN_TARGET_OS_HAS_SOCKETS) #include <botan/tls_client.h> -#include <botan/auto_rng.h> #include <botan/hex.h> #if defined(BOTAN_HAS_TLS_SQLITE3_SESSION_MANAGER) @@ -44,7 +43,6 @@ class TLS_Client : public Command void go() override { - Botan::AutoSeeded_RNG rng; Botan::TLS::Policy policy; // TODO read from a file // TODO client cert auth @@ -57,12 +55,12 @@ class TLS_Client : public Command if(!sessions_db.empty()) { - session_mgr.reset(new Botan::TLS::Session_Manager_SQLite(sessions_passphrase, rng, sessions_db)); + session_mgr.reset(new Botan::TLS::Session_Manager_SQLite(sessions_passphrase, rng(), sessions_db)); } #endif if(!session_mgr) { - session_mgr.reset(new Botan::TLS::Session_Manager_In_Memory(rng)); + session_mgr.reset(new Botan::TLS::Session_Manager_In_Memory(rng())); } Basic_Credentials_Manager creds; @@ -96,7 +94,7 @@ class TLS_Client : public Command *session_mgr, creds, policy, - rng, + rng(), Botan::TLS::Server_Information(host, port), version, protocols_to_offer); @@ -285,7 +283,7 @@ class TLS_Client : public Command } }; -BOTAN_REGISTER_COMMAND(TLS_Client); +BOTAN_REGISTER_COMMAND("tls_client", TLS_Client); } diff --git a/src/cli/tls_proxy.cpp b/src/cli/tls_proxy.cpp index e28ef14bc..83332bb49 100644 --- a/src/cli/tls_proxy.cpp +++ b/src/cli/tls_proxy.cpp @@ -401,8 +401,7 @@ class TLS_Proxy : public Command const size_t num_threads = get_arg_sz("threads") || std::thread::hardware_concurrency() || 2; - Botan::AutoSeeded_RNG rng; - Basic_Credentials_Manager creds(rng, server_crt, server_key); + Basic_Credentials_Manager creds(rng(), server_crt, server_key); Botan::TLS::Policy policy; // TODO: Read policy from text file @@ -419,12 +418,12 @@ class TLS_Proxy : public Command if(!sessions_db.empty()) { - session_mgr.reset(new Botan::TLS::Session_Manager_SQLite(sessions_passphrase, rng, sessions_db)); + session_mgr.reset(new Botan::TLS::Session_Manager_SQLite(sessions_passphrase, rng(), sessions_db)); } #endif if(!session_mgr) { - session_mgr.reset(new Botan::TLS::Session_Manager_In_Memory(rng)); + session_mgr.reset(new Botan::TLS::Session_Manager_In_Memory(rng())); } tls_proxy_server server(io, listen_port, server_endpoint_iterator, creds, policy, *session_mgr); @@ -442,7 +441,7 @@ class TLS_Proxy : public Command } }; -BOTAN_REGISTER_COMMAND(TLS_Proxy); +BOTAN_REGISTER_COMMAND("tls_proxy", TLS_Proxy); } diff --git a/src/cli/tls_server.cpp b/src/cli/tls_server.cpp index f6a3a311e..ccf8f40ac 100644 --- a/src/cli/tls_server.cpp +++ b/src/cli/tls_server.cpp @@ -11,7 +11,6 @@ #include <botan/tls_server.h> #include <botan/hex.h> -#include <botan/auto_rng.h> #include "credentials.h" #include <list> @@ -48,13 +47,11 @@ class TLS_Server : public Command const bool is_tcp = (transport == "tcp"); - Botan::AutoSeeded_RNG rng; - Botan::TLS::Policy policy; // TODO read policy from file - Botan::TLS::Session_Manager_In_Memory session_manager(rng); // TODO sqlite3 + Botan::TLS::Session_Manager_In_Memory session_manager(rng()); // TODO sqlite3 - Basic_Credentials_Manager creds(rng, server_crt, server_key); + Basic_Credentials_Manager creds(rng(), server_crt, server_key); auto protocol_chooser = [](const std::vector<std::string>& protocols) -> std::string { for(size_t i = 0; i != protocols.size(); ++i) @@ -116,7 +113,7 @@ class TLS_Server : public Command session_manager, creds, policy, - rng, + rng(), protocol_chooser, !is_tcp); @@ -239,7 +236,7 @@ class TLS_Server : public Command }; -BOTAN_REGISTER_COMMAND(TLS_Server); +BOTAN_REGISTER_COMMAND("tls_server", TLS_Server); } diff --git a/src/cli/utils.cpp b/src/cli/utils.cpp index 9302ec5d0..526b59aba 100644 --- a/src/cli/utils.cpp +++ b/src/cli/utils.cpp @@ -72,7 +72,7 @@ class Config_Info : public Command } }; -BOTAN_REGISTER_COMMAND(Config_Info); +BOTAN_REGISTER_COMMAND("config", Config_Info); class Version_Info : public Command { @@ -94,7 +94,7 @@ class Version_Info : public Command } }; -BOTAN_REGISTER_COMMAND(Version_Info); +BOTAN_REGISTER_COMMAND("version", Version_Info); class Print_Cpuid : public Command { @@ -107,7 +107,7 @@ class Print_Cpuid : public Command } }; -BOTAN_REGISTER_COMMAND(Print_Cpuid); +BOTAN_REGISTER_COMMAND("cpuid", Print_Cpuid); class Hash : public Command { @@ -130,14 +130,21 @@ class Hash : public Command for(auto fsname : files) { - auto update_hash = [&](const uint8_t b[], size_t l) { hash_fn->update(b, l); }; - read_file(fsname, update_hash, buf_size); - output() << Botan::hex_encode(hash_fn->final()) << " " << fsname << "\n"; + try + { + auto update_hash = [&](const uint8_t b[], size_t l) { hash_fn->update(b, l); }; + read_file(fsname, update_hash, buf_size); + output() << Botan::hex_encode(hash_fn->final()) << " " << fsname << "\n"; + } + catch(CLI_IO_Error& e) + { + error_output() << e.what() << "\n"; + } } } }; -BOTAN_REGISTER_COMMAND(Hash); +BOTAN_REGISTER_COMMAND("hash", Hash); class RNG : public Command { @@ -164,7 +171,7 @@ class RNG : public Command } }; -BOTAN_REGISTER_COMMAND(RNG); +BOTAN_REGISTER_COMMAND("rng", RNG); #if defined(BOTAN_HAS_HTTP_UTIL) @@ -179,7 +186,7 @@ class HTTP_Get : public Command } }; -BOTAN_REGISTER_COMMAND(HTTP_Get); +BOTAN_REGISTER_COMMAND("http_get", HTTP_Get); #endif // http_util @@ -198,7 +205,7 @@ class Base64_Encode : public Command } }; -BOTAN_REGISTER_COMMAND(Base64_Encode); +BOTAN_REGISTER_COMMAND("base64_enc", Base64_Encode); class Base64_Decode : public Command { @@ -219,7 +226,7 @@ class Base64_Decode : public Command } }; -BOTAN_REGISTER_COMMAND(Base64_Decode); +BOTAN_REGISTER_COMMAND("base64_dec", Base64_Decode); #endif // base64 @@ -235,12 +242,11 @@ class Generate_Bcrypt : public Command const std::string password = get_arg("password"); const size_t wf = get_arg_sz("work_factor"); - Botan::AutoSeeded_RNG rng; - output() << Botan::generate_bcrypt(password, rng, wf) << "\n"; + output() << Botan::generate_bcrypt(password, rng(), wf) << "\n"; } }; -BOTAN_REGISTER_COMMAND(Generate_Bcrypt); +BOTAN_REGISTER_COMMAND("gen_bcrypt", Generate_Bcrypt); class Check_Bcrypt : public Command { @@ -263,7 +269,7 @@ class Check_Bcrypt : public Command } }; -BOTAN_REGISTER_COMMAND(Check_Bcrypt); +BOTAN_REGISTER_COMMAND("check_bcrypt", Check_Bcrypt); #endif // bcrypt diff --git a/src/cli/x509.cpp b/src/cli/x509.cpp index add73a466..886b57259 100644 --- a/src/cli/x509.cpp +++ b/src/cli/x509.cpp @@ -8,7 +8,6 @@ #if defined(BOTAN_HAS_X509_CERTIFICATES) -#include <botan/auto_rng.h> #include <botan/certstor.h> #include <botan/pkcs8.h> #include <botan/x509_ca.h> @@ -30,13 +29,11 @@ class Sign_Cert : public Command void go() override { - Botan::AutoSeeded_RNG rng; - Botan::X509_Certificate ca_cert(get_arg("ca_cert")); std::unique_ptr<Botan::PKCS8_PrivateKey> key( Botan::PKCS8::load_key(get_arg("ca_key"), - rng, + rng(), get_arg("ca_key_pass"))); if(!key) @@ -54,14 +51,14 @@ class Sign_Cert : public Command Botan::X509_Time end_time(now + days(get_arg_sz("duration"))); - Botan::X509_Certificate new_cert = ca.sign_request(req, rng, + Botan::X509_Certificate new_cert = ca.sign_request(req, rng(), start_time, end_time); output() << new_cert.PEM_encode(); } }; -BOTAN_REGISTER_COMMAND(Sign_Cert); +BOTAN_REGISTER_COMMAND("sign_cert", Sign_Cert); class Cert_Info : public Command { @@ -75,7 +72,7 @@ class Cert_Info : public Command } }; -BOTAN_REGISTER_COMMAND(Cert_Info); +BOTAN_REGISTER_COMMAND("cert_info", Cert_Info); #if defined(BOTAN_HAS_OCSP) class OCSP_Check : public Command @@ -106,7 +103,7 @@ class OCSP_Check : public Command } }; -BOTAN_REGISTER_COMMAND(OCSP_Check); +BOTAN_REGISTER_COMMAND("ocsp_check", OCSP_Check); #endif // OCSP @@ -143,7 +140,7 @@ class Cert_Verify : public Command } }; -BOTAN_REGISTER_COMMAND(Cert_Verify); +BOTAN_REGISTER_COMMAND("cert_verify", Cert_Verify); class Gen_Self_Signed : public Command { @@ -153,11 +150,9 @@ class Gen_Self_Signed : public Command void go() override { - Botan::AutoSeeded_RNG rng; - std::unique_ptr<Botan::Private_Key> key( Botan::PKCS8::load_key(get_arg("key"), - rng, + rng(), get_arg("key-pass"))); if(!key) @@ -175,13 +170,13 @@ class Gen_Self_Signed : public Command opts.CA_key(); Botan::X509_Certificate cert = - Botan::X509::create_self_signed_cert(opts, *key, get_arg("hash"), rng); + Botan::X509::create_self_signed_cert(opts, *key, get_arg("hash"), rng()); output() << cert.PEM_encode(); } }; -BOTAN_REGISTER_COMMAND(Gen_Self_Signed); +BOTAN_REGISTER_COMMAND("gen_self_signed", Gen_Self_Signed); class Generate_PKCS10 : public Command { @@ -191,11 +186,9 @@ class Generate_PKCS10 : public Command void go() override { - Botan::AutoSeeded_RNG rng; - std::unique_ptr<Botan::Private_Key> key( Botan::PKCS8::load_key(get_arg("key"), - rng, + rng(), get_arg("key-pass"))); if(!key) @@ -211,13 +204,13 @@ class Generate_PKCS10 : public Command Botan::PKCS10_Request req = Botan::X509::create_cert_req(opts, *key, get_arg("hash"), - rng); + rng()); output() << req.PEM_encode(); } }; -BOTAN_REGISTER_COMMAND(Generate_PKCS10); +BOTAN_REGISTER_COMMAND("gen_pkcs10", Generate_PKCS10); } diff --git a/src/lib/cert/x509/x509_obj.cpp b/src/lib/cert/x509/x509_obj.cpp index 4dae68607..e908e8cab 100644 --- a/src/lib/cert/x509/x509_obj.cpp +++ b/src/lib/cert/x509/x509_obj.cpp @@ -201,7 +201,7 @@ bool X509_Object::check_signature(const Public_Key& pub_key) const return verifier.verify_message(tbs_data(), signature()); } - catch(std::exception& e) + catch(std::exception&) { return false; } diff --git a/src/lib/cert/x509/x509path.cpp b/src/lib/cert/x509/x509path.cpp index 7e54ad9f9..5e12ddb2a 100644 --- a/src/lib/cert/x509/x509path.cpp +++ b/src/lib/cert/x509/x509path.cpp @@ -170,7 +170,7 @@ check_chain(const std::vector<X509_Certificate>& cert_path, else if(ocsp_status == Certificate_Status_Code::OCSP_RESPONSE_GOOD) continue; } - catch(std::exception& e) + catch(std::exception&) { //std::cout << "OCSP error: " << e.what() << "\n"; } diff --git a/src/lib/math/mp/info.txt b/src/lib/math/mp/info.txt index a47475f7b..6aa0142f3 100644 --- a/src/lib/math/mp/info.txt +++ b/src/lib/math/mp/info.txt @@ -1,11 +1,10 @@ -define BIGINT_MP 20131128 +define BIGINT_MP 20151225 <source> mp_asm.cpp mp_comba.cpp mp_karat.cpp mp_monty.cpp -mp_mulop.cpp mp_misc.cpp mp_shift.cpp </source> diff --git a/src/lib/math/mp/mp_asm.cpp b/src/lib/math/mp/mp_asm.cpp index cc573a792..b7d90552e 100644 --- a/src/lib/math/mp/mp_asm.cpp +++ b/src/lib/math/mp/mp_asm.cpp @@ -1,5 +1,5 @@ /* -* Lowest Level MPI Algorithms +* MPI Add, Subtract, Word Multiply * (C) 1999-2010 Jack Lloyd * 2006 Luca Piccarreta * diff --git a/src/lib/math/mp/mp_comba.cpp b/src/lib/math/mp/mp_comba.cpp index 0170c9fcd..1ebd29817 100644 --- a/src/lib/math/mp/mp_comba.cpp +++ b/src/lib/math/mp/mp_comba.cpp @@ -1,6 +1,7 @@ /* * Comba Multiplication and Squaring -* (C) 1999-2007,2011,2014 Jack Lloyd +* +* This file was automatically generated by comba.py * * Botan is released under the Simplified BSD License (see license.txt) */ diff --git a/src/lib/math/mp/mp_core.h b/src/lib/math/mp/mp_core.h index b97384d18..9921f1f07 100644 --- a/src/lib/math/mp/mp_core.h +++ b/src/lib/math/mp/mp_core.h @@ -81,15 +81,6 @@ void bigint_shr2(word y[], const word x[], size_t x_size, size_t word_shift, size_t bit_shift); /* -* Simple O(N^2) Multiplication and Squaring -*/ -void bigint_simple_mul(word z[], - const word x[], size_t x_size, - const word y[], size_t y_size); - -void bigint_simple_sqr(word z[], const word x[], size_t x_size); - -/* * Linear Multiply */ void bigint_linmul2(word x[], size_t x_size, word y); diff --git a/src/lib/math/mp/mp_karat.cpp b/src/lib/math/mp/mp_karat.cpp index 96d9adae2..c7f179191 100644 --- a/src/lib/math/mp/mp_karat.cpp +++ b/src/lib/math/mp/mp_karat.cpp @@ -1,5 +1,5 @@ /* -* Karatsuba Multiplication/Squaring +* Multiplication and Squaring * (C) 1999-2010 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) @@ -16,6 +16,37 @@ namespace { const size_t KARATSUBA_MULTIPLY_THRESHOLD = 32; const size_t KARATSUBA_SQUARE_THRESHOLD = 32; +namespace { + +/* +* Simple O(N^2) Multiplication +*/ +void basecase_mul(word z[], + const word x[], size_t x_size, + const word y[], size_t y_size) + { + const size_t x_size_8 = x_size - (x_size % 8); + + clear_mem(z, x_size + y_size); + + for(size_t i = 0; i != y_size; ++i) + { + const word y_i = y[i]; + + word carry = 0; + + for(size_t j = 0; j != x_size_8; j += 8) + carry = word8_madd3(z + i + j, x + j, y_i, carry); + + for(size_t j = x_size_8; j != x_size; ++j) + z[i+j] = word_madd3(x[j], y_i, z[i+j], &carry); + + z[x_size+i] = carry; + } + } + +} + /* * Karatsuba Multiplication Operation */ @@ -31,7 +62,7 @@ void karatsuba_mul(word z[], const word x[], const word y[], size_t N, else if(N == 16) return bigint_comba_mul16(z, x, y); else - return bigint_simple_mul(z, x, N, y, N); + return basecase_mul(z, x, N, y, N); } const size_t N2 = N / 2; @@ -101,7 +132,7 @@ void karatsuba_sqr(word z[], const word x[], size_t N, word workspace[]) else if(N == 16) return bigint_comba_sqr16(z, x); else - return bigint_simple_sqr(z, x, N); + return basecase_mul(z, x, N, x, N); } const size_t N2 = N / 2; @@ -262,7 +293,7 @@ void bigint_mul(word z[], size_t z_size, word workspace[], y_sw < KARATSUBA_MULTIPLY_THRESHOLD || !workspace) { - bigint_simple_mul(z, x, x_sw, y, y_sw); + basecase_mul(z, x, x_sw, y, y_sw); } else { @@ -271,7 +302,7 @@ void bigint_mul(word z[], size_t z_size, word workspace[], if(N) karatsuba_mul(z, x, y, N, workspace); else - bigint_simple_mul(z, x, x_sw, y, y_sw); + basecase_mul(z, x, x_sw, y, y_sw); } } @@ -307,7 +338,7 @@ void bigint_sqr(word z[], size_t z_size, word workspace[], } else if(x_size < KARATSUBA_SQUARE_THRESHOLD || !workspace) { - bigint_simple_sqr(z, x, x_sw); + basecase_mul(z, x, x_sw, x, x_sw); } else { @@ -316,7 +347,7 @@ void bigint_sqr(word z[], size_t z_size, word workspace[], if(N) karatsuba_sqr(z, x, N, workspace); else - bigint_simple_sqr(z, x, x_sw); + basecase_mul(z, x, x_sw, x, x_sw); } } diff --git a/src/lib/math/mp/mp_mulop.cpp b/src/lib/math/mp/mp_mulop.cpp deleted file mode 100644 index 432c7ef53..000000000 --- a/src/lib/math/mp/mp_mulop.cpp +++ /dev/null @@ -1,73 +0,0 @@ -/* -* Simple O(N^2) Multiplication and Squaring -* (C) 1999-2008 Jack Lloyd -* -* Botan is released under the Simplified BSD License (see license.txt) -*/ - -#include <botan/internal/mp_core.h> -#include <botan/internal/mp_madd.h> -#include <botan/internal/mp_asmi.h> -#include <botan/mem_ops.h> - -namespace Botan { - -/* -* Simple O(N^2) Multiplication -*/ -void bigint_simple_mul(word z[], const word x[], size_t x_size, - const word y[], size_t y_size) - { - const size_t x_size_8 = x_size - (x_size % 8); - - clear_mem(z, x_size + y_size); - - for(size_t i = 0; i != y_size; ++i) - { - const word y_i = y[i]; - - word carry = 0; - - for(size_t j = 0; j != x_size_8; j += 8) - carry = word8_madd3(z + i + j, x + j, y_i, carry); - - for(size_t j = x_size_8; j != x_size; ++j) - z[i+j] = word_madd3(x[j], y_i, z[i+j], &carry); - - z[x_size+i] = carry; - } - } - -/* -* Simple O(N^2) Squaring -* -* This is exactly the same algorithm as bigint_simple_mul, however -* because C/C++ compilers suck at alias analysis it is good to have -* the version where the compiler knows that x == y -* -* There is an O(n^1.5) squaring algorithm specified in Handbook of -* Applied Cryptography, chapter 14 -* -*/ -void bigint_simple_sqr(word z[], const word x[], size_t x_size) - { - const size_t x_size_8 = x_size - (x_size % 8); - - clear_mem(z, 2*x_size); - - for(size_t i = 0; i != x_size; ++i) - { - const word x_i = x[i]; - word carry = 0; - - for(size_t j = 0; j != x_size_8; j += 8) - carry = word8_madd3(z + i + j, x + j, x_i, carry); - - for(size_t j = x_size_8; j != x_size; ++j) - z[i+j] = word_madd3(x[j], x_i, z[i+j], &carry); - - z[x_size+i] = carry; - } - } - -} diff --git a/src/lib/pk_pad/mgf1/mgf1.h b/src/lib/pk_pad/mgf1/mgf1.h index ed2f1d023..bddb8bba8 100644 --- a/src/lib/pk_pad/mgf1/mgf1.h +++ b/src/lib/pk_pad/mgf1/mgf1.h @@ -15,9 +15,9 @@ namespace Botan { /** * MGF1 from PKCS #1 v2.0 */ -void mgf1_mask(HashFunction& hash, - const byte in[], size_t in_len, - byte out[], size_t out_len); +void BOTAN_DLL mgf1_mask(HashFunction& hash, + const byte in[], size_t in_len, + byte out[], size_t out_len); } diff --git a/src/lib/pubkey/mce/info.txt b/src/lib/pubkey/mce/info.txt index 1e9b848dd..bb0f06764 100644 --- a/src/lib/pubkey/mce/info.txt +++ b/src/lib/pubkey/mce/info.txt @@ -1,7 +1,6 @@ define MCELIECE 20150922 <header:public> -mce_kem.h mceliece.h polyn_gf2m.h gf2m_small_m.h diff --git a/src/lib/pubkey/mce/mce_kem.cpp b/src/lib/pubkey/mce/mce_kem.cpp deleted file mode 100644 index dede67731..000000000 --- a/src/lib/pubkey/mce/mce_kem.cpp +++ /dev/null @@ -1,51 +0,0 @@ -/** - * (C) 2014 cryptosource GmbH - * (C) 2014 Falko Strenzke [email protected] - * - * Botan is released under the Simplified BSD License (see license.txt) - * - */ - -#include <botan/mce_kem.h> -#include <botan/internal/mce_internal.h> -#include <botan/sha2_64.h> - -namespace Botan { - -McEliece_KEM_Encryptor::McEliece_KEM_Encryptor(const McEliece_PublicKey& public_key) : - m_key(public_key) - { - } - -std::pair<secure_vector<byte>, secure_vector<byte>> -McEliece_KEM_Encryptor::encrypt(RandomNumberGenerator& rng) - { - const secure_vector<byte> plaintext = m_key.random_plaintext_element(rng); - - secure_vector<byte> ciphertext, error_mask; - mceliece_encrypt(ciphertext, error_mask, plaintext, m_key, rng); - - SHA_512 hash; - hash.update(plaintext); - hash.update(error_mask); - secure_vector<byte> sym_key = hash.final(); - - return std::make_pair(ciphertext, sym_key); - } - -McEliece_KEM_Decryptor::McEliece_KEM_Decryptor(const McEliece_PrivateKey& key) : m_key(key) { } - -secure_vector<Botan::byte> McEliece_KEM_Decryptor::decrypt(const byte msg[], size_t msg_len) - { - secure_vector<byte> plaintext, error_mask; - mceliece_decrypt(plaintext, error_mask, msg, msg_len, m_key); - - SHA_512 hash; - hash.update(plaintext); - hash.update(error_mask); - - secure_vector<byte> sym_key = hash.final(); - return sym_key; - } - -} diff --git a/src/lib/pubkey/mce/mce_kem.h b/src/lib/pubkey/mce/mce_kem.h deleted file mode 100644 index cd899d568..000000000 --- a/src/lib/pubkey/mce/mce_kem.h +++ /dev/null @@ -1,55 +0,0 @@ -/** - * (C) 2014 cryptosource GmbH - * (C) 2014 Falko Strenzke [email protected] - * - * Botan is released under the Simplified BSD License (see license.txt) - * - */ - -#ifndef BOTAN_MCE_KEM_H__ -#define BOTAN_MCE_KEM_H__ - -#include <botan/mceliece.h> -#include <utility> - -namespace Botan { - -class BOTAN_DLL McEliece_KEM_Encryptor - { - public: - McEliece_KEM_Encryptor(const McEliece_PublicKey& public_key); - - /** - * returns the pair (mceliece ciphertext, symmetric key) - */ - std::pair<secure_vector<byte>, secure_vector<byte>> encrypt(RandomNumberGenerator& rng); - - private: - const McEliece_PublicKey& m_key; - }; - -class BOTAN_DLL McEliece_KEM_Decryptor - { - public: - McEliece_KEM_Decryptor(const McEliece_PrivateKey& mce_key); - - /** - * returns the derived 512-bit symmetric key - */ - secure_vector<Botan::byte> decrypt(const byte msg[], size_t msg_len); - - /** - * returns the derived 512-bit symmetric key - */ - template<typename Alloc> - secure_vector<Botan::byte> decrypt_vec(const std::vector<byte, Alloc>& v) - { - return decrypt(v.data(), v.size()); - } - - private: - const McEliece_PrivateKey& m_key; - }; -} - -#endif diff --git a/src/lib/pubkey/mce/mceliece_key.cpp b/src/lib/pubkey/mce/mceliece_key.cpp index 8edbbf88a..455d1f381 100644 --- a/src/lib/pubkey/mce/mceliece_key.cpp +++ b/src/lib/pubkey/mce/mceliece_key.cpp @@ -4,6 +4,7 @@ * * (C) 2014 cryptosource GmbH * (C) 2014 Falko Strenzke [email protected] + * (C) 2015 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) * @@ -13,6 +14,8 @@ #include <botan/internal/mce_internal.h> #include <botan/internal/bit_ops.h> #include <botan/internal/code_based_util.h> +#include <botan/internal/pk_ops_impl.h> +#include <botan/internal/pk_utils.h> #include <botan/der_enc.h> #include <botan/ber_dec.h> @@ -292,6 +295,68 @@ bool McEliece_PublicKey::operator==(const McEliece_PublicKey& other) const return true; } +namespace { + +class MCE_KEM_Encryptor : public PK_Ops::KEM_Encryption_with_KDF + { + public: + typedef McEliece_PublicKey Key_Type; + + MCE_KEM_Encryptor(const McEliece_PublicKey& key, + const std::string& kdf) : + KEM_Encryption_with_KDF(kdf), m_key(key) {} + + private: + void raw_kem_encrypt(secure_vector<byte>& out_encapsulated_key, + secure_vector<byte>& raw_shared_key, + Botan::RandomNumberGenerator& rng) override + { + secure_vector<byte> plaintext = m_key.random_plaintext_element(rng); + + secure_vector<byte> ciphertext, error_mask; + mceliece_encrypt(ciphertext, error_mask, plaintext, m_key, rng); + + raw_shared_key.clear(); + raw_shared_key += plaintext; + raw_shared_key += error_mask; + + out_encapsulated_key.swap(ciphertext); + } + + const McEliece_PublicKey& m_key; + }; + +class MCE_KEM_Decryptor : public PK_Ops::KEM_Decryption_with_KDF + { + public: + typedef McEliece_PrivateKey Key_Type; + + MCE_KEM_Decryptor(const McEliece_PrivateKey& key, + const std::string& kdf) : + KEM_Decryption_with_KDF(kdf), m_key(key) {} + + private: + secure_vector<byte> + raw_kem_decrypt(const byte encap_key[], size_t len) override + { + secure_vector<byte> plaintext, error_mask; + mceliece_decrypt(plaintext, error_mask, encap_key, len, m_key); + + secure_vector<byte> output; + output.reserve(plaintext.size() + error_mask.size()); + output.insert(output.end(), plaintext.begin(), plaintext.end()); + output.insert(output.end(), error_mask.begin(), error_mask.end()); + return output; + } + + const McEliece_PrivateKey& m_key; + }; + +BOTAN_REGISTER_PK_KEM_ENCRYPTION_OP("McEliece", MCE_KEM_Encryptor); +BOTAN_REGISTER_PK_KEM_DECRYPTION_OP("McEliece", MCE_KEM_Decryptor); + +} + } diff --git a/src/lib/pubkey/mceies/mceies.cpp b/src/lib/pubkey/mceies/mceies.cpp index e83fa257e..0af71719a 100644 --- a/src/lib/pubkey/mceies/mceies.cpp +++ b/src/lib/pubkey/mceies/mceies.cpp @@ -8,7 +8,7 @@ #include <botan/mceies.h> #include <botan/aead.h> #include <botan/mceliece.h> -#include <botan/mce_kem.h> +#include <botan/pubkey.h> namespace Botan { @@ -36,11 +36,10 @@ mceies_encrypt(const McEliece_PublicKey& pubkey, RandomNumberGenerator& rng, const std::string& algo) { - McEliece_KEM_Encryptor kem_op(pubkey); + PK_KEM_Encryptor kem_op(pubkey, "KDF1(SHA-512)"); - const std::pair<secure_vector<byte>,secure_vector<byte>> mce_ciphertext__key = kem_op.encrypt(rng); - const secure_vector<byte>& mce_ciphertext = mce_ciphertext__key.first; - const secure_vector<byte>& mce_key = mce_ciphertext__key.second; + secure_vector<byte> mce_ciphertext, mce_key; + kem_op.encrypt(mce_ciphertext, mce_key, 64, rng); const size_t mce_code_bytes = (pubkey.get_code_length() + 7) / 8; @@ -75,7 +74,7 @@ mceies_decrypt(const McEliece_PrivateKey& privkey, { try { - McEliece_KEM_Decryptor kem_op(privkey); + PK_KEM_Decryptor kem_op(privkey, "KDF1(SHA-512)"); const size_t mce_code_bytes = (privkey.get_code_length() + 7) / 8; @@ -88,7 +87,7 @@ mceies_decrypt(const McEliece_PrivateKey& privkey, if(ct_len < mce_code_bytes + nonce_len + aead->tag_size()) throw Exception("Input message too small to be valid"); - const secure_vector<byte> mce_key = kem_op.decrypt(ct, mce_code_bytes); + const secure_vector<byte> mce_key = kem_op.decrypt(ct, mce_code_bytes, 64); aead->set_key(aead_key(mce_key, *aead)); aead->set_associated_data(ad, ad_len); diff --git a/src/lib/pubkey/pk_ops.cpp b/src/lib/pubkey/pk_ops.cpp index bc421eb90..81b087894 100644 --- a/src/lib/pubkey/pk_ops.cpp +++ b/src/lib/pubkey/pk_ops.cpp @@ -129,4 +129,47 @@ bool PK_Ops::Verification_with_EMSA::is_valid_signature(const byte sig[], size_t } } +void PK_Ops::KEM_Encryption_with_KDF::kem_encrypt(secure_vector<byte>& out_encapsulated_key, + secure_vector<byte>& out_shared_key, + size_t desired_shared_key_len, + Botan::RandomNumberGenerator& rng, + const uint8_t salt[], + size_t salt_len) + { + secure_vector<byte> raw_shared; + this->raw_kem_encrypt(out_encapsulated_key, raw_shared, rng); + + out_shared_key = m_kdf->derive_key(desired_shared_key_len, + raw_shared.data(), raw_shared.size(), + salt, salt_len); + } + +PK_Ops::KEM_Encryption_with_KDF::KEM_Encryption_with_KDF(const std::string& kdf) + { + m_kdf.reset(get_kdf(kdf)); + } + +PK_Ops::KEM_Encryption_with_KDF::~KEM_Encryption_with_KDF() {} + +secure_vector<byte> +PK_Ops::KEM_Decryption_with_KDF::kem_decrypt(const byte encap_key[], + size_t len, + size_t desired_shared_key_len, + const uint8_t salt[], + size_t salt_len) + { + secure_vector<byte> raw_shared = this->raw_kem_decrypt(encap_key, len); + + return m_kdf->derive_key(desired_shared_key_len, + raw_shared.data(), raw_shared.size(), + salt, salt_len); + } + +PK_Ops::KEM_Decryption_with_KDF::KEM_Decryption_with_KDF(const std::string& kdf) + { + m_kdf.reset(get_kdf(kdf)); + } + +PK_Ops::KEM_Decryption_with_KDF::~KEM_Decryption_with_KDF() {} + } diff --git a/src/lib/pubkey/pk_ops.h b/src/lib/pubkey/pk_ops.h index 3a2a8bdb5..6fc21ea4a 100644 --- a/src/lib/pubkey/pk_ops.h +++ b/src/lib/pubkey/pk_ops.h @@ -47,11 +47,13 @@ typedef PK_Spec<Private_Key> PK_Spec_Private_Key; class BOTAN_DLL Encryption { public: + typedef PK_Spec_Public_Key Spec; + virtual size_t max_input_bits() const = 0; - virtual secure_vector<byte> encrypt(const byte msg[], size_t msg_len, RandomNumberGenerator& rng) = 0; - - typedef PK_Spec_Public_Key Spec; + virtual secure_vector<byte> encrypt(const byte msg[], + size_t msg_len, + RandomNumberGenerator& rng) = 0; virtual ~Encryption() {} }; @@ -164,6 +166,38 @@ class BOTAN_DLL Key_Agreement virtual ~Key_Agreement() {} }; +/** +* KEM (key encapsulation) +*/ +class BOTAN_DLL KEM_Encryption + { + public: + typedef PK_Spec_Public_Key Spec; + + virtual void kem_encrypt(secure_vector<byte>& out_encapsulated_key, + secure_vector<byte>& out_shared_key, + size_t desired_shared_key_len, + Botan::RandomNumberGenerator& rng, + const uint8_t salt[], + size_t salt_len) = 0; + + virtual ~KEM_Encryption() {} + }; + +class BOTAN_DLL KEM_Decryption + { + public: + typedef PK_Spec_Private_Key Spec; + + virtual secure_vector<byte> kem_decrypt(const byte encap_key[], + size_t len, + size_t desired_shared_key_len, + const uint8_t salt[], + size_t salt_len) = 0; + + virtual ~KEM_Decryption() {} + }; + } } diff --git a/src/lib/pubkey/pk_ops_impl.h b/src/lib/pubkey/pk_ops_impl.h index f27de4af4..0acceb53c 100644 --- a/src/lib/pubkey/pk_ops_impl.h +++ b/src/lib/pubkey/pk_ops_impl.h @@ -139,6 +139,46 @@ class Key_Agreement_with_KDF : public Key_Agreement std::unique_ptr<KDF> m_kdf; }; +class KEM_Encryption_with_KDF : public KEM_Encryption + { + public: + void kem_encrypt(secure_vector<byte>& out_encapsulated_key, + secure_vector<byte>& out_shared_key, + size_t desired_shared_key_len, + Botan::RandomNumberGenerator& rng, + const uint8_t salt[], + size_t salt_len) override; + + protected: + virtual void raw_kem_encrypt(secure_vector<byte>& out_encapsulated_key, + secure_vector<byte>& raw_shared_key, + Botan::RandomNumberGenerator& rng) = 0; + + KEM_Encryption_with_KDF(const std::string& kdf); + ~KEM_Encryption_with_KDF(); + private: + std::unique_ptr<KDF> m_kdf; + }; + +class KEM_Decryption_with_KDF : public KEM_Decryption + { + public: + secure_vector<byte> kem_decrypt(const byte encap_key[], + size_t len, + size_t desired_shared_key_len, + const uint8_t salt[], + size_t salt_len); + + protected: + virtual secure_vector<byte> + raw_kem_decrypt(const byte encap_key[], size_t len) = 0; + + KEM_Decryption_with_KDF(const std::string& kdf); + ~KEM_Decryption_with_KDF(); + private: + std::unique_ptr<KDF> m_kdf; + }; + } } diff --git a/src/lib/pubkey/pk_utils.h b/src/lib/pubkey/pk_utils.h index 326a6ea68..04a0bf5ca 100644 --- a/src/lib/pubkey/pk_utils.h +++ b/src/lib/pubkey/pk_utils.h @@ -32,6 +32,9 @@ OP* make_pk_op(const typename T::Spec& spec) #define BOTAN_REGISTER_PK_VERIFY_OP(NAME, TYPE) BOTAN_REGISTER_PK_OP(PK_Ops::Verification, NAME, TYPE) #define BOTAN_REGISTER_PK_KEY_AGREE_OP(NAME, TYPE) BOTAN_REGISTER_PK_OP(PK_Ops::Key_Agreement, NAME, TYPE) +#define BOTAN_REGISTER_PK_KEM_ENCRYPTION_OP(NAME, TYPE) BOTAN_REGISTER_PK_OP(PK_Ops::KEM_Encryption, NAME, TYPE) +#define BOTAN_REGISTER_PK_KEM_DECRYPTION_OP(NAME, TYPE) BOTAN_REGISTER_PK_OP(PK_Ops::KEM_Decryption, NAME, TYPE) + } #endif diff --git a/src/lib/pubkey/pubkey.cpp b/src/lib/pubkey/pubkey.cpp index b9923f54b..e870dfdec 100644 --- a/src/lib/pubkey/pubkey.cpp +++ b/src/lib/pubkey/pubkey.cpp @@ -59,6 +59,46 @@ secure_vector<byte> PK_Decryptor_EME::dec(const byte msg[], size_t length) const return m_op->decrypt(msg, length); } +PK_KEM_Encryptor::PK_KEM_Encryptor(const Public_Key& key, + const std::string& param, + const std::string& provider) + { + m_op.reset(get_pk_op<PK_Ops::KEM_Encryption>("KEM", key, param, provider)); + } + +void PK_KEM_Encryptor::encrypt(secure_vector<byte>& out_encapsulated_key, + secure_vector<byte>& out_shared_key, + size_t desired_shared_key_len, + Botan::RandomNumberGenerator& rng, + const uint8_t salt[], + size_t salt_len) + { + m_op->kem_encrypt(out_encapsulated_key, + out_shared_key, + desired_shared_key_len, + rng, + salt, + salt_len); + } + +PK_KEM_Decryptor::PK_KEM_Decryptor(const Private_Key& key, + const std::string& param, + const std::string& provider) + { + m_op.reset(get_pk_op<PK_Ops::KEM_Decryption>("KEM", key, param, provider)); + } + +secure_vector<byte> PK_KEM_Decryptor::decrypt(const byte encap_key[], + size_t encap_key_len, + size_t desired_shared_key_len, + const uint8_t salt[], + size_t salt_len) + { + return m_op->kem_decrypt(encap_key, encap_key_len, + desired_shared_key_len, + salt, salt_len); + } + PK_Key_Agreement::PK_Key_Agreement(const Private_Key& key, const std::string& kdf) { m_op.reset(get_pk_op<PK_Ops::Key_Agreement>("Key agreement", key, kdf)); diff --git a/src/lib/pubkey/pubkey.h b/src/lib/pubkey/pubkey.h index 637e522e4..a8caf58ac 100644 --- a/src/lib/pubkey/pubkey.h +++ b/src/lib/pubkey/pubkey.h @@ -438,6 +438,87 @@ class BOTAN_DLL PK_Decryptor_EME : public PK_Decryptor std::unique_ptr<PK_Ops::Decryption> m_op; }; +class BOTAN_DLL PK_KEM_Encryptor + { + public: + PK_KEM_Encryptor(const Public_Key& key, + const std::string& kem_param = "", + const std::string& provider = ""); + + void encrypt(secure_vector<byte>& out_encapsulated_key, + secure_vector<byte>& out_shared_key, + size_t desired_shared_key_len, + Botan::RandomNumberGenerator& rng, + const uint8_t salt[], + size_t salt_len); + + template<typename Alloc> + void encrypt(secure_vector<byte>& out_encapsulated_key, + secure_vector<byte>& out_shared_key, + size_t desired_shared_key_len, + Botan::RandomNumberGenerator& rng, + const std::vector<uint8_t, Alloc>& salt) + { + this->encrypt(out_encapsulated_key, + out_shared_key, + desired_shared_key_len, + rng, + salt.data(), salt.size()); + } + + void encrypt(secure_vector<byte>& out_encapsulated_key, + secure_vector<byte>& out_shared_key, + size_t desired_shared_key_len, + Botan::RandomNumberGenerator& rng) + { + this->encrypt(out_encapsulated_key, + out_shared_key, + desired_shared_key_len, + rng, + nullptr, + 0); + } + + private: + std::unique_ptr<PK_Ops::KEM_Encryption> m_op; + }; + +class BOTAN_DLL PK_KEM_Decryptor + { + public: + PK_KEM_Decryptor(const Private_Key& key, + const std::string& kem_param = "", + const std::string& provider = ""); + + secure_vector<byte> decrypt(const byte encap_key[], + size_t encap_key_len, + size_t desired_shared_key_len, + const uint8_t salt[], + size_t salt_len); + + secure_vector<byte> decrypt(const byte encap_key[], + size_t encap_key_len, + size_t desired_shared_key_len) + { + return this->decrypt(encap_key, encap_key_len, + desired_shared_key_len, + nullptr, 0); + } + + template<typename Alloc1, typename Alloc2> + secure_vector<byte> decrypt(const std::vector<byte, Alloc1>& encap_key, + size_t desired_shared_key_len, + const std::vector<byte, Alloc2>& salt) + { + return this->decrypt(encap_key.data(), encap_key.size(), + desired_shared_key_len, + salt.data(), salt.size()); + } + + private: + std::unique_ptr<PK_Ops::KEM_Decryption> m_op; + }; + } #endif diff --git a/src/lib/pubkey/rsa/rsa.cpp b/src/lib/pubkey/rsa/rsa.cpp index 5804d0034..57fab94c5 100644 --- a/src/lib/pubkey/rsa/rsa.cpp +++ b/src/lib/pubkey/rsa/rsa.cpp @@ -1,6 +1,6 @@ /* * RSA -* (C) 1999-2010 Jack Lloyd +* (C) 1999-2010,2015 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -156,11 +156,34 @@ class RSA_Decryption_Operation : public PK_Ops::Decryption_with_EME, const BigInt m(msg, msg_len); const BigInt x = blinded_private_op(m); const BigInt c = m_powermod_e_n(x); - BOTAN_ASSERT(m == c, "RSA sign consistency check"); + BOTAN_ASSERT(m == c, "RSA decrypt consistency check"); return BigInt::encode_locked(x); } }; +class RSA_KEM_Decryption_Operation : public PK_Ops::KEM_Decryption_with_KDF, + private RSA_Private_Operation + { + public: + typedef RSA_PrivateKey Key_Type; + + RSA_KEM_Decryption_Operation(const RSA_PrivateKey& key, + const std::string& kdf) : + PK_Ops::KEM_Decryption_with_KDF(kdf), + RSA_Private_Operation(key) + {} + + secure_vector<byte> + raw_kem_decrypt(const byte encap_key[], size_t len) override + { + const BigInt m(encap_key, len); + const BigInt x = blinded_private_op(m); + const BigInt c = m_powermod_e_n(x); + BOTAN_ASSERT(m == c, "RSA KEM consistency check"); + return BigInt::encode_1363(x, n.bytes()); + } + }; + /** * RSA public (encrypt/verify) operation */ @@ -181,6 +204,8 @@ class RSA_Public_Operation return powermod_e_n(m); } + const BigInt& get_n() const { return n; } + const BigInt& n; Fixed_Exponent_Power_Mod powermod_e_n; }; @@ -230,11 +255,40 @@ class RSA_Verify_Operation : public PK_Ops::Verification_with_EMSA, } }; +class RSA_KEM_Encryption_Operation : public PK_Ops::KEM_Encryption_with_KDF, + private RSA_Public_Operation + { + public: + typedef RSA_PublicKey Key_Type; + + RSA_KEM_Encryption_Operation(const RSA_PublicKey& key, + const std::string& kdf) : + PK_Ops::KEM_Encryption_with_KDF(kdf), + RSA_Public_Operation(key) {} + + private: + void raw_kem_encrypt(secure_vector<byte>& out_encapsulated_key, + secure_vector<byte>& raw_shared_key, + Botan::RandomNumberGenerator& rng) override + { + const BigInt r = BigInt::random_integer(rng, 1, get_n()); + const BigInt c = public_op(r); + + out_encapsulated_key = BigInt::encode_locked(c); + raw_shared_key = BigInt::encode_locked(r); + } + }; + + BOTAN_REGISTER_PK_ENCRYPTION_OP("RSA", RSA_Encryption_Operation); BOTAN_REGISTER_PK_DECRYPTION_OP("RSA", RSA_Decryption_Operation); + BOTAN_REGISTER_PK_SIGNATURE_OP("RSA", RSA_Signature_Operation); BOTAN_REGISTER_PK_VERIFY_OP("RSA", RSA_Verify_Operation); +BOTAN_REGISTER_PK_KEM_ENCRYPTION_OP("RSA", RSA_KEM_Encryption_Operation); +BOTAN_REGISTER_PK_KEM_DECRYPTION_OP("RSA", RSA_KEM_Decryption_Operation); + } } diff --git a/src/lib/stream/rc4/rc4.cpp b/src/lib/stream/rc4/rc4.cpp index 6146e2818..9a6268b8c 100644 --- a/src/lib/stream/rc4/rc4.cpp +++ b/src/lib/stream/rc4/rc4.cpp @@ -111,6 +111,6 @@ void RC4::clear() /* * RC4 Constructor */ -RC4::RC4(size_t s) : SKIP(s), X(0), Y(0) {} +RC4::RC4(size_t s) : SKIP(s) {} } diff --git a/src/lib/stream/rc4/rc4.h b/src/lib/stream/rc4/rc4.h index 60c9450b4..9c4b2717c 100644 --- a/src/lib/stream/rc4/rc4.h +++ b/src/lib/stream/rc4/rc4.h @@ -44,12 +44,11 @@ class BOTAN_DLL RC4 : public StreamCipher void generate(); const size_t SKIP; - - byte X, Y; + byte X = 0; + byte Y = 0; secure_vector<byte> state; - secure_vector<byte> buffer; - size_t position; + size_t position = 0; }; } diff --git a/src/lib/tls/msg_client_kex.cpp b/src/lib/tls/msg_client_kex.cpp index 7ce9b9df2..68809f22f 100644 --- a/src/lib/tls/msg_client_kex.cpp +++ b/src/lib/tls/msg_client_kex.cpp @@ -365,7 +365,7 @@ Client_Key_Exchange::Client_Key_Exchange(const std::vector<byte>& contents, else m_pre_master = shared_secret; } - catch(std::exception &e) + catch(std::exception &) { /* * Something failed in the DH computation. To avoid possible diff --git a/src/lib/utils/data_src.cpp b/src/lib/utils/data_src.cpp index 4e0725943..b79f83d40 100644 --- a/src/lib/utils/data_src.cpp +++ b/src/lib/utils/data_src.cpp @@ -41,6 +41,7 @@ size_t DataSource::discard_next(size_t n) { const size_t got = this->read(buf, std::min(n, sizeof(buf))); discarded += got; + n -= got; if(got == 0) break; diff --git a/src/lib/utils/http_util/http_util.cpp b/src/lib/utils/http_util/http_util.cpp index 1f67c0b4b..6d4e7c8e8 100644 --- a/src/lib/utils/http_util/http_util.cpp +++ b/src/lib/utils/http_util/http_util.cpp @@ -98,7 +98,6 @@ Response http_sync(http_exch_fn http_transact, const auto protocol_host_sep = url.find("://"); if(protocol_host_sep == std::string::npos) throw Exception("Invalid URL " + url); - const std::string protocol = url.substr(0, protocol_host_sep); const auto host_loc_sep = url.find('/', protocol_host_sep + 3); diff --git a/src/lib/utils/loadstor.h b/src/lib/utils/loadstor.h index 53700fc86..a6c2b7969 100644 --- a/src/lib/utils/loadstor.h +++ b/src/lib/utils/loadstor.h @@ -1,6 +1,6 @@ /* * Load/Store Operators -* (C) 1999-2007 Jack Lloyd +* (C) 1999-2007,2015 Jack Lloyd * 2007 Yves Jerschow * * Botan is released under the Simplified BSD License (see license.txt) @@ -144,10 +144,13 @@ inline T load_le(const byte in[], size_t off) template<> inline u16bit load_be<u16bit>(const byte in[], size_t off) { + in += off * sizeof(u16bit); + #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u16bit*>(in) + off)); + u16bit x; + std::memcpy(&x, in, sizeof(x)); + return BOTAN_ENDIAN_N2B(x); #else - in += off * sizeof(u16bit); return make_u16bit(in[0], in[1]); #endif } @@ -161,10 +164,13 @@ inline u16bit load_be<u16bit>(const byte in[], size_t off) template<> inline u16bit load_le<u16bit>(const byte in[], size_t off) { + in += off * sizeof(u16bit); + #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u16bit*>(in) + off)); + u16bit x; + std::memcpy(&x, in, sizeof(x)); + return BOTAN_ENDIAN_N2L(x); #else - in += off * sizeof(u16bit); return make_u16bit(in[1], in[0]); #endif } @@ -178,10 +184,12 @@ inline u16bit load_le<u16bit>(const byte in[], size_t off) template<> inline u32bit load_be<u32bit>(const byte in[], size_t off) { + in += off * sizeof(u32bit); #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u32bit*>(in) + off)); + u32bit x; + std::memcpy(&x, in, sizeof(x)); + return BOTAN_ENDIAN_N2B(x); #else - in += off * sizeof(u32bit); return make_u32bit(in[0], in[1], in[2], in[3]); #endif } @@ -195,10 +203,12 @@ inline u32bit load_be<u32bit>(const byte in[], size_t off) template<> inline u32bit load_le<u32bit>(const byte in[], size_t off) { + in += off * sizeof(u32bit); #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u32bit*>(in) + off)); + u32bit x; + std::memcpy(&x, in, sizeof(x)); + return BOTAN_ENDIAN_N2L(x); #else - in += off * sizeof(u32bit); return make_u32bit(in[3], in[2], in[1], in[0]); #endif } @@ -212,10 +222,12 @@ inline u32bit load_le<u32bit>(const byte in[], size_t off) template<> inline u64bit load_be<u64bit>(const byte in[], size_t off) { + in += off * sizeof(u64bit); #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u64bit*>(in) + off)); + u64bit x; + std::memcpy(&x, in, sizeof(x)); + return BOTAN_ENDIAN_N2B(x); #else - in += off * sizeof(u64bit); return make_u64bit(in[0], in[1], in[2], in[3], in[4], in[5], in[6], in[7]); #endif @@ -230,10 +242,12 @@ inline u64bit load_be<u64bit>(const byte in[], size_t off) template<> inline u64bit load_le<u64bit>(const byte in[], size_t off) { + in += off * sizeof(u64bit); #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u64bit*>(in) + off)); + u64bit x; + std::memcpy(&x, in, sizeof(x)); + return BOTAN_ENDIAN_N2L(x); #else - in += off * sizeof(u64bit); return make_u64bit(in[7], in[6], in[5], in[4], in[3], in[2], in[1], in[0]); #endif @@ -308,24 +322,27 @@ inline void load_le(T out[], const byte in[], size_t count) { + if(count > 0) + { #if defined(BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANNESS) - std::memcpy(out, in, sizeof(T)*count); + std::memcpy(out, in, sizeof(T)*count); #if defined(BOTAN_TARGET_CPU_IS_BIG_ENDIAN) - const size_t blocks = count - (count % 4); - const size_t left = count - blocks; + const size_t blocks = count - (count % 4); + const size_t left = count - blocks; - for(size_t i = 0; i != blocks; i += 4) - bswap_4(out + i); + for(size_t i = 0; i != blocks; i += 4) + bswap_4(out + i); - for(size_t i = 0; i != left; ++i) - out[blocks+i] = reverse_bytes(out[blocks+i]); + for(size_t i = 0; i != left; ++i) + out[blocks+i] = reverse_bytes(out[blocks+i]); #endif #else - for(size_t i = 0; i != count; ++i) - out[i] = load_le<T>(in, i); + for(size_t i = 0; i != count; ++i) + out[i] = load_le<T>(in, i); #endif + } } /** @@ -397,24 +414,27 @@ inline void load_be(T out[], const byte in[], size_t count) { + if(count > 0) + { #if defined(BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANNESS) - std::memcpy(out, in, sizeof(T)*count); + std::memcpy(out, in, sizeof(T)*count); #if defined(BOTAN_TARGET_CPU_IS_LITTLE_ENDIAN) - const size_t blocks = count - (count % 4); - const size_t left = count - blocks; + const size_t blocks = count - (count % 4); + const size_t left = count - blocks; - for(size_t i = 0; i != blocks; i += 4) - bswap_4(out + i); + for(size_t i = 0; i != blocks; i += 4) + bswap_4(out + i); - for(size_t i = 0; i != left; ++i) - out[blocks+i] = reverse_bytes(out[blocks+i]); + for(size_t i = 0; i != left; ++i) + out[blocks+i] = reverse_bytes(out[blocks+i]); #endif #else - for(size_t i = 0; i != count; ++i) - out[i] = load_be<T>(in, i); + for(size_t i = 0; i != count; ++i) + out[i] = load_be<T>(in, i); #endif + } } /** @@ -425,7 +445,8 @@ inline void load_be(T out[], inline void store_be(u16bit in, byte out[2]) { #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - *reinterpret_cast<u16bit*>(out) = BOTAN_ENDIAN_B2N(in); + u16bit o = BOTAN_ENDIAN_N2B(in); + std::memcpy(out, &o, sizeof(o)); #else out[0] = get_byte(0, in); out[1] = get_byte(1, in); @@ -440,7 +461,8 @@ inline void store_be(u16bit in, byte out[2]) inline void store_le(u16bit in, byte out[2]) { #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - *reinterpret_cast<u16bit*>(out) = BOTAN_ENDIAN_L2N(in); + u16bit o = BOTAN_ENDIAN_N2L(in); + std::memcpy(out, &o, sizeof(o)); #else out[0] = get_byte(1, in); out[1] = get_byte(0, in); @@ -455,7 +477,8 @@ inline void store_le(u16bit in, byte out[2]) inline void store_be(u32bit in, byte out[4]) { #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - *reinterpret_cast<u32bit*>(out) = BOTAN_ENDIAN_B2N(in); + u32bit o = BOTAN_ENDIAN_B2N(in); + std::memcpy(out, &o, sizeof(o)); #else out[0] = get_byte(0, in); out[1] = get_byte(1, in); @@ -472,7 +495,8 @@ inline void store_be(u32bit in, byte out[4]) inline void store_le(u32bit in, byte out[4]) { #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - *reinterpret_cast<u32bit*>(out) = BOTAN_ENDIAN_L2N(in); + u32bit o = BOTAN_ENDIAN_L2N(in); + std::memcpy(out, &o, sizeof(o)); #else out[0] = get_byte(3, in); out[1] = get_byte(2, in); @@ -489,7 +513,8 @@ inline void store_le(u32bit in, byte out[4]) inline void store_be(u64bit in, byte out[8]) { #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - *reinterpret_cast<u64bit*>(out) = BOTAN_ENDIAN_B2N(in); + u64bit o = BOTAN_ENDIAN_B2N(in); + std::memcpy(out, &o, sizeof(o)); #else out[0] = get_byte(0, in); out[1] = get_byte(1, in); @@ -510,7 +535,8 @@ inline void store_be(u64bit in, byte out[8]) inline void store_le(u64bit in, byte out[8]) { #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - *reinterpret_cast<u64bit*>(out) = BOTAN_ENDIAN_L2N(in); + u64bit o = BOTAN_ENDIAN_L2N(in); + std::memcpy(out, &o, sizeof(o)); #else out[0] = get_byte(7, in); out[1] = get_byte(6, in); diff --git a/src/lib/utils/mem_ops.h b/src/lib/utils/mem_ops.h index 6ea7bdafe..0d2d0dab0 100644 --- a/src/lib/utils/mem_ops.h +++ b/src/lib/utils/mem_ops.h @@ -1,6 +1,6 @@ /* * Memory Operations -* (C) 1999-2009,2012 Jack Lloyd +* (C) 1999-2009,2012,2015 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -28,7 +28,10 @@ BOTAN_DLL void zero_mem(void* ptr, size_t n); */ template<typename T> inline void clear_mem(T* ptr, size_t n) { - std::memset(ptr, 0, sizeof(T)*n); + if(n > 0) + { + std::memset(ptr, 0, sizeof(T)*n); + } } /** @@ -39,7 +42,10 @@ template<typename T> inline void clear_mem(T* ptr, size_t n) */ template<typename T> inline void copy_mem(T* out, const T* in, size_t n) { - std::memmove(out, in, sizeof(T)*n); + if(n > 0) + { + std::memmove(out, in, sizeof(T)*n); + } } /** @@ -51,7 +57,10 @@ template<typename T> inline void copy_mem(T* out, const T* in, size_t n) template<typename T> inline void set_mem(T* ptr, size_t n, byte val) { - std::memset(ptr, val, sizeof(T)*n); + if(n > 0) + { + std::memset(ptr, val, sizeof(T)*n); + } } /** @@ -72,7 +81,7 @@ template<typename T> inline bool same_mem(const T* p1, const T* p2, size_t n) } /** -* XOR arrays. Postcondition out[i] = in[i] ^ out[i] forall i = 0...length +* XOR_ arrays. Postcondition out[i] = in[i] ^ out[i] forall i = 0...length * @param out the input/output buffer * @param in the read-only input buffer * @param length the length of the buffers @@ -80,18 +89,10 @@ template<typename T> inline bool same_mem(const T* p1, const T* p2, size_t n) template<typename T> void xor_buf(T out[], const T in[], size_t length) { - while(length >= 8) - { - out[0] ^= in[0]; out[1] ^= in[1]; - out[2] ^= in[2]; out[3] ^= in[3]; - out[4] ^= in[4]; out[5] ^= in[5]; - out[6] ^= in[6]; out[7] ^= in[7]; - - out += 8; in += 8; length -= 8; - } - for(size_t i = 0; i != length; ++i) + { out[i] ^= in[i]; + } } /** @@ -106,60 +107,12 @@ template<typename T> void xor_buf(T out[], const T in2[], size_t length) { - while(length >= 8) - { - out[0] = in[0] ^ in2[0]; - out[1] = in[1] ^ in2[1]; - out[2] = in[2] ^ in2[2]; - out[3] = in[3] ^ in2[3]; - out[4] = in[4] ^ in2[4]; - out[5] = in[5] ^ in2[5]; - out[6] = in[6] ^ in2[6]; - out[7] = in[7] ^ in2[7]; - - in += 8; in2 += 8; out += 8; length -= 8; - } - for(size_t i = 0; i != length; ++i) - out[i] = in[i] ^ in2[i]; - } - -#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK - -template<> -inline void xor_buf<byte>(byte out[], const byte in[], size_t length) - { - while(length >= 8) { - *reinterpret_cast<u64bit*>(out) ^= *reinterpret_cast<const u64bit*>(in); - out += 8; in += 8; length -= 8; - } - - for(size_t i = 0; i != length; ++i) - out[i] ^= in[i]; - } - -template<> -inline void xor_buf<byte>(byte out[], - const byte in[], - const byte in2[], - size_t length) - { - while(length >= 8) - { - *reinterpret_cast<u64bit*>(out) = - *reinterpret_cast<const u64bit*>(in) ^ - *reinterpret_cast<const u64bit*>(in2); - - in += 8; in2 += 8; out += 8; length -= 8; - } - - for(size_t i = 0; i != length; ++i) out[i] = in[i] ^ in2[i]; + } } -#endif - template<typename Alloc, typename Alloc2> void xor_buf(std::vector<byte, Alloc>& out, const std::vector<byte, Alloc2>& in, diff --git a/src/scripts/comba.py b/src/scripts/comba.py index dcac14657..f0165a3ce 100755 --- a/src/scripts/comba.py +++ b/src/scripts/comba.py @@ -1,7 +1,10 @@ -#!/usr/bin/python +#!/usr/bin/python2 import sys +# (C) 2011,2014,2015 Jack Lloyd +# Botan is released under the Simplified BSD License (see license.txt) + # Used to generate src/lib/math/mp/mp_comba.cpp def comba_indexes(N): @@ -78,7 +81,8 @@ def main(args = None): print """/* * Comba Multiplication and Squaring -* (C) 1999-2007,2011,2014 Jack Lloyd +* +* This file was automatically generated by comba.py * * Botan is released under the Simplified BSD License (see license.txt) */ diff --git a/src/tests/data/pubkey/rsa_kem.vec b/src/tests/data/pubkey/rsa_kem.vec new file mode 100644 index 000000000..6fb76fcfe --- /dev/null +++ b/src/tests/data/pubkey/rsa_kem.vec @@ -0,0 +1,25 @@ + +# RSA-KEM tests vectors from ISO-18033-2 +# http://www.shoup.net/iso/std4.pdf + +# R values here are -1 from the actual desired value to account for +# some logic in random_integer wrt the bounds + +# Test C.6.2 +E = 65537 +P = 74100103850091296168511028051948833436338123529747970640732238422269665602829 +Q = 79461607023043824134896992211543210236933205105414344240218914846895267687977 +R = 032E45326FA859A72EC235ACFF929B15D1372E30B207255F0611B8F785D764374152E0AC009E509E7BA30CD2F1778E113B64E135CF4E2292C75EFE5288EDFDA3 +C0 = 4603E5324CAB9CEF8365C817052D954D44447B1667099EDC69942D32CD594E4FFCF268AE3836E2C35744AAA53AE201FE499806B67DEDAA26BF72ECBD117A6FC0 +KDF = KDF2(SHA-1) +K = 0E6A26EB7B956CCB8B3BDC1CA975BC57C3989E8FBAD31A224655D800C46954840F + +# Test C.6.4 + +E = 65537 +P = 74100103850091296168511028051948833436338123529747970640732238422269665602829 +Q = 79461607023043824134896992211543210236933205105414344240218914846895267687977 +R = 032E45326FA859A72EC235ACFF929B15D1372E30B207255F0611B8F785D764374152E0AC009E509E7BA30CD2F1778E113B64E135CF4E2292C75EFE5288EDFDA3 +C0 = 4603E5324CAB9CEF8365C817052D954D44447B1667099EDC69942D32CD594E4FFCF268AE3836E2C35744AAA53AE201FE499806B67DEDAA26BF72ECBD117A6FC0 +KDF = KDF2(SHA-256) +K = 10a2403db42a8743cb989de86e668d168cbe6046 diff --git a/src/tests/main.cpp b/src/tests/main.cpp index 57a525dbd..c15fab438 100644 --- a/src/tests/main.cpp +++ b/src/tests/main.cpp @@ -249,7 +249,7 @@ class Test_Runner : public Botan_CLI::Command }; -BOTAN_REGISTER_COMMAND(Test_Runner); +BOTAN_REGISTER_COMMAND("test", Test_Runner); } @@ -259,7 +259,7 @@ int main(int argc, char* argv[]) BOTAN_VERSION_MINOR, BOTAN_VERSION_PATCH); - Botan_CLI::Command* cmd = Botan_CLI::Command::get_cmd("test"); + std::unique_ptr<Botan_CLI::Command> cmd(Botan_CLI::Command::get_cmd("test")); if(!cmd) { diff --git a/src/tests/test_aead.cpp b/src/tests/test_aead.cpp index 5d7e1094e..a31996fad 100644 --- a/src/tests/test_aead.cpp +++ b/src/tests/test_aead.cpp @@ -71,7 +71,7 @@ class AEAD_Tests : public Text_Based_Test dec->finish(buf); result.test_failure("accepted modified message", mutated_input); } - catch(Botan::Integrity_Failure& e) + catch(Botan::Integrity_Failure&) { result.test_note("correctly rejected modified message"); } @@ -93,7 +93,7 @@ class AEAD_Tests : public Text_Based_Test dec->finish(buf); result.test_failure("accepted message with modified nonce", bad_nonce); } - catch(Botan::Integrity_Failure& e) + catch(Botan::Integrity_Failure&) { result.test_note("correctly rejected modified nonce"); } @@ -115,7 +115,7 @@ class AEAD_Tests : public Text_Based_Test dec->finish(buf); result.test_failure("accepted message with modified ad", bad_ad); } - catch(Botan::Integrity_Failure& e) + catch(Botan::Integrity_Failure&) { result.test_note("correctly rejected modified ad"); } diff --git a/src/tests/test_bigint.cpp b/src/tests/test_bigint.cpp index 5eaa0d0f1..6599b89b3 100644 --- a/src/tests/test_bigint.cpp +++ b/src/tests/test_bigint.cpp @@ -63,7 +63,7 @@ class BigInt_Unit_Tests : public Test a.to_u32bit(); result.test_failure("BigInt::to_u32bit roundtripped out of range value"); } - catch(std::exception& e) + catch(std::exception&) { result.test_success("BigInt::to_u32bit rejected out of range"); } diff --git a/src/tests/test_dh.cpp b/src/tests/test_dh.cpp index 643206031..a30564f92 100644 --- a/src/tests/test_dh.cpp +++ b/src/tests/test_dh.cpp @@ -28,7 +28,7 @@ class Diffie_Hellman_KAT_Tests : public PK_Key_Agreement_Test {"KDF"}) {} - std::string default_kdf(const VarMap&) { return "Raw"; } + std::string default_kdf(const VarMap&) const override { return "Raw"; } std::unique_ptr<Botan::Private_Key> load_our_key(const VarMap& vars) override { diff --git a/src/tests/test_fuzzer.cpp b/src/tests/test_fuzzer.cpp index eba49a1ae..3a5dcc47c 100644 --- a/src/tests/test_fuzzer.cpp +++ b/src/tests/test_fuzzer.cpp @@ -58,7 +58,7 @@ class Fuzzer_Input_Tests : public Test // TODO: check for memory consumption? Botan::X509_Certificate cert(vec_file); } - catch(std::exception& e) + catch(std::exception&) { } diff --git a/src/tests/test_mceliece.cpp b/src/tests/test_mceliece.cpp index d3c646504..36ecd660e 100644 --- a/src/tests/test_mceliece.cpp +++ b/src/tests/test_mceliece.cpp @@ -11,7 +11,6 @@ #if defined(BOTAN_HAS_MCELIECE) #include <botan/mceliece.h> -#include <botan/mce_kem.h> #include <botan/pubkey.h> #include <botan/oids.h> #include <botan/hmac_drbg.h> @@ -81,13 +80,17 @@ class McEliece_Keygen_Encrypt_Test : public Text_Based_Test rng.clear(); rng.add_entropy(encrypt_seed.data(), encrypt_seed.size()); - Botan::McEliece_KEM_Encryptor kem_enc(mce_priv); - Botan::McEliece_KEM_Decryptor kem_dec(mce_priv); + Botan::PK_KEM_Encryptor kem_enc(mce_priv, "KDF1(SHA-512)"); + Botan::PK_KEM_Decryptor kem_dec(mce_priv, "KDF1(SHA-512)"); - const auto kem = kem_enc.encrypt(rng); - result.test_eq("ciphertext", kem.first, ciphertext); - result.test_eq("encrypt shared", kem.second, shared_key); - result.test_eq("decrypt shared", kem_dec.decrypt_vec(kem.first), shared_key); + Botan::secure_vector<byte> encap_key, prod_shared_key; + kem_enc.encrypt(encap_key, prod_shared_key, 64, rng); + + Botan::secure_vector<byte> dec_shared_key = kem_dec.decrypt(encap_key.data(), encap_key.size(), 64); + + result.test_eq("ciphertext", encap_key, ciphertext); + result.test_eq("encrypt shared", prod_shared_key, shared_key); + result.test_eq("decrypt shared", dec_shared_key, shared_key); return result; } @@ -176,18 +179,19 @@ class McEliece_Tests : public Test { Test::Result result("McEliece KEM"); - Botan::McEliece_KEM_Encryptor pub_op(pk); - Botan::McEliece_KEM_Decryptor priv_op(sk); + Botan::PK_KEM_Encryptor enc_op(pk, "KDF2(SHA-256)"); + Botan::PK_KEM_Decryptor dec_op(sk, "KDF2(SHA-256)"); for(size_t i = 0; i <= Test::soak_level(); i++) { - const std::pair<Botan::secure_vector<byte>,Botan::secure_vector<byte> > ciphertext__sym_key = pub_op.encrypt(Test::rng()); - const Botan::secure_vector<byte>& ciphertext = ciphertext__sym_key.first; - const Botan::secure_vector<byte>& sym_key_encr = ciphertext__sym_key.second; + Botan::secure_vector<byte> salt = Test::rng().random_vec(i); + + Botan::secure_vector<byte> encap_key, shared_key; + enc_op.encrypt(encap_key, shared_key, 64, Test::rng(), salt); - const Botan::secure_vector<byte> sym_key_decr = priv_op.decrypt(ciphertext.data(), ciphertext.size()); + Botan::secure_vector<byte> shared_key2 = dec_op.decrypt(encap_key, 64, salt); - result.test_eq("same key", sym_key_decr, sym_key_encr); + result.test_eq("same key", shared_key, shared_key2); } return result; } @@ -222,7 +226,7 @@ class McEliece_Tests : public Test result.test_failure("AEAD decrypted manipulated ciphertext"); result.test_note("Manipulated text was " + Botan::hex_encode(bad_ct)); } - catch(Botan::Integrity_Failure& e) + catch(Botan::Integrity_Failure&) { result.test_note("AEAD rejected manipulated ciphertext"); } diff --git a/src/tests/test_pubkey.cpp b/src/tests/test_pubkey.cpp index 648477a1a..70712601d 100644 --- a/src/tests/test_pubkey.cpp +++ b/src/tests/test_pubkey.cpp @@ -74,7 +74,7 @@ void check_invalid_ciphertexts(Test::Result& result, result.test_eq("used corrupted ciphertext", bad_ctext, ciphertext); } } - catch(std::exception& e) + catch(std::exception&) { ++ciphertext_rejected; } @@ -249,6 +249,46 @@ PK_Encryption_Decryption_Test::run_one_test(const std::string&, const VarMap& va return result; } +Test::Result PK_KEM_Test::run_one_test(const std::string&, const VarMap& vars) + { + const std::vector<uint8_t> K = get_req_bin(vars, "K"); + const std::vector<uint8_t> C0 = get_req_bin(vars, "C0"); + const std::vector<uint8_t> salt = get_opt_bin(vars, "Salt"); + const std::string kdf = get_req_str(vars, "KDF"); + + Test::Result result(algo_name() + "/" + kdf + " KEM"); + + std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars); + + const size_t desired_key_len = K.size(); + + Botan::PK_KEM_Encryptor enc(*privkey, kdf); + + Fixed_Output_RNG fixed_output_rng(get_req_bin(vars, "R")); + + Botan::secure_vector<byte> produced_encap_key, shared_key; + enc.encrypt(produced_encap_key, + shared_key, + desired_key_len, + fixed_output_rng, + salt); + + result.test_eq("C0 matches", produced_encap_key, C0); + result.test_eq("K matches", shared_key, K); + + Botan::PK_KEM_Decryptor dec(*privkey, kdf); + + const Botan::secure_vector<uint8_t> decr_shared_key = + dec.decrypt(C0.data(), C0.size(), + desired_key_len, + salt.data(), + salt.size()); + + result.test_eq("decrypted K matches", decr_shared_key, K); + + return result; + } + Test::Result PK_Key_Agreement_Test::run_one_test(const std::string&, const VarMap& vars) { const std::vector<uint8_t> shared = get_req_bin(vars, "K"); diff --git a/src/tests/test_pubkey.h b/src/tests/test_pubkey.h index edb36f07b..beb1b2ea2 100644 --- a/src/tests/test_pubkey.h +++ b/src/tests/test_pubkey.h @@ -87,6 +87,22 @@ class PK_Key_Agreement_Test : public Text_Based_Test Test::Result run_one_test(const std::string& header, const VarMap& vars) override; }; +class PK_KEM_Test : public Text_Based_Test + { + public: + //using Text_Based_Test::Text_Based_Test; + + PK_KEM_Test(const std::string& algo, + const std::string& test_src, + const std::vector<std::string>& required_keys, + const std::vector<std::string>& optional_keys = {}) : + Text_Based_Test(algo, test_src, required_keys, optional_keys) {} + + virtual std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) = 0; + private: + Test::Result run_one_test(const std::string& header, const VarMap& vars) override; + }; + class PK_Key_Generation_Test : public Test { protected: diff --git a/src/tests/test_rsa.cpp b/src/tests/test_rsa.cpp index 2720ae49a..6c89a5b29 100644 --- a/src/tests/test_rsa.cpp +++ b/src/tests/test_rsa.cpp @@ -38,6 +38,25 @@ class RSA_ES_KAT_Tests : public PK_Encryption_Decryption_Test } }; +class RSA_KEM_Tests : public PK_KEM_Test + { + public: + RSA_KEM_Tests() : PK_KEM_Test("RSA", "pubkey/rsa_kem.vec", + {"E", "P", "Q", "R", "C0", "KDF", "OutLen", "K"}) + {} + + std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override + { + const BigInt p = get_req_bn(vars, "P"); + const BigInt q = get_req_bn(vars, "Q"); + const BigInt e = get_req_bn(vars, "E"); + + std::unique_ptr<Botan::Private_Key> key(new Botan::RSA_PrivateKey(Test::rng(), p, q, e)); + return key; + } + + }; + class RSA_Signature_KAT_Tests : public PK_Signature_Generation_Test { public: @@ -100,6 +119,7 @@ class RSA_Keygen_Tests : public PK_Key_Generation_Test BOTAN_REGISTER_TEST("rsa_encrypt", RSA_ES_KAT_Tests); BOTAN_REGISTER_TEST("rsa_sign", RSA_Signature_KAT_Tests); BOTAN_REGISTER_TEST("rsa_verify", RSA_Signature_Verify_Tests); +BOTAN_REGISTER_TEST("rsa_kem", RSA_KEM_Tests); BOTAN_REGISTER_TEST("rsa_keygen", RSA_Keygen_Tests); #endif diff --git a/src/tests/test_utils.cpp b/src/tests/test_utils.cpp index 16b1848ef..47f740a17 100644 --- a/src/tests/test_utils.cpp +++ b/src/tests/test_utils.cpp @@ -305,7 +305,7 @@ class Base64_Tests : public Text_Based_Test { result.test_failure("decoded whitespace base64", Botan::base64_decode(b64_ws, false)); } - catch(std::exception& e) {} + catch(std::exception&) {} try { diff --git a/src/tests/test_x509_path.cpp b/src/tests/test_x509_path.cpp index 646f573a4..9bdf3721a 100644 --- a/src/tests/test_x509_path.cpp +++ b/src/tests/test_x509_path.cpp @@ -160,7 +160,6 @@ std::vector<Test::Result> NIST_Path_Validation_Tests::run() { const std::string test_name = i->first; const std::string expected_result = i->second; - printf("%s %s\n", test_name.c_str(), expected_result.c_str()); const std::string test_dir = nist_test_dir + "/" + test_name; diff --git a/src/tests/tests.cpp b/src/tests/tests.cpp index 4d035c0c8..b9d99b1ce 100644 --- a/src/tests/tests.cpp +++ b/src/tests/tests.cpp @@ -512,7 +512,7 @@ std::vector<uint8_t> Text_Based_Test::get_req_bin(const VarMap& vars, { return Botan::hex_decode(i->second); } - catch(std::exception& e) + catch(std::exception&) { throw Test_Error("Test invalid hex input '" + i->second + "'" + + " for key " + key); @@ -556,7 +556,7 @@ std::vector<uint8_t> Text_Based_Test::get_opt_bin(const VarMap& vars, { return Botan::hex_decode(i->second); } - catch(std::exception& e) + catch(std::exception&) { throw Test_Error("Test invalid hex input '" + i->second + "'" + + " for key " + key); @@ -583,7 +583,7 @@ Botan::BigInt Text_Based_Test::get_req_bn(const VarMap& vars, { return Botan::BigInt(i->second); } - catch(std::exception& e) + catch(std::exception&) { throw Test_Error("Test invalid bigint input '" + i->second + "' for key " + key); } diff --git a/src/tests/unit_ecc.cpp b/src/tests/unit_ecc.cpp index 92dee8ba4..4cb585e45 100644 --- a/src/tests/unit_ecc.cpp +++ b/src/tests/unit_ecc.cpp @@ -1,5 +1,7 @@ /* -* (C) 2009,2015 Jack Lloyd +* (C) 2007 Falko Strenzke +* 2007 Manuel Hartl +* 2009,2015 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -287,6 +289,9 @@ Test::Result test_point_transformation () // get a copy Botan::PointGFp q = p; + p.randomize_repr(Test::rng()); + q.randomize_repr(Test::rng()); + result.test_eq("affine x after copy", p.get_affine_x(), q.get_affine_x()); result.test_eq("affine y after copy", p.get_affine_y(), q.get_affine_y()); return result; @@ -523,7 +528,6 @@ Test::Result test_enc_dec_compressed_256() std::string a_secp = "ffffffff00000001000000000000000000000000ffffffffffffffffffffffFC"; std::string b_secp = "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"; std::string G_secp_comp = "036B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"; - std::string G_order_secp_comp = "ffffffff00000000ffffffffffffffffBCE6FAADA7179E84F3B9CAC2FC632551"; std::vector<byte> sv_p_secp = Botan::hex_decode ( p_secp ); std::vector<byte> sv_a_secp = Botan::hex_decode ( a_secp ); @@ -554,7 +558,6 @@ Test::Result test_enc_dec_uncompressed_112() std::string a_secp = "6127C24C05F38A0AAAF65C0EF02C"; std::string b_secp = "51DEF1815DB5ED74FCC34C85D709"; std::string G_secp_uncomp = "044BA30AB5E892B4E1649DD0928643ADCD46F5882E3747DEF36E956E97"; - std::string G_order_secp_uncomp = "36DF0AAFD8B8D7597CA10520D04B"; std::vector<byte> sv_p_secp = Botan::hex_decode ( p_secp ); std::vector<byte> sv_a_secp = Botan::hex_decode ( a_secp ); @@ -583,7 +586,6 @@ Test::Result test_enc_dec_uncompressed_521() std::string a_secp = "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffFC"; std::string b_secp = "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00"; std::string G_secp_uncomp = "0400C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2ffA8DE3348B3C1856A429BF97E7E31C2E5BD66011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"; - std::string G_order_secp_uncomp = "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409"; std::vector<byte> sv_p_secp = Botan::hex_decode ( p_secp ); std::vector<byte> sv_a_secp = Botan::hex_decode ( a_secp ); @@ -613,7 +615,6 @@ Test::Result test_enc_dec_uncompressed_521_prime_too_large() std::string a_secp = "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffFC"; std::string b_secp = "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00"; std::string G_secp_uncomp = "0400C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2ffA8DE3348B3C1856A429BF97E7E31C2E5BD66011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"; - std::string G_order_secp_uncomp = "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409"; std::vector<byte> sv_p_secp = Botan::hex_decode ( p_secp ); std::vector<byte> sv_a_secp = Botan::hex_decode ( a_secp ); @@ -632,7 +633,7 @@ Test::Result test_enc_dec_uncompressed_521_prime_too_large() p_G = std::unique_ptr<Botan::PointGFp>(new Botan::PointGFp(Botan::OS2ECP ( sv_G_secp_uncomp, secp521r1))); result.test_failure("point decoding with too large value accepted"); } - catch(std::exception& e) + catch(std::exception&) { result.test_note("rejected invalid point"); } @@ -684,9 +685,6 @@ Test::Result test_more_zeropoint() Botan::EC_Group secp160r1(Botan::OIDS::lookup("secp160r1")); const Botan::CurveGFp& curve = secp160r1.get_curve(); - std::string G = "024a96b5688ef573284664698968c38bb913cbfc82"; - std::vector<byte> sv_G_secp_comp = Botan::hex_decode ( G ); - Botan::PointGFp p1(curve, Botan::BigInt("16984103820118642236896513183038186009872590470"), Botan::BigInt("1373093393927139016463695321221277758035357890939")); diff --git a/src/tests/unit_ecdsa.cpp b/src/tests/unit_ecdsa.cpp index 66c2610f8..5b750e7fb 100644 --- a/src/tests/unit_ecdsa.cpp +++ b/src/tests/unit_ecdsa.cpp @@ -284,7 +284,7 @@ Test::Result test_read_pkcs8() result.test_failure("loaded key with unknown OID"); } - catch(std::exception& e) + catch(std::exception&) { result.test_note("rejected key with unknown OID"); } diff --git a/src/tests/unit_tls.cpp b/src/tests/unit_tls.cpp index 0ff85bb29..3996b36b0 100644 --- a/src/tests/unit_tls.cpp +++ b/src/tests/unit_tls.cpp @@ -530,7 +530,7 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, needed = client.received_data(input.data(), input.size()); } } - catch(std::exception& e) + catch(std::exception&) { result.test_note("corruption caused server exception"); } @@ -570,7 +570,7 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, needed = client.received_data(input.data(), input.size()); } } - catch(std::exception& e) + catch(std::exception&) { result.test_note("corruption caused client exception"); } |