monotone

monotone Mtn Source Tree

Root/botan/pubkey.cpp

1/*************************************************
2* Public Key Base Source File *
3* (C) 1999-2006 The Botan Project *
4*************************************************/
5
6#include <botan/pubkey.h>
7#include <botan/der_enc.h>
8#include <botan/ber_dec.h>
9#include <botan/bigint.h>
10#include <botan/parsing.h>
11#include <botan/bit_ops.h>
12#include <botan/lookup.h>
13#include <memory>
14
15namespace Botan {
16
17/*************************************************
18* Encrypt a message *
19*************************************************/
20SecureVector<byte> PK_Encryptor::encrypt(const byte in[], u32bit len) const
21 {
22 return enc(in, len);
23 }
24
25/*************************************************
26* Encrypt a message *
27*************************************************/
28SecureVector<byte> PK_Encryptor::encrypt(const MemoryRegion<byte>& in) const
29 {
30 return enc(in.begin(), in.size());
31 }
32
33/*************************************************
34* Decrypt a message *
35*************************************************/
36SecureVector<byte> PK_Decryptor::decrypt(const byte in[], u32bit len) const
37 {
38 return dec(in, len);
39 }
40
41/*************************************************
42* Decrypt a message *
43*************************************************/
44SecureVector<byte> PK_Decryptor::decrypt(const MemoryRegion<byte>& in) const
45 {
46 return dec(in.begin(), in.size());
47 }
48
49/*************************************************
50* PK_Encryptor_MR_with_EME Constructor *
51*************************************************/
52PK_Encryptor_MR_with_EME::PK_Encryptor_MR_with_EME(const PK_Encrypting_Key& k,
53 const std::string& eme) :
54 key(k), encoder((eme == "Raw") ? 0 : get_eme(eme))
55 {
56 }
57
58/*************************************************
59* Encrypt a message *
60*************************************************/
61SecureVector<byte> PK_Encryptor_MR_with_EME::enc(const byte msg[],
62 u32bit length) const
63 {
64 SecureVector<byte> message;
65 if(encoder) message = encoder->encode(msg, length, key.max_input_bits());
66 else message.set(msg, length);
67
68 if(8*(message.size() - 1) + high_bit(message[0]) > key.max_input_bits())
69 throw Exception("PK_Encryptor_MR_with_EME: Input is too large");
70
71 return key.encrypt(message, message.size());
72 }
73
74/*************************************************
75* Return the max size, in bytes, of a message *
76*************************************************/
77u32bit PK_Encryptor_MR_with_EME::maximum_input_size() const
78 {
79 if(!encoder)
80 return (key.max_input_bits() / 8);
81 else
82 return encoder->maximum_input_size(key.max_input_bits());
83 }
84
85/*************************************************
86* PK_Decryptor_MR_with_EME Constructor *
87*************************************************/
88PK_Decryptor_MR_with_EME::PK_Decryptor_MR_with_EME(const PK_Decrypting_Key& k,
89 const std::string& eme) :
90 key(k), encoder((eme == "Raw") ? 0 : get_eme(eme))
91 {
92 }
93
94/*************************************************
95* Decrypt a message *
96*************************************************/
97SecureVector<byte> PK_Decryptor_MR_with_EME::dec(const byte msg[],
98 u32bit length) const
99 {
100 try {
101 SecureVector<byte> decrypted = key.decrypt(msg, length);
102 if(encoder)
103 return encoder->decode(decrypted, key.max_input_bits());
104 else
105 return decrypted;
106 }
107 catch(Invalid_Argument)
108 {
109 throw Exception("PK_Decryptor_MR_with_EME: Input is invalid");
110 }
111 catch(Decoding_Error)
112 {
113 throw Exception("PK_Decryptor_MR_with_EME: Input is invalid");
114 }
115 }
116
117/*************************************************
118* PK_Signer Constructor *
119*************************************************/
120PK_Signer::PK_Signer(const PK_Signing_Key& k, const std::string& emsa_name) :
121 key(k), emsa(get_emsa(emsa_name))
122 {
123 sig_format = IEEE_1363;
124 }
125
126/*************************************************
127* Set the signature format *
128*************************************************/
129void PK_Signer::set_output_format(Signature_Format format)
130 {
131 if(key.message_parts() == 1 && format != IEEE_1363)
132 throw Invalid_State("PK_Signer: Cannot set the output format for " +
133 key.algo_name() + " keys");
134 sig_format = format;
135 }
136
137/*************************************************
138* Sign a message *
139*************************************************/
140SecureVector<byte> PK_Signer::sign_message(const byte msg[], u32bit length)
141 {
142 update(msg, length);
143 return signature();
144 }
145
146/*************************************************
147* Sign a message *
148*************************************************/
149SecureVector<byte> PK_Signer::sign_message(const MemoryRegion<byte>& msg)
150 {
151 return sign_message(msg, msg.size());
152 }
153
154/*************************************************
155* Add more to the message to be signed *
156*************************************************/
157void PK_Signer::update(const byte in[], u32bit length)
158 {
159 emsa->update(in, length);
160 }
161
162/*************************************************
163* Add more to the message to be signed *
164*************************************************/
165void PK_Signer::update(byte in)
166 {
167 update(&in, 1);
168 }
169
170/*************************************************
171* Add more to the message to be signed *
172*************************************************/
173void PK_Signer::update(const MemoryRegion<byte>& in)
174 {
175 update(in, in.size());
176 }
177
178/*************************************************
179* Create a signature *
180*************************************************/
181SecureVector<byte> PK_Signer::signature()
182 {
183 SecureVector<byte> encoded = emsa->encoding_of(emsa->raw_data(),
184 key.max_input_bits());
185 SecureVector<byte> plain_sig = key.sign(encoded, encoded.size());
186
187 if(key.message_parts() == 1 || sig_format == IEEE_1363)
188 return plain_sig;
189
190 if(sig_format == DER_SEQUENCE)
191 {
192 if(plain_sig.size() % key.message_parts())
193 throw Encoding_Error("PK_Signer: strange signature size found");
194 const u32bit SIZE_OF_PART = plain_sig.size() / key.message_parts();
195
196 std::vector<BigInt> sig_parts(key.message_parts());
197 for(u32bit j = 0; j != sig_parts.size(); ++j)
198 sig_parts[j].binary_decode(plain_sig + SIZE_OF_PART*j, SIZE_OF_PART);
199
200 return DER_Encoder()
201 .start_cons(SEQUENCE)
202 .encode_list(sig_parts)
203 .end_cons()
204 .get_contents();
205 }
206 else
207 throw Encoding_Error("PK_Signer: Unknown signature format " +
208 to_string(sig_format));
209 }
210
211/*************************************************
212* PK_Verifier Constructor *
213*************************************************/
214PK_Verifier::PK_Verifier(const std::string& emsa_name)
215 {
216 emsa = get_emsa(emsa_name);
217 sig_format = IEEE_1363;
218 }
219
220/*************************************************
221* PK_Verifier Destructor *
222*************************************************/
223PK_Verifier::~PK_Verifier()
224 {
225 delete emsa;
226 }
227
228/*************************************************
229* Set the signature format *
230*************************************************/
231void PK_Verifier::set_input_format(Signature_Format format)
232 {
233 if(key_message_parts() == 1 && format != IEEE_1363)
234 throw Invalid_State("PK_Verifier: This algorithm always uses IEEE 1363");
235 sig_format = format;
236 }
237
238/*************************************************
239* Verify a message *
240*************************************************/
241bool PK_Verifier::verify_message(const MemoryRegion<byte>& msg,
242 const MemoryRegion<byte>& sig)
243 {
244 return verify_message(msg, msg.size(), sig, sig.size());
245 }
246
247/*************************************************
248* Verify a message *
249*************************************************/
250bool PK_Verifier::verify_message(const byte msg[], u32bit msg_length,
251 const byte sig[], u32bit sig_length)
252 {
253 update(msg, msg_length);
254 return check_signature(sig, sig_length);
255 }
256
257/*************************************************
258* Append to the message *
259*************************************************/
260void PK_Verifier::update(const byte in[], u32bit length)
261 {
262 emsa->update(in, length);
263 }
264
265/*************************************************
266* Append to the message *
267*************************************************/
268void PK_Verifier::update(byte in)
269 {
270 update(&in, 1);
271 }
272
273/*************************************************
274* Append to the message *
275*************************************************/
276void PK_Verifier::update(const MemoryRegion<byte>& in)
277 {
278 update(in, in.size());
279 }
280
281/*************************************************
282* Check a signature *
283*************************************************/
284bool PK_Verifier::check_signature(const MemoryRegion<byte>& sig)
285 {
286 return check_signature(sig, sig.size());
287 }
288
289/*************************************************
290* Check a signature *
291*************************************************/
292bool PK_Verifier::check_signature(const byte sig[], u32bit length)
293 {
294 try {
295 if(sig_format == IEEE_1363)
296 return validate_signature(emsa->raw_data(), sig, length);
297 else if(sig_format == DER_SEQUENCE)
298 {
299 BER_Decoder decoder(sig, length);
300 BER_Decoder ber_sig = decoder.start_cons(SEQUENCE);
301
302 u32bit count = 0;
303 SecureVector<byte> real_sig;
304 while(ber_sig.more_items())
305 {
306 BigInt sig_part;
307 ber_sig.decode(sig_part);
308 real_sig.append(BigInt::encode_1363(sig_part,
309 key_message_part_size()));
310 ++count;
311 }
312 if(count != key_message_parts())
313 throw Decoding_Error("PK_Verifier: signature size invalid");
314
315 return validate_signature(emsa->raw_data(),
316 real_sig, real_sig.size());
317 }
318 else
319 throw Decoding_Error("PK_Verifier: Unknown signature format " +
320 to_string(sig_format));
321 }
322 catch(Invalid_Argument) { return false; }
323 catch(Decoding_Error) { return false; }
324 }
325
326/*************************************************
327* PK_Verifier_with_MR Constructor *
328*************************************************/
329PK_Verifier_with_MR::PK_Verifier_with_MR(const PK_Verifying_with_MR_Key& k,
330 const std::string& emsa_name) :
331 PK_Verifier(emsa_name), key(k)
332 {
333 }
334
335/*************************************************
336* Verify a signature *
337*************************************************/
338bool PK_Verifier_with_MR::validate_signature(const MemoryRegion<byte>& msg,
339 const byte sig[], u32bit sig_len)
340 {
341 SecureVector<byte> output_of_key = key.verify(sig, sig_len);
342 return emsa->verify(output_of_key, msg, key.max_input_bits());
343 }
344
345/*************************************************
346* PK_Verifier_wo_MR Constructor *
347*************************************************/
348PK_Verifier_wo_MR::PK_Verifier_wo_MR(const PK_Verifying_wo_MR_Key& k,
349 const std::string& emsa_name) :
350 PK_Verifier(emsa_name), key(k)
351 {
352 }
353
354/*************************************************
355* Verify a signature *
356*************************************************/
357bool PK_Verifier_wo_MR::validate_signature(const MemoryRegion<byte>& msg,
358 const byte sig[], u32bit sig_len)
359 {
360 SecureVector<byte> encoded = emsa->encoding_of(msg, key.max_input_bits());
361 return key.verify(encoded, encoded.size(), sig, sig_len);
362 }
363
364/*************************************************
365* PK_Key_Agreement Constructor *
366*************************************************/
367PK_Key_Agreement::PK_Key_Agreement(const PK_Key_Agreement_Key& k,
368 const std::string& k_name) :
369 key(k), kdf_name(k_name)
370 {
371 }
372
373/*************************************************
374* Perform Key Agreement Operation *
375*************************************************/
376SymmetricKey PK_Key_Agreement::derive_key(u32bit key_len,
377 const byte in[], u32bit in_len,
378 const std::string& params) const
379 {
380 return derive_key(key_len, in, in_len,
381 (const byte*)params.c_str(), params.length());
382 }
383
384/*************************************************
385* Perform Key Agreement Operation *
386*************************************************/
387SymmetricKey PK_Key_Agreement::derive_key(u32bit key_len, const byte in[],
388 u32bit in_len, const byte params[],
389 u32bit params_len) const
390 {
391 std::auto_ptr<KDF> kdf((kdf_name == "Raw") ? 0 : get_kdf(kdf_name));
392 OctetString z = key.derive_key(in, in_len);
393
394 if(kdf.get())
395 z = kdf->derive_key(key_len, z.bits_of(), params, params_len);
396
397 return z;
398 }
399
400}

Archive Download this file

Branches

Tags

Quick Links:     www.monotone.ca    -     Downloads    -     Documentation    -     Wiki    -     Code Forge    -     Build Status