8#include <botan/emsa1.h>
9#include <botan/exceptn.h>
10#include <botan/pk_keys.h>
11#include <botan/internal/padding.h>
17secure_vector<uint8_t> emsa1_encoding(
const secure_vector<uint8_t>& msg,
20 if(8*msg.size() <= output_bits)
23 size_t shift = 8*msg.size() - output_bits;
25 size_t byte_shift = shift / 8, bit_shift = shift % 8;
26 secure_vector<uint8_t> digest(msg.size() - byte_shift);
28 for(
size_t j = 0; j != msg.size() - byte_shift; ++j)
34 for(
size_t j = 0; j != digest.size(); ++j)
36 uint8_t temp = digest[j];
37 digest[j] = (temp >> bit_shift) |
carry;
38 carry = (temp << (8 - bit_shift));
48 return "EMSA1(" + m_hash->name() +
")";
53 return new EMSA1(m_hash->clone());
56void EMSA1::update(
const uint8_t input[],
size_t length)
58 m_hash->update(input, length);
61secure_vector<uint8_t> EMSA1::raw_data()
63 return m_hash->final();
66secure_vector<uint8_t> EMSA1::encoding_of(
const secure_vector<uint8_t>& msg,
68 RandomNumberGenerator&)
70 if(msg.size() != hash_output_length())
71 throw Encoding_Error(
"EMSA1::encoding_of: Invalid size for input");
72 return emsa1_encoding(msg, output_bits);
75bool EMSA1::verify(
const secure_vector<uint8_t>& input,
76 const secure_vector<uint8_t>& raw,
79 if(raw.size() != m_hash->output_length())
83 const secure_vector<uint8_t> our_coding = emsa1_encoding(raw, key_bits);
85 if(our_coding.size() < input.size())
88 const size_t offset = our_coding.size() - input.size();
91 for(
size_t i = 0; i != offset; ++i)
92 if(our_coding[i] != 0)
99 const std::string& cert_hash_name)
const
101 if(cert_hash_name != m_hash->name())
103 " need to be identical");
108 " not supported for signature algorithm " + key.
algo_name());
113 const std::string algo_name = key.
algo_name();
114 std::vector<uint8_t> parameters;
115 if(algo_name ==
"DSA" ||
116 algo_name ==
"ECDSA" ||
117 algo_name ==
"ECGDSA" ||
118 algo_name ==
"ECKCDSA" ||
119 algo_name ==
"GOST-34.10" ||
120 algo_name ==
"GOST-34.10-2012-256" ||
121 algo_name ==
"GOST-34.10-2012-512")
const std::vector< uint8_t > & get_parameters() const
std::string name() const override
EMSA1(HashFunction *hash)
AlgorithmIdentifier config_for_x509(const Private_Key &key, const std::string &cert_hash_name) const override
static OID from_string(const std::string &str)
virtual AlgorithmIdentifier algorithm_identifier() const =0
virtual std::string algo_name() const =0
void carry(int64_t &h0, int64_t &h1)
bool constant_time_compare(const uint8_t x[], const uint8_t y[], size_t len)
bool sig_algo_and_pad_ok(const std::string algo, const std::string padding)