Botan  2.7.0
Crypto and TLS for C++11
Public Member Functions | List of all members
Botan::PK_Verifier Class Referencefinal

#include <pubkey.h>

Public Member Functions

bool check_signature (const uint8_t sig[], size_t length)
 
template<typename Alloc >
bool check_signature (const std::vector< uint8_t, Alloc > &sig)
 
PK_Verifieroperator= (const PK_Verifier &)=delete
 
 PK_Verifier (const Public_Key &pub_key, const std::string &emsa, Signature_Format format=IEEE_1363, const std::string &provider="")
 
 PK_Verifier (const PK_Verifier &)=delete
 
void set_input_format (Signature_Format format)
 
void update (uint8_t in)
 
void update (const uint8_t msg_part[], size_t length)
 
void update (const std::vector< uint8_t > &in)
 
void update (const std::string &in)
 
bool verify_message (const uint8_t msg[], size_t msg_length, const uint8_t sig[], size_t sig_length)
 
template<typename Alloc , typename Alloc2 >
bool verify_message (const std::vector< uint8_t, Alloc > &msg, const std::vector< uint8_t, Alloc2 > &sig)
 
 ~PK_Verifier ()
 

Detailed Description

Public Key Verifier. Use the verify_message() functions for small messages. Use multiple calls update() to process large messages and verify the signature by finally calling check_signature().

Definition at line 286 of file pubkey.h.

Constructor & Destructor Documentation

◆ PK_Verifier() [1/2]

Botan::PK_Verifier::PK_Verifier ( const Public_Key pub_key,
const std::string &  emsa,
Signature_Format  format = IEEE_1363,
const std::string &  provider = "" 
)

Construct a PK Verifier.

Parameters
pub_keythe public key to verify against
emsathe EMSA to use (eg "EMSA3(SHA-1)")
formatthe signature format to use
providerthe provider to use

Definition at line 271 of file pubkey.cpp.

References Botan::Public_Key::algo_name(), Botan::Public_Key::create_verification_op(), Botan::Public_Key::message_part_size(), and Botan::Public_Key::message_parts().

275  {
276  m_op = key.create_verification_op(emsa, provider);
277  if(!m_op)
278  throw Invalid_Argument("Key type " + key.algo_name() + " does not support signature verification");
279  m_sig_format = format;
280  m_parts = key.message_parts();
281  m_part_size = key.message_part_size();
282  }

◆ ~PK_Verifier()

Botan::PK_Verifier::~PK_Verifier ( )

Definition at line 284 of file pubkey.cpp.

284 { /* for unique_ptr */ }

◆ PK_Verifier() [2/2]

Botan::PK_Verifier::PK_Verifier ( const PK_Verifier )
delete

Member Function Documentation

◆ check_signature() [1/2]

bool Botan::PK_Verifier::check_signature ( const uint8_t  sig[],
size_t  length 
)

Check the signature of the buffered message, i.e. the one build by successive calls to update.

Parameters
sigthe signature to be verified as a byte array
lengththe length of the above byte array
Returns
true if the signature is valid, false otherwise

Definition at line 305 of file pubkey.cpp.

References BOTAN_ASSERT_NOMSG, Botan::BER_Decoder::decode(), Botan::DER_SEQUENCE, Botan::BigInt::encode_1363(), Botan::IEEE_1363, Botan::BER_Decoder::more_items(), Botan::same_mem(), Botan::SEQUENCE, and Botan::BER_Decoder::start_cons().

Referenced by botan_pk_op_verify_finish(), and verify_message().

306  {
307  try {
308  if(m_sig_format == IEEE_1363)
309  {
310  return m_op->is_valid_signature(sig, length);
311  }
312  else if(m_sig_format == DER_SEQUENCE)
313  {
314  std::vector<uint8_t> real_sig;
315  BER_Decoder decoder(sig, length);
316  BER_Decoder ber_sig = decoder.start_cons(SEQUENCE);
317 
318  BOTAN_ASSERT_NOMSG(m_parts != 0 && m_part_size != 0);
319 
320  size_t count = 0;
321 
322  while(ber_sig.more_items())
323  {
324  BigInt sig_part;
325  ber_sig.decode(sig_part);
326  real_sig += BigInt::encode_1363(sig_part, m_part_size);
327  ++count;
328  }
329 
330  if(count != m_parts)
331  throw Decoding_Error("PK_Verifier: signature size invalid");
332 
333  const std::vector<uint8_t> reencoded =
334  der_encode_signature(real_sig, m_parts, m_part_size);
335 
336  if(reencoded.size() != length ||
337  same_mem(reencoded.data(), sig, reencoded.size()) == false)
338  {
339  throw Decoding_Error("PK_Verifier: signature is not the canonical DER encoding");
340  }
341 
342  return m_op->is_valid_signature(real_sig.data(), real_sig.size());
343  }
344  else
345  throw Internal_Error("PK_Verifier: Invalid signature format enum");
346  }
347  catch(Invalid_Argument&) { return false; }
348  }
bool same_mem(const T *p1, const T *p2, size_t n)
Definition: mem_ops.h:158
#define BOTAN_ASSERT_NOMSG(expr)
Definition: assert.h:56
static secure_vector< uint8_t > encode_1363(const BigInt &n, size_t bytes)
Definition: big_code.cpp:82

◆ check_signature() [2/2]

template<typename Alloc >
bool Botan::PK_Verifier::check_signature ( const std::vector< uint8_t, Alloc > &  sig)
inline

Check the signature of the buffered message, i.e. the one build by successive calls to update.

Parameters
sigthe signature to be verified
Returns
true if the signature is valid, false otherwise

Definition at line 378 of file pubkey.h.

379  {
380  return check_signature(sig.data(), sig.size());
381  }
bool check_signature(const uint8_t sig[], size_t length)
Definition: pubkey.cpp:305

◆ operator=()

PK_Verifier& Botan::PK_Verifier::operator= ( const PK_Verifier )
delete

◆ set_input_format()

void Botan::PK_Verifier::set_input_format ( Signature_Format  format)

Set the format of the signatures fed to this verifier.

Parameters
formatthe signature format to use

Definition at line 286 of file pubkey.cpp.

References Botan::IEEE_1363.

287  {
288  if(format != IEEE_1363 && m_parts == 1)
289  throw Invalid_Argument("PK_Verifier: This algorithm does not support DER encoding");
290  m_sig_format = format;
291  }

◆ update() [1/4]

void Botan::PK_Verifier::update ( uint8_t  in)
inline

Add a message part (single byte) of the message corresponding to the signature to be verified.

Parameters
inthe byte to add

Definition at line 335 of file pubkey.h.

References update().

Referenced by botan_pk_op_verify_update(), update(), and verify_message().

335 { update(&in, 1); }
void update(uint8_t in)
Definition: pubkey.h:335

◆ update() [2/4]

void Botan::PK_Verifier::update ( const uint8_t  msg_part[],
size_t  length 
)

Add a message part of the message corresponding to the signature to be verified.

Parameters
msg_partthe new message part as a byte array
lengththe length of the above byte array

Definition at line 300 of file pubkey.cpp.

301  {
302  m_op->update(in, length);
303  }

◆ update() [3/4]

void Botan::PK_Verifier::update ( const std::vector< uint8_t > &  in)
inline

Add a message part of the message corresponding to the signature to be verified.

Parameters
inthe new message part

Definition at line 350 of file pubkey.h.

351  { update(in.data(), in.size()); }
void update(uint8_t in)
Definition: pubkey.h:335

◆ update() [4/4]

void Botan::PK_Verifier::update ( const std::string &  in)
inline

Add a message part of the message corresponding to the signature to be verified.

Definition at line 357 of file pubkey.h.

References Botan::cast_char_ptr_to_uint8().

358  {
359  update(cast_char_ptr_to_uint8(in.data()), in.size());
360  }
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition: mem_ops.h:131
void update(uint8_t in)
Definition: pubkey.h:335

◆ verify_message() [1/2]

bool Botan::PK_Verifier::verify_message ( const uint8_t  msg[],
size_t  msg_length,
const uint8_t  sig[],
size_t  sig_length 
)

Verify a signature.

Parameters
msgthe message that the signature belongs to, as a byte array
msg_lengththe length of the above byte array msg
sigthe signature as a byte array
sig_lengththe length of the above byte array sig
Returns
true if the signature is valid

Definition at line 293 of file pubkey.cpp.

References check_signature(), and update().

Referenced by Botan::KeyPair::signature_consistency_check(), Botan::TLS::Callbacks::tls_verify_message(), Botan::X509_Object::verify_signature(), and Botan::OCSP::Response::verify_signature().

295  {
296  update(msg, msg_length);
297  return check_signature(sig, sig_length);
298  }
void update(uint8_t in)
Definition: pubkey.h:335
bool check_signature(const uint8_t sig[], size_t length)
Definition: pubkey.cpp:305

◆ verify_message() [2/2]

template<typename Alloc , typename Alloc2 >
bool Botan::PK_Verifier::verify_message ( const std::vector< uint8_t, Alloc > &  msg,
const std::vector< uint8_t, Alloc2 > &  sig 
)
inline

Verify a signature.

Parameters
msgthe message that the signature belongs to
sigthe signature
Returns
true if the signature is valid

Definition at line 323 of file pubkey.h.

325  {
326  return verify_message(msg.data(), msg.size(),
327  sig.data(), sig.size());
328  }
bool verify_message(const uint8_t msg[], size_t msg_length, const uint8_t sig[], size_t sig_length)
Definition: pubkey.cpp:293

The documentation for this class was generated from the following files: