8#include <botan/internal/pk_ops_impl.h>
9#include <botan/internal/bit_ops.h>
10#include <botan/internal/scan_name.h>
11#include <botan/internal/parsing.h>
12#include <botan/internal/fmt.h>
13#include <botan/hash.h>
17#if defined(BOTAN_HAS_RAW_HASH_FN)
18 #include <botan/internal/raw_hash.h>
25 throw Not_Implemented(
"This signature scheme does not have an algorithm identifier available");
29 m_eme(
EME::create(eme))
35 return 8 * m_eme->maximum_input_size(max_ptext_input_bits());
41 const size_t max_raw = max_ptext_input_bits();
42 const auto encoded = m_eme->encode(msg, msg_len, max_raw, rng);
43 return raw_encrypt(encoded.data(), encoded.size(), rng);
47 m_eme(
EME::create(eme))
53 const uint8_t ciphertext[],
54 size_t ciphertext_len)
57 return m_eme->unpad(valid_mask, raw.data(), raw.size());
67 const uint8_t w[],
size_t w_len,
68 const uint8_t salt[],
size_t salt_len)
70 if(salt_len > 0 && m_kdf ==
nullptr)
71 throw Invalid_Argument(
"PK_Key_Agreement::derive_key requires a KDF to use a salt");
75 return m_kdf->derive_key(key_len, z, salt, salt_len);
81std::unique_ptr<HashFunction> create_signature_hash(std::string_view padding)
88 if(req.algo_name() ==
"EMSA1" && req.arg_count() == 1)
94#if defined(BOTAN_HAS_RAW_HASH_FN)
95 if(req.algo_name() ==
"Raw")
97 if(req.arg_count() == 0)
99 return std::make_unique<RawHashFunction>(
"Raw", 0);
102 if(req.arg_count() == 1)
105 return std::make_unique<RawHashFunction>(std::move(hash));
110 throw Algorithm_Not_Found(padding);
117 m_hash(create_signature_hash(hash))
121#if defined(BOTAN_HAS_RFC6979_GENERATOR)
122std::string PK_Ops::Signature_with_Hash::rfc6979_hash_function()
const
124 std::string hash = m_hash->name();
133 m_hash->update(msg, msg_len);
139 return raw_sign(msg.data(), msg.size(), rng);
144 m_hash(create_signature_hash(padding))
149 std::string_view pk_algo,
150 bool allow_null_parameters)
154 if(oid_info.size() != 2 || oid_info[0] != pk_algo)
157 fmt(
"Unexpected AlgorithmIdentifier OID {} in association with {} key",
158 alg_id.
oid(), pk_algo));
165 if(!allow_null_parameters)
167 throw Decoding_Error(
fmt(
"Unexpected NULL AlgorithmIdentifier parameters for {}", pk_algo));
172 throw Decoding_Error(
fmt(
"Unexpected AlgorithmIdentifier parameters for {}", pk_algo));
181 m_hash->update(msg, msg_len);
187 return verify(msg.data(), msg.size(), sig, sig_len);
193 return desired_shared_key_len;
195 return this->raw_kem_shared_key_length();
200 size_t desired_shared_key_len,
202 const uint8_t salt[],
205 if(salt_len > 0 && m_kdf ==
nullptr)
206 throw Invalid_Argument(
"PK_KEM_Encryptor::encrypt requires a KDF to use a salt");
209 this->raw_kem_encrypt(out_encapsulated_key, raw_shared, rng);
212 "KEM produced encapsulated key with different length than expected");
215 "KEM produced shared key with different length than expected");
217 out_shared_key = (m_kdf)
218 ? m_kdf->derive_key(desired_shared_key_len,
219 raw_shared.data(), raw_shared.size(),
233 return desired_shared_key_len;
235 return this->raw_kem_shared_key_length();
241 size_t desired_shared_key_len,
242 const uint8_t salt[],
245 if(salt_len > 0 && m_kdf ==
nullptr)
246 throw Invalid_Argument(
"PK_KEM_Decryptor::decrypt requires a KDF to use a salt");
251 "KEM produced shared key with different length than expected");
254 return m_kdf->derive_key(desired_shared_key_len,
255 raw_shared.data(), raw_shared.size(),
#define BOTAN_ASSERT_EQUAL(expr1, expr2, assertion_made)
bool parameters_are_empty() const
bool parameters_are_null() const
static std::unique_ptr< HashFunction > create_or_throw(std::string_view algo_spec, std::string_view provider="")
static std::unique_ptr< HashFunction > create(std::string_view algo_spec, std::string_view provider="")
static std::unique_ptr< KDF > create_or_throw(std::string_view algo_spec, std::string_view provider="")
std::string to_formatted_string() const
secure_vector< uint8_t > decrypt(uint8_t &valid_mask, const uint8_t msg[], size_t msg_len) override
Decryption_with_EME(std::string_view eme)
size_t max_input_bits() const override
secure_vector< uint8_t > encrypt(const uint8_t msg[], size_t msg_len, RandomNumberGenerator &rng) override
Encryption_with_EME(std::string_view eme)
size_t shared_key_length(size_t desired_shared_key_len) const override final
secure_vector< uint8_t > kem_decrypt(const uint8_t encap_key[], size_t len, size_t desired_shared_key_len, const uint8_t salt[], size_t salt_len) override final
KEM_Decryption_with_KDF(std::string_view kdf)
size_t shared_key_length(size_t desired_shared_key_len) const override final
void kem_encrypt(secure_vector< uint8_t > &out_encapsulated_key, secure_vector< uint8_t > &out_shared_key, size_t desired_shared_key_len, RandomNumberGenerator &rng, const uint8_t salt[], size_t salt_len) override final
KEM_Encryption_with_KDF(std::string_view kdf)
Key_Agreement_with_KDF(std::string_view kdf)
secure_vector< uint8_t > agree(size_t key_len, const uint8_t other_key[], size_t other_key_len, const uint8_t salt[], size_t salt_len) override
secure_vector< uint8_t > sign(RandomNumberGenerator &rng) override
Signature_with_Hash(std::string_view hash)
void update(const uint8_t msg[], size_t msg_len) override
virtual AlgorithmIdentifier algorithm_identifier() const
void update(const uint8_t msg[], size_t msg_len) override
Verification_with_Hash(std::string_view hash)
bool is_valid_signature(const uint8_t sig[], size_t sig_len) override
std::string fmt(std::string_view format, const T &... args)
std::vector< std::string > split_on(std::string_view str, char delim)
std::vector< T, secure_allocator< T > > secure_vector