From 8a47f6f2bbf169a2ea0853234f81b49070c770df Mon Sep 17 00:00:00 2001
From: lloyd <lloyd@randombit.net>
Date: Mon, 8 Mar 2010 15:36:18 +0000
Subject: Modify pubkey classes to take names instead of object pointers.

Remove use of look_pk from the source and examples, instead
instantiate classes directly.
---
 src/cert/cvc/cvc_self.cpp      | 26 ++++++++----------
 src/cert/cvc/signed_obj.cpp    |  6 ++--
 src/cert/x509/x509_ca.cpp      |  4 +--
 src/cert/x509/x509_obj.cpp     |  7 ++---
 src/cert/x509/x509self.cpp     |  1 -
 src/cert/x509/x509stor.cpp     |  8 ++----
 src/cms/cms_dalg.cpp           |  1 -
 src/cms/cms_ealg.cpp           | 19 +++++++------
 src/pubkey/dlies/dlies.cpp     | 11 +++-----
 src/pubkey/dlies/dlies.h       |  4 +--
 src/pubkey/dsa/dsa.cpp         |  8 ++----
 src/pubkey/elgamal/elgamal.cpp |  9 +++---
 src/pubkey/keypair/keypair.cpp | 30 ++++++++------------
 src/pubkey/keypair/keypair.h   |  8 +++---
 src/pubkey/nr/nr.cpp           |  9 +++---
 src/pubkey/rsa/rsa.cpp         | 12 +++-----
 src/pubkey/rw/rw.cpp           |  9 +++---
 src/ssl/c_kex.cpp              | 22 +++++++--------
 src/ssl/cert_ver.cpp           | 52 +++++++++++++++++++----------------
 src/ssl/s_kex.cpp              | 62 ++++++++++++++++++++++--------------------
 20 files changed, 148 insertions(+), 160 deletions(-)

(limited to 'src')

diff --git a/src/cert/cvc/cvc_self.cpp b/src/cert/cvc/cvc_self.cpp
index b54b8b4bb..fbd042676 100644
--- a/src/cert/cvc/cvc_self.cpp
+++ b/src/cert/cvc/cvc_self.cpp
@@ -10,7 +10,6 @@
 #include <botan/point_gfp.h>
 #include <botan/time.h>
 #include <botan/oids.h>
-#include <botan/look_pk.h>
 #include <sstream>
 
 namespace Botan {
@@ -105,12 +104,11 @@ EAC1_1_CVC create_self_signed_cert(Private_Key const& key,
    sig_algo.oid = OIDS::lookup(priv_key->algo_name() + "/" + padding_and_hash);
    sig_algo = AlgorithmIdentifier(sig_algo.oid, AlgorithmIdentifier::USE_NULL_PARAM);
 
-   std::auto_ptr<Botan::PK_Signer> signer(
-      get_pk_signer(*priv_key, padding_and_hash));
+   PK_Signer signer(*priv_key, padding_and_hash);
 
    MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
 
-   return make_cvc_cert(*signer,
+   return make_cvc_cert(signer,
                         enc_public_key,
                         opt.car, chr,
                         opt.holder_auth_templ,
@@ -133,7 +131,7 @@ EAC1_1_Req create_cvc_req(Private_Key const& key,
    sig_algo.oid = OIDS::lookup(priv_key->algo_name() + "/" + padding_and_hash);
    sig_algo = AlgorithmIdentifier(sig_algo.oid, AlgorithmIdentifier::USE_NULL_PARAM);
 
-   std::auto_ptr<Botan::PK_Signer> signer(get_pk_signer(*priv_key, padding_and_hash));
+   PK_Signer signer(*priv_key, padding_and_hash);
 
    MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
 
@@ -146,7 +144,7 @@ EAC1_1_Req create_cvc_req(Private_Key const& key,
       .get_contents();
 
    MemoryVector<byte> signed_cert =
-      EAC1_1_gen_CVC<EAC1_1_Req>::make_signed(*signer,
+      EAC1_1_gen_CVC<EAC1_1_Req>::make_signed(signer,
                                               EAC1_1_gen_CVC<EAC1_1_Req>::build_cert_body(tbs),
                                               rng);
 
@@ -166,10 +164,10 @@ EAC1_1_ADO create_ado_req(Private_Key const& key,
       throw Invalid_Argument("CVC_EAC::create_self_signed_cert(): unsupported key type");
       }
    std::string padding_and_hash = padding_and_hash_from_oid(req.signature_algorithm().oid);
-   std::auto_ptr<Botan::PK_Signer> signer(get_pk_signer(*priv_key, padding_and_hash));
+   PK_Signer signer(*priv_key, padding_and_hash);
    SecureVector<byte> tbs_bits = req.BER_encode();
    tbs_bits.append(DER_Encoder().encode(car).get_contents());
-   MemoryVector<byte> signed_cert = EAC1_1_ADO::make_signed(*signer, tbs_bits, rng);
+   MemoryVector<byte> signed_cert = EAC1_1_ADO::make_signed(signer, tbs_bits, rng);
 
    DataSource_Memory source(signed_cert);
    return EAC1_1_ADO(source);
@@ -199,7 +197,7 @@ EAC1_1_CVC create_cvca(Private_Key const& key,
    opts.cex.add_months(cvca_validity_months);
    opts.holder_auth_templ = (CVCA | (iris * IRIS) | (fingerpr * FINGERPRINT));
    opts.hash_alg = hash;
-   return Botan::CVC_EAC::create_self_signed_cert(*priv_key, opts, rng);
+   return CVC_EAC::create_self_signed_cert(*priv_key, opts, rng);
    }
 
 
@@ -230,14 +228,14 @@ EAC1_1_CVC link_cvca(EAC1_1_CVC const& signer,
       }
    AlgorithmIdentifier sig_algo = signer.signature_algorithm();
    std::string padding_and_hash = padding_and_hash_from_oid(sig_algo.oid);
-   std::auto_ptr<Botan::PK_Signer> pk_signer(get_pk_signer(*priv_key, padding_and_hash));
+   PK_Signer pk_signer(*priv_key, padding_and_hash);
    std::auto_ptr<Public_Key> pk = signee.subject_public_key();
    ECDSA_PublicKey* subj_pk = dynamic_cast<ECDSA_PublicKey*>(pk.get());
    subj_pk->set_parameter_encoding(EC_DOMPAR_ENC_EXPLICIT);
 
    MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
 
-   return make_cvc_cert(*pk_signer, enc_public_key,
+   return make_cvc_cert(pk_signer, enc_public_key,
                         signer.get_car(),
                         signee.get_chr(),
                         signer.get_chat_value(),
@@ -264,7 +262,7 @@ EAC1_1_CVC sign_request(EAC1_1_CVC const& signer_cert,
    chr_str += to_string(seqnr, seqnr_len);
    ASN1_Chr chr(chr_str);
    std::string padding_and_hash = padding_and_hash_from_oid(signee.signature_algorithm().oid);
-   std::auto_ptr<Botan::PK_Signer> pk_signer(get_pk_signer(*priv_key, padding_and_hash));
+   PK_Signer pk_signer(*priv_key, padding_and_hash);
    std::auto_ptr<Public_Key> pk = signee.subject_public_key();
    ECDSA_PublicKey*  subj_pk = dynamic_cast<ECDSA_PublicKey*>(pk.get());
    std::auto_ptr<Public_Key> signer_pk = signer_cert.subject_public_key();
@@ -304,7 +302,7 @@ EAC1_1_CVC sign_request(EAC1_1_CVC const& signer_cert,
 
    MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
 
-   return make_cvc_cert(*pk_signer, enc_public_key,
+   return make_cvc_cert(pk_signer, enc_public_key,
                         ASN1_Car(signer_cert.get_chr().iso_8859()),
                         chr,
                         chat_val,
@@ -325,7 +323,7 @@ EAC1_1_Req create_cvc_req(Private_Key const& prkey,
       }
    ECDSA_PrivateKey key(*priv_key);
    key.set_parameter_encoding(EC_DOMPAR_ENC_IMPLICITCA);
-   return Botan::CVC_EAC::create_cvc_req(key, chr, hash_alg, rng);
+   return CVC_EAC::create_cvc_req(key, chr, hash_alg, rng);
    }
 
 } // namespace DE_EAC
diff --git a/src/cert/cvc/signed_obj.cpp b/src/cert/cvc/signed_obj.cpp
index ddb714621..d6aa2f02b 100644
--- a/src/cert/cvc/signed_obj.cpp
+++ b/src/cert/cvc/signed_obj.cpp
@@ -7,7 +7,7 @@
 */
 
 #include <botan/signed_obj.h>
-#include <botan/look_pk.h>
+#include <botan/pubkey.h>
 #include <botan/oids.h>
 #include <memory>
 
@@ -64,8 +64,8 @@ bool EAC_Signed_Object::check_signature(Public_Key& pub_key,
 
       SecureVector<byte> to_sign = tbs_data();
 
-      std::auto_ptr<PK_Verifier> verifier(get_pk_verifier(pub_key, padding, format));
-      return verifier->verify_message(to_sign, sig);
+      PK_Verifier verifier(pub_key, padding, format);
+      return verifier.verify_message(to_sign, sig);
       }
    catch(...)
       {
diff --git a/src/cert/x509/x509_ca.cpp b/src/cert/x509/x509_ca.cpp
index 00a105d1d..1f3e643e9 100644
--- a/src/cert/x509/x509_ca.cpp
+++ b/src/cert/x509/x509_ca.cpp
@@ -7,12 +7,12 @@
 
 #include <botan/x509_ca.h>
 #include <botan/x509stor.h>
+#include <botan/pubkey.h>
 #include <botan/der_enc.h>
 #include <botan/ber_dec.h>
 #include <botan/bigint.h>
 #include <botan/parsing.h>
 #include <botan/lookup.h>
-#include <botan/look_pk.h>
 #include <botan/oids.h>
 #include <botan/time.h>
 #include <algorithm>
@@ -272,7 +272,7 @@ PK_Signer* choose_sig_format(const Private_Key& key,
    sig_algo.oid = OIDS::lookup(algo_name + "/" + padding);
    sig_algo.parameters = key.algorithm_identifier().parameters;
 
-   return get_pk_signer(key, padding, format);
+   return new PK_Signer(key, padding, format);
    }
 
 }
diff --git a/src/cert/x509/x509_obj.cpp b/src/cert/x509/x509_obj.cpp
index fb92a9cb0..820972614 100644
--- a/src/cert/x509/x509_obj.cpp
+++ b/src/cert/x509/x509_obj.cpp
@@ -7,7 +7,7 @@
 
 #include <botan/x509_obj.h>
 #include <botan/x509_key.h>
-#include <botan/look_pk.h>
+#include <botan/pubkey.h>
 #include <botan/oids.h>
 #include <botan/der_enc.h>
 #include <botan/ber_dec.h>
@@ -168,10 +168,9 @@ bool X509_Object::check_signature(Public_Key& pub_key) const
       Signature_Format format =
          (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
 
-      std::auto_ptr<PK_Verifier> verifier(
-         get_pk_verifier(pub_key, padding, format));
+      PK_Verifier verifier(pub_key, padding, format);
 
-      return verifier->verify_message(tbs_data(), signature());
+      return verifier.verify_message(tbs_data(), signature());
       }
    catch(...)
       {
diff --git a/src/cert/x509/x509self.cpp b/src/cert/x509/x509self.cpp
index e85317462..89b63c8b2 100644
--- a/src/cert/x509/x509self.cpp
+++ b/src/cert/x509/x509self.cpp
@@ -9,7 +9,6 @@
 #include <botan/x509_ext.h>
 #include <botan/x509_ca.h>
 #include <botan/der_enc.h>
-#include <botan/look_pk.h>
 #include <botan/oids.h>
 #include <botan/pipe.h>
 #include <memory>
diff --git a/src/cert/x509/x509stor.cpp b/src/cert/x509/x509stor.cpp
index b134817e4..a24d4a070 100644
--- a/src/cert/x509/x509stor.cpp
+++ b/src/cert/x509/x509stor.cpp
@@ -8,7 +8,6 @@
 #include <botan/x509stor.h>
 #include <botan/parsing.h>
 #include <botan/pubkey.h>
-#include <botan/look_pk.h>
 #include <botan/oids.h>
 #include <botan/time.h>
 #include <algorithm>
@@ -394,11 +393,10 @@ X509_Code X509_Store::check_sig(const X509_Object& object, Public_Key* key)
       if(key->message_parts() >= 2) format = DER_SEQUENCE;
       else                          format = IEEE_1363;
 
-      std::auto_ptr<PK_Verifier> verifier(
-         get_pk_verifier(*pub_key.get(), padding, format));
+      PK_Verifier verifier(*pub_key.get(), padding, format);
 
-      bool valid = verifier->verify_message(object.tbs_data(),
-                                            object.signature());
+      bool valid = verifier.verify_message(object.tbs_data(),
+                                           object.signature());
 
       if(valid)
          return VERIFIED;
diff --git a/src/cms/cms_dalg.cpp b/src/cms/cms_dalg.cpp
index 1fc4e2faa..50a2397e5 100644
--- a/src/cms/cms_dalg.cpp
+++ b/src/cms/cms_dalg.cpp
@@ -10,7 +10,6 @@
 #include <botan/ber_dec.h>
 #include <botan/oids.h>
 #include <botan/hash.h>
-#include <botan/look_pk.h>
 #include <botan/bigint.h>
 #include <botan/libstate.h>
 #include <memory>
diff --git a/src/cms/cms_ealg.cpp b/src/cms/cms_ealg.cpp
index 4bae96302..0cfdbba82 100644
--- a/src/cms/cms_ealg.cpp
+++ b/src/cms/cms_ealg.cpp
@@ -6,15 +6,15 @@
 */
 
 #include <botan/cms_enc.h>
-#include <botan/der_enc.h>
-#include <botan/x509find.h>
 #include <botan/bigint.h>
-#include <botan/oids.h>
 #include <botan/cbc.h>
+#include <botan/der_enc.h>
 #include <botan/hash.h>
-#include <botan/look_pk.h>
 #include <botan/libstate.h>
+#include <botan/oids.h>
 #include <botan/pipe.h>
+#include <botan/pubkey.h>
+#include <botan/x509find.h>
 #include <memory>
 
 namespace Botan {
@@ -130,7 +130,8 @@ void CMS_Encoder::encrypt_ktri(RandomNumberGenerator& rng,
    {
    const std::string padding = "EME-PKCS1-v1_5";
    const std::string pk_algo = pub_key->algo_name();
-   std::auto_ptr<PK_Encryptor> enc(get_pk_encryptor(*pub_key, padding));
+
+   PK_Encryptor_MR_with_EME encryptor(*pub_key, padding);
 
    SymmetricKey cek = setup_key(rng, cipher);
 
@@ -146,7 +147,7 @@ void CMS_Encoder::encrypt_ktri(RandomNumberGenerator& rng,
             .encode((u32bit)0);
             encode_si(encoder, to)
             .encode(alg_id)
-            .encode(enc->encrypt(cek.bits_of(), rng), OCTET_STRING)
+            .encode(encryptor.encrypt(cek.bits_of(), rng), OCTET_STRING)
          .end_cons()
       .end_cons()
       .raw_bytes(do_encrypt(rng, cek, cipher))
@@ -292,14 +293,14 @@ void CMS_Encoder::sign(const X509_Certificate& cert,
 
    Signature_Format format = IEEE_1363;
 
-   std::auto_ptr<PK_Signer> signer(get_pk_signer(key, padding, format));
+   PK_Signer signer(key, padding, format);
 
    AlgorithmIdentifier sig_algo(OIDS::lookup(key.algo_name() + "/" + padding),
                                 AlgorithmIdentifier::USE_NULL_PARAM);
 
    SecureVector<byte> signed_attr = encode_attr(data, type, hash);
-   signer->update(signed_attr);
-   SecureVector<byte> signature = signer->signature(rng);
+   signer.update(signed_attr);
+   SecureVector<byte> signature = signer.signature(rng);
    signed_attr[0] = 0xA0;
 
    const u32bit SI_VERSION = cert.subject_key_id().size() ? 3 : 1;
diff --git a/src/pubkey/dlies/dlies.cpp b/src/pubkey/dlies/dlies.cpp
index 2253f84d5..07477fd5d 100644
--- a/src/pubkey/dlies/dlies.cpp
+++ b/src/pubkey/dlies/dlies.cpp
@@ -6,7 +6,6 @@
 */
 
 #include <botan/dlies.h>
-#include <botan/look_pk.h>
 #include <botan/internal/xor_buf.h>
 
 namespace Botan {
@@ -18,7 +17,7 @@ DLIES_Encryptor::DLIES_Encryptor(const PK_Key_Agreement_Key& key,
                                  KDF* kdf_obj,
                                  MessageAuthenticationCode* mac_obj,
                                  u32bit mac_kl) :
-   ka(get_pk_kas(key, "Raw")),
+   ka(key, "Raw"),
    kdf(kdf_obj),
    mac(mac_obj),
    mac_keylen(mac_kl)
@@ -28,7 +27,6 @@ DLIES_Encryptor::DLIES_Encryptor(const PK_Key_Agreement_Key& key,
 
 DLIES_Encryptor::~DLIES_Encryptor()
    {
-   delete ka;
    delete kdf;
    delete mac;
    }
@@ -48,7 +46,7 @@ SecureVector<byte> DLIES_Encryptor::enc(const byte in[], u32bit length,
    out.copy(my_key, my_key.size());
    out.copy(my_key.size(), in, length);
 
-   SecureVector<byte> vz(my_key, ka->derive_key(0, other_key).bits_of());
+   SecureVector<byte> vz(my_key, ka.derive_key(0, other_key).bits_of());
 
    const u32bit K_LENGTH = length + mac_keylen;
    OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size());
@@ -92,7 +90,7 @@ DLIES_Decryptor::DLIES_Decryptor(const PK_Key_Agreement_Key& key,
                                  KDF* kdf_obj,
                                  MessageAuthenticationCode* mac_obj,
                                  u32bit mac_kl) :
-   ka(get_pk_kas(key, "Raw")),
+   ka(key, "Raw"),
    kdf(kdf_obj),
    mac(mac_obj),
    mac_keylen(mac_kl)
@@ -102,7 +100,6 @@ DLIES_Decryptor::DLIES_Decryptor(const PK_Key_Agreement_Key& key,
 
 DLIES_Decryptor::~DLIES_Decryptor()
    {
-   delete ka;
    delete kdf;
    delete mac;
    }
@@ -121,7 +118,7 @@ SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], u32bit length) const
    SecureVector<byte> C(msg + my_key.size(), CIPHER_LEN);
    SecureVector<byte> T(msg + my_key.size() + CIPHER_LEN, mac->OUTPUT_LENGTH);
 
-   SecureVector<byte> vz(v, ka->derive_key(0, v).bits_of());
+   SecureVector<byte> vz(v, ka.derive_key(0, v).bits_of());
 
    const u32bit K_LENGTH = C.size() + mac_keylen;
    OctetString K = kdf->derive_key(K_LENGTH, vz, vz.size());
diff --git a/src/pubkey/dlies/dlies.h b/src/pubkey/dlies/dlies.h
index e8b87a091..fd2cefe4a 100644
--- a/src/pubkey/dlies/dlies.h
+++ b/src/pubkey/dlies/dlies.h
@@ -35,7 +35,7 @@ class BOTAN_DLL DLIES_Encryptor : public PK_Encryptor
 
       SecureVector<byte> other_key, my_key;
 
-      PK_Key_Agreement* ka;
+      PK_Key_Agreement ka;
       KDF* kdf;
       MessageAuthenticationCode* mac;
       u32bit mac_keylen;
@@ -59,7 +59,7 @@ class BOTAN_DLL DLIES_Decryptor : public PK_Decryptor
 
       SecureVector<byte> my_key;
 
-      PK_Key_Agreement* ka;
+      PK_Key_Agreement ka;
       KDF* kdf;
       MessageAuthenticationCode* mac;
       u32bit mac_keylen;
diff --git a/src/pubkey/dsa/dsa.cpp b/src/pubkey/dsa/dsa.cpp
index 1fbc2abc1..bd9641856 100644
--- a/src/pubkey/dsa/dsa.cpp
+++ b/src/pubkey/dsa/dsa.cpp
@@ -8,7 +8,6 @@
 #include <botan/dsa.h>
 #include <botan/numthry.h>
 #include <botan/keypair.h>
-#include <botan/look_pk.h>
 
 namespace Botan {
 
@@ -65,10 +64,9 @@ bool DSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
 
    try
       {
-      KeyPair::check_key(rng,
-                         get_pk_signer(*this, "EMSA1(SHA-1)"),
-                         get_pk_verifier(*this, "EMSA1(SHA-1)")
-         );
+      PK_Signer this_signer(*this, "EMSA1(SHA-1)");
+      PK_Verifier this_verifier(*this, "EMSA1(SHA-1)");
+      KeyPair::check_key(rng, this_signer, this_verifier);
       }
    catch(Self_Test_Failure)
       {
diff --git a/src/pubkey/elgamal/elgamal.cpp b/src/pubkey/elgamal/elgamal.cpp
index 2abd769e5..6b919d916 100644
--- a/src/pubkey/elgamal/elgamal.cpp
+++ b/src/pubkey/elgamal/elgamal.cpp
@@ -8,7 +8,6 @@
 #include <botan/elgamal.h>
 #include <botan/numthry.h>
 #include <botan/keypair.h>
-#include <botan/look_pk.h>
 #include <botan/internal/workfactor.h>
 
 namespace Botan {
@@ -66,10 +65,12 @@ bool ElGamal_PrivateKey::check_key(RandomNumberGenerator& rng,
 
    try
       {
+      PK_Encryptor_MR_with_EME this_encryptor(*this, "EME1(SHA-1)");
+      PK_Decryptor_MR_with_EME this_decryptor(*this, "EME1(SHA-1)");
+
       KeyPair::check_key(rng,
-                         get_pk_encryptor(*this, "EME1(SHA-1)"),
-                         get_pk_decryptor(*this, "EME1(SHA-1)")
-         );
+                         this_encryptor,
+                         this_decryptor);
       }
    catch(Self_Test_Failure)
       {
diff --git a/src/pubkey/keypair/keypair.cpp b/src/pubkey/keypair/keypair.cpp
index 486577fc5..d54d8e442 100644
--- a/src/pubkey/keypair/keypair.cpp
+++ b/src/pubkey/keypair/keypair.cpp
@@ -1,13 +1,11 @@
 /*
 * Keypair Checks
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2010 Jack Lloyd
 *
 * Distributed under the terms of the Botan license
 */
 
 #include <botan/keypair.h>
-#include <botan/look_pk.h>
-#include <memory>
 
 namespace Botan {
 
@@ -17,22 +15,20 @@ namespace KeyPair {
 * Check an encryption key pair for consistency
 */
 void check_key(RandomNumberGenerator& rng,
-               PK_Encryptor* encryptor, PK_Decryptor* decryptor)
+               PK_Encryptor& encryptor,
+               PK_Decryptor& decryptor)
    {
-   if(encryptor->maximum_input_size() == 0)
+   if(encryptor.maximum_input_size() == 0)
       return;
 
-   std::auto_ptr<PK_Encryptor> enc(encryptor);
-   std::auto_ptr<PK_Decryptor> dec(decryptor);
-
-   SecureVector<byte> message(enc->maximum_input_size() - 1);
+   SecureVector<byte> message(encryptor.maximum_input_size() - 1);
    rng.randomize(message, message.size());
 
-   SecureVector<byte> ciphertext = enc->encrypt(message, rng);
+   SecureVector<byte> ciphertext = encryptor.encrypt(message, rng);
    if(ciphertext == message)
       throw Self_Test_Failure("Encryption key pair consistency failure");
 
-   SecureVector<byte> message2 = dec->decrypt(ciphertext);
+   SecureVector<byte> message2 = decryptor.decrypt(ciphertext);
    if(message != message2)
       throw Self_Test_Failure("Encryption key pair consistency failure");
    }
@@ -41,11 +37,9 @@ void check_key(RandomNumberGenerator& rng,
 * Check a signature key pair for consistency
 */
 void check_key(RandomNumberGenerator& rng,
-               PK_Signer* signer, PK_Verifier* verifier)
+               PK_Signer& signer,
+               PK_Verifier& verifier)
    {
-   std::auto_ptr<PK_Signer> sig(signer);
-   std::auto_ptr<PK_Verifier> ver(verifier);
-
    SecureVector<byte> message(16);
    rng.randomize(message, message.size());
 
@@ -53,18 +47,18 @@ void check_key(RandomNumberGenerator& rng,
 
    try
       {
-      signature = sig->sign_message(message, rng);
+      signature = signer.sign_message(message, rng);
       }
    catch(Encoding_Error)
       {
       return;
       }
 
-   if(!ver->verify_message(message, signature))
+   if(!verifier.verify_message(message, signature))
       throw Self_Test_Failure("Signature key pair consistency failure");
 
    ++message[0];
-   if(ver->verify_message(message, signature))
+   if(verifier.verify_message(message, signature))
       throw Self_Test_Failure("Signature key pair consistency failure");
    }
 
diff --git a/src/pubkey/keypair/keypair.h b/src/pubkey/keypair/keypair.h
index b1d5c2da0..22dcca0ea 100644
--- a/src/pubkey/keypair/keypair.h
+++ b/src/pubkey/keypair/keypair.h
@@ -24,8 +24,8 @@ namespace KeyPair {
 * @throw Self_Test_Failure if the arguments are not related to each other
 */
 BOTAN_DLL void check_key(RandomNumberGenerator& rng,
-                         PK_Encryptor* enc,
-                         PK_Decryptor* dec);
+                         PK_Encryptor& enc,
+                         PK_Decryptor& dec);
 
 /**
 * Tests whether the specified signer and verifier are related to each other,
@@ -37,8 +37,8 @@ BOTAN_DLL void check_key(RandomNumberGenerator& rng,
 * @throw Self_Test_Failure if the arguments are not related to each other
 */
 BOTAN_DLL void check_key(RandomNumberGenerator& rng,
-                         PK_Signer* sig,
-                         PK_Verifier* ver);
+                         PK_Signer& sig,
+                         PK_Verifier& ver);
 
 }
 
diff --git a/src/pubkey/nr/nr.cpp b/src/pubkey/nr/nr.cpp
index 1fc8630d7..8a1b8c261 100644
--- a/src/pubkey/nr/nr.cpp
+++ b/src/pubkey/nr/nr.cpp
@@ -8,7 +8,6 @@
 #include <botan/nr.h>
 #include <botan/numthry.h>
 #include <botan/keypair.h>
-#include <botan/look_pk.h>
 
 namespace Botan {
 
@@ -71,10 +70,12 @@ bool NR_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
 
    try
       {
+      PK_Signer this_signer(*this, "EMSA1(SHA-1)");
+      PK_Verifier this_verifier(*this, "EMSA1(SHA-1)");
+
       KeyPair::check_key(rng,
-                         get_pk_signer(*this, "EMSA1(SHA-1)"),
-                         get_pk_verifier(*this, "EMSA1(SHA-1)")
-         );
+                         this_signer,
+                         this_verifier);
       }
    catch(Self_Test_Failure)
       {
diff --git a/src/pubkey/rsa/rsa.cpp b/src/pubkey/rsa/rsa.cpp
index dc182f36a..984d030ef 100644
--- a/src/pubkey/rsa/rsa.cpp
+++ b/src/pubkey/rsa/rsa.cpp
@@ -9,7 +9,6 @@
 #include <botan/parsing.h>
 #include <botan/numthry.h>
 #include <botan/keypair.h>
-#include <botan/look_pk.h>
 
 namespace Botan {
 
@@ -57,15 +56,12 @@ bool RSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
 
    try
       {
-      KeyPair::check_key(rng,
-                         get_pk_encryptor(*this, "EME1(SHA-1)"),
-                         get_pk_decryptor(*this, "EME1(SHA-1)")
-         );
+      PK_Signer this_signer(*this, "EMSA4(SHA-1)");
+      PK_Verifier this_verifier(*this, "EMSA4(SHA-1)");
 
       KeyPair::check_key(rng,
-                         get_pk_signer(*this, "EMSA4(SHA-1)"),
-                         get_pk_verifier(*this, "EMSA4(SHA-1)")
-         );
+                         this_signer,
+                         this_verifier);
       }
    catch(Self_Test_Failure)
       {
diff --git a/src/pubkey/rw/rw.cpp b/src/pubkey/rw/rw.cpp
index 7b87ce7df..b2bf2f916 100644
--- a/src/pubkey/rw/rw.cpp
+++ b/src/pubkey/rw/rw.cpp
@@ -8,7 +8,6 @@
 #include <botan/rw.h>
 #include <botan/numthry.h>
 #include <botan/keypair.h>
-#include <botan/look_pk.h>
 #include <botan/parsing.h>
 #include <algorithm>
 
@@ -59,10 +58,12 @@ bool RW_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
 
    try
       {
+      PK_Signer this_signer(*this, "EMSA2(SHA-1)");
+      PK_Verifier this_verifier(*this, "EMSA2(SHA-1)");
+
       KeyPair::check_key(rng,
-                         get_pk_signer(*this, "EMSA2(SHA-1)"),
-                         get_pk_verifier(*this, "EMSA2(SHA-1)")
-         );
+                         this_signer,
+                         this_verifier);
       }
    catch(Self_Test_Failure)
       {
diff --git a/src/ssl/c_kex.cpp b/src/ssl/c_kex.cpp
index 59cfa6547..7140bf35c 100644
--- a/src/ssl/c_kex.cpp
+++ b/src/ssl/c_kex.cpp
@@ -6,10 +6,10 @@
 */
 
 #include <botan/tls_messages.h>
+#include <botan/pubkey.h>
 #include <botan/dh.h>
 #include <botan/rsa.h>
 #include <botan/rng.h>
-#include <botan/look_pk.h>
 #include <botan/loadstor.h>
 #include <memory>
 
@@ -31,9 +31,9 @@ Client_Key_Exchange::Client_Key_Exchange(RandomNumberGenerator& rng,
       {
       DH_PrivateKey priv_key(rng, dh_pub->get_domain());
 
-      std::auto_ptr<PK_Key_Agreement> ka(get_pk_kas(priv_key, "Raw"));
+      PK_Key_Agreement ka(priv_key, "Raw");
 
-      pre_master = ka->derive_key(0, dh_pub->public_value()).bits_of();
+      pre_master = ka.derive_key(0, dh_pub->public_value()).bits_of();
 
       key_material = priv_key.public_value();
       }
@@ -44,10 +44,9 @@ Client_Key_Exchange::Client_Key_Exchange(RandomNumberGenerator& rng,
       pre_master[0] = (pref_version >> 8) & 0xFF;
       pre_master[1] = (pref_version     ) & 0xFF;
 
-      std::auto_ptr<PK_Encryptor> encryptor(get_pk_encryptor(*rsa_pub,
-                                                             "PKCS1v15"));
+      PK_Encryptor_MR_with_EME encryptor(*rsa_pub, "PKCS1v15");
 
-      key_material = encryptor->encrypt(pre_master, rng);
+      key_material = encryptor.encrypt(pre_master, rng);
 
       if(using_version == SSL_V3)
          include_length = false;
@@ -125,9 +124,9 @@ Client_Key_Exchange::pre_master_secret(RandomNumberGenerator& rng,
    if(const DH_PrivateKey* dh_priv = dynamic_cast<const DH_PrivateKey*>(priv_key))
       {
       try {
-         std::auto_ptr<PK_Key_Agreement> ka(get_pk_kas(*dh_priv, "Raw"));
+         PK_Key_Agreement ka(*dh_priv, "Raw");
 
-         pre_master = ka->derive_key(0, key_material).bits_of();
+         pre_master = ka.derive_key(0, key_material).bits_of();
       }
       catch(...)
          {
@@ -139,17 +138,16 @@ Client_Key_Exchange::pre_master_secret(RandomNumberGenerator& rng,
       }
    else if(const RSA_PrivateKey* rsa_priv = dynamic_cast<const RSA_PrivateKey*>(priv_key))
       {
-      std::auto_ptr<PK_Decryptor> decryptor(get_pk_decryptor(*rsa_priv,
-                                                             "PKCS1v15"));
+      PK_Decryptor_MR_with_EME decryptor(*rsa_priv, "PKCS1v15");
 
       try {
-         pre_master = decryptor->decrypt(key_material);
+         pre_master = decryptor.decrypt(key_material);
 
          if(pre_master.size() != 48 ||
             make_u16bit(pre_master[0], pre_master[1]) != version)
             throw Decoding_Error("Client_Key_Exchange: Secret corrupted");
       }
-      catch(std::exception)
+      catch(...)
          {
          pre_master.resize(48);
          rng.randomize(pre_master, pre_master.size());
diff --git a/src/ssl/cert_ver.cpp b/src/ssl/cert_ver.cpp
index 22dae8350..7e17dbfab 100644
--- a/src/ssl/cert_ver.cpp
+++ b/src/ssl/cert_ver.cpp
@@ -1,12 +1,12 @@
 /**
-* Certificate Verify Message 
-* (C) 2004-2006 Jack Lloyd
+* Certificate Verify Message
+* (C) 2004-2010 Jack Lloyd
 *
 * Released under the terms of the Botan license
 */
 
 #include <botan/tls_messages.h>
-#include <botan/look_pk.h>
+#include <botan/pubkey.h>
 #include <botan/rsa.h>
 #include <botan/dsa.h>
 #include <botan/loadstor.h>
@@ -22,21 +22,23 @@ Certificate_Verify::Certificate_Verify(RandomNumberGenerator& rng,
                                        HandshakeHash& hash,
                                        const Private_Key* priv_key)
    {
-   std::auto_ptr<PK_Signer> signer;
+   std::string padding = "";
+   Signature_Format format = IEEE_1363;
 
-   if(const RSA_PrivateKey* rsa = dynamic_cast<const RSA_PrivateKey*>(priv_key))
+   if(priv_key->algo_name() == "RSA")
+      padding = "EMSA3(TLS.Digest.0)";
+   else if(priv_key->algo_name() == "DSA")
       {
-      signer.reset(get_pk_signer(*rsa, "EMSA3(TLS.Digest.0)"));
-      }
-   else if(const DSA_PrivateKey* dsa =
-           dynamic_cast<const DSA_PrivateKey*>(priv_key))
-      {
-      signer.reset(get_pk_signer(*dsa, "EMSA1(SHA-1)"));
+      padding == "EMSA1(SHA-1)";
+      format = DER_SEQUENCE;
       }
    else
-      throw Invalid_Argument("Unknown PK algo for TLS signature");
+      throw Invalid_Argument(priv_key->algo_name() +
+                             " is invalid/unknown for TLS signatures");
+
+   PK_Signer signer(*priv_key, padding, format);
 
-   signature = signer->sign_message(hash.final(), rng);
+   signature = signer.sign_message(hash.final(), rng);
    send(writer, hash);
    }
 
@@ -80,20 +82,22 @@ bool Certificate_Verify::verify(const X509_Certificate& cert,
 
    std::auto_ptr<Public_Key> key(cert.subject_public_key());
 
-   DSA_PublicKey* dsa_pub = dynamic_cast<DSA_PublicKey*>(key.get());
-   RSA_PublicKey* rsa_pub = dynamic_cast<RSA_PublicKey*>(key.get());
+   std::string padding = "";
+   Signature_Format format = IEEE_1363;
 
-   std::auto_ptr<PK_Verifier> verifier;
-
-   if(dsa_pub)
-      verifier.reset(get_pk_verifier(*dsa_pub, "EMSA1(SHA-1)", DER_SEQUENCE));
-   else if(rsa_pub)
-      verifier.reset(get_pk_verifier(*rsa_pub, "EMSA3(TLS.Digest.0)"));
+   if(key->algo_name() == "RSA")
+      padding = "EMSA3(TLS.Digest.0)";
+   else if(key->algo_name() == "DSA")
+      {
+      padding == "EMSA1(SHA-1)";
+      format = DER_SEQUENCE;
+      }
    else
-      throw Invalid_Argument("Client did not provide a RSA/DSA cert");
+      throw Invalid_Argument(key->algo_name() +
+                             " is invalid/unknown for TLS signatures");
 
-   // FIXME: WRONG
-   return verifier->verify_message(hash.final(), signature);
+   PK_Verifier verifier(*key, padding, format);
+   return verifier.verify_message(hash.final(), signature);
    }
 
 }
diff --git a/src/ssl/s_kex.cpp b/src/ssl/s_kex.cpp
index d568ef14f..94b17cb7e 100644
--- a/src/ssl/s_kex.cpp
+++ b/src/ssl/s_kex.cpp
@@ -6,10 +6,10 @@
 */
 
 #include <botan/tls_messages.h>
+#include <botan/pubkey.h>
 #include <botan/dh.h>
 #include <botan/rsa.h>
 #include <botan/dsa.h>
-#include <botan/look_pk.h>
 #include <botan/loadstor.h>
 #include <memory>
 
@@ -43,25 +43,27 @@ Server_Key_Exchange::Server_Key_Exchange(RandomNumberGenerator& rng,
    else
       throw Invalid_Argument("Bad key for TLS key exchange: not DH or RSA");
 
-   std::auto_ptr<PK_Signer> signer;
 
-   if(const RSA_PrivateKey* rsa = dynamic_cast<const RSA_PrivateKey*>(priv_key))
-      {
-      signer.reset(get_pk_signer(*rsa, "EMSA3(TLS.Digest.0)"));
-      }
-   else if(const DSA_PrivateKey* dsa =
-           dynamic_cast<const DSA_PrivateKey*>(priv_key))
+   std::string padding = "";
+   Signature_Format format = IEEE_1363;
+
+   if(priv_key->algo_name() == "RSA")
+      padding = "EMSA3(TLS.Digest.0)";
+   else if(priv_key->algo_name() == "DSA")
       {
-      signer.reset(get_pk_signer(*dsa, "EMSA1(SHA-1)"));
-      signer->set_output_format(DER_SEQUENCE);
+      padding == "EMSA1(SHA-1)";
+      format = DER_SEQUENCE;
       }
    else
-      throw Invalid_Argument("Bad key for TLS signature: not RSA or DSA");
+      throw Invalid_Argument(priv_key->algo_name() +
+                             " is invalid/unknown for TLS signatures");
+
+   PK_Signer signer(*priv_key, padding, format);
 
-   signer->update(c_random);
-   signer->update(s_random);
-   signer->update(serialize_params());
-   signature = signer->signature(rng);
+   signer.update(c_random);
+   signer.update(s_random);
+   signer.update(serialize_params());
+   signature = signer.signature(rng);
 
    send(writer, hash);
    }
@@ -154,29 +156,31 @@ bool Server_Key_Exchange::verify(const X509_Certificate& cert,
                                  const MemoryRegion<byte>& c_random,
                                  const MemoryRegion<byte>& s_random) const
    {
-   std::auto_ptr<Public_Key> key(cert.subject_public_key());
 
-   DSA_PublicKey* dsa_pub = dynamic_cast<DSA_PublicKey*>(key.get());
-   RSA_PublicKey* rsa_pub = dynamic_cast<RSA_PublicKey*>(key.get());
+   std::auto_ptr<Public_Key> key(cert.subject_public_key());
 
-   std::auto_ptr<PK_Verifier> verifier;
+   std::string padding = "";
+   Signature_Format format = IEEE_1363;
 
-   if(dsa_pub)
+   if(key->algo_name() == "RSA")
+      padding = "EMSA3(TLS.Digest.0)";
+   else if(key->algo_name() == "DSA")
       {
-      verifier.reset(get_pk_verifier(*dsa_pub, "EMSA1(SHA-1)", DER_SEQUENCE));
-      verifier->set_input_format(DER_SEQUENCE);
+      padding == "EMSA1(SHA-1)";
+      format = DER_SEQUENCE;
       }
-   else if(rsa_pub)
-      verifier.reset(get_pk_verifier(*rsa_pub, "EMSA3(TLS.Digest.0)"));
    else
-      throw Invalid_Argument("Server did not provide a RSA/DSA cert");
+      throw Invalid_Argument(key->algo_name() +
+                             " is invalid/unknown for TLS signatures");
+
+   PK_Verifier verifier(*key, padding, format);
 
    SecureVector<byte> params_got = serialize_params();
-   verifier->update(c_random);
-   verifier->update(s_random);
-   verifier->update(params_got);
+   verifier.update(c_random);
+   verifier.update(s_random);
+   verifier.update(params_got);
 
-   return verifier->check_signature(signature, signature.size());
+   return verifier.check_signature(signature, signature.size());
    }
 
 }
-- 
cgit v1.2.3