Botan  2.7.0
Crypto and TLS for C++11
pk_ops_impl.h
Go to the documentation of this file.
1 
2 /*
3 * (C) 2015 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #ifndef BOTAN_PK_OPERATION_IMPL_H_
9 #define BOTAN_PK_OPERATION_IMPL_H_
10 
11 #include <botan/pk_ops.h>
12 #include <botan/eme.h>
13 #include <botan/kdf.h>
14 #include <botan/emsa.h>
15 
16 namespace Botan {
17 
18 namespace PK_Ops {
19 
20 class Encryption_with_EME : public Encryption
21  {
22  public:
23  size_t max_input_bits() const override;
24 
25  secure_vector<uint8_t> encrypt(const uint8_t msg[], size_t msg_len,
26  RandomNumberGenerator& rng) override;
27 
28  ~Encryption_with_EME() = default;
29  protected:
30  explicit Encryption_with_EME(const std::string& eme);
31  private:
32  virtual size_t max_raw_input_bits() const = 0;
33 
34  virtual secure_vector<uint8_t> raw_encrypt(const uint8_t msg[], size_t len,
35  RandomNumberGenerator& rng) = 0;
36  std::unique_ptr<EME> m_eme;
37  };
38 
39 class Decryption_with_EME : public Decryption
40  {
41  public:
42  secure_vector<uint8_t> decrypt(uint8_t& valid_mask,
43  const uint8_t msg[], size_t msg_len) override;
44 
45  ~Decryption_with_EME() = default;
46  protected:
47  explicit Decryption_with_EME(const std::string& eme);
48  private:
49  virtual secure_vector<uint8_t> raw_decrypt(const uint8_t msg[], size_t len) = 0;
50  std::unique_ptr<EME> m_eme;
51  };
52 
53 class Verification_with_EMSA : public Verification
54  {
55  public:
56  ~Verification_with_EMSA() = default;
57 
58  void update(const uint8_t msg[], size_t msg_len) override;
59  bool is_valid_signature(const uint8_t sig[], size_t sig_len) override;
60 
61  bool do_check(const secure_vector<uint8_t>& msg,
62  const uint8_t sig[], size_t sig_len);
63 
64  std::string hash_for_signature() { return m_hash; }
65 
66  protected:
67  explicit Verification_with_EMSA(const std::string& emsa);
68 
69  /**
70  * Get the maximum message size in bits supported by this public key.
71  * @return maximum message in bits
72  */
73  virtual size_t max_input_bits() const = 0;
74 
75  /**
76  * @return boolean specifying if this signature scheme uses
77  * a message prefix returned by message_prefix()
78  */
79  virtual bool has_prefix() { return false; }
80 
81  /**
82  * @return the message prefix if this signature scheme uses
83  * a message prefix, signaled via has_prefix()
84  */
85  virtual secure_vector<uint8_t> message_prefix() const { throw Exception( "No prefix" ); }
86 
87  /**
88  * @return boolean specifying if this key type supports message
89  * recovery and thus if you need to call verify() or verify_mr()
90  */
91  virtual bool with_recovery() const = 0;
92 
93  /*
94  * Perform a signature check operation
95  * @param msg the message
96  * @param msg_len the length of msg in bytes
97  * @param sig the signature
98  * @param sig_len the length of sig in bytes
99  * @returns if signature is a valid one for message
100  */
101  virtual bool verify(const uint8_t[], size_t,
102  const uint8_t[], size_t)
103  {
104  throw Invalid_State("Message recovery required");
105  }
106 
107  /*
108  * Perform a signature operation (with message recovery)
109  * Only call this if with_recovery() returns true
110  * @param msg the message
111  * @param msg_len the length of msg in bytes
112  * @returns recovered message
113  */
114  virtual secure_vector<uint8_t> verify_mr(const uint8_t[], size_t)
115  {
116  throw Invalid_State("Message recovery not supported");
117  }
118 
119  std::unique_ptr<EMSA> clone_emsa() const { return std::unique_ptr<EMSA>(m_emsa->clone()); }
120 
121  private:
122  std::unique_ptr<EMSA> m_emsa;
123  const std::string m_hash;
124  bool m_prefix_used;
125  };
126 
127 class Signature_with_EMSA : public Signature
128  {
129  public:
130  void update(const uint8_t msg[], size_t msg_len) override;
131 
132  secure_vector<uint8_t> sign(RandomNumberGenerator& rng) override;
133  protected:
134  explicit Signature_with_EMSA(const std::string& emsa);
135  ~Signature_with_EMSA() = default;
136 
137  std::string hash_for_signature() { return m_hash; }
138 
139  /**
140  * @return boolean specifying if this signature scheme uses
141  * a message prefix returned by message_prefix()
142  */
143  virtual bool has_prefix() { return false; }
144 
145  /**
146  * @return the message prefix if this signature scheme uses
147  * a message prefix, signaled via has_prefix()
148  */
149  virtual secure_vector<uint8_t> message_prefix() const { throw Exception( "No prefix" ); }
150 
151  std::unique_ptr<EMSA> clone_emsa() const { return std::unique_ptr<EMSA>(m_emsa->clone()); }
152 
153  private:
154 
155  /**
156  * Get the maximum message size in bits supported by this public key.
157  * @return maximum message in bits
158  */
159  virtual size_t max_input_bits() const = 0;
160 
161  bool self_test_signature(const std::vector<uint8_t>& msg,
162  const std::vector<uint8_t>& sig) const;
163 
164  virtual secure_vector<uint8_t> raw_sign(const uint8_t msg[], size_t msg_len,
165  RandomNumberGenerator& rng) = 0;
166 
167  std::unique_ptr<EMSA> m_emsa;
168  const std::string m_hash;
169  bool m_prefix_used;
170  };
171 
172 class Key_Agreement_with_KDF : public Key_Agreement
173  {
174  public:
175  secure_vector<uint8_t> agree(size_t key_len,
176  const uint8_t other_key[], size_t other_key_len,
177  const uint8_t salt[], size_t salt_len) override;
178 
179  protected:
180  explicit Key_Agreement_with_KDF(const std::string& kdf);
181  ~Key_Agreement_with_KDF() = default;
182  private:
183  virtual secure_vector<uint8_t> raw_agree(const uint8_t w[], size_t w_len) = 0;
184  std::unique_ptr<KDF> m_kdf;
185  };
186 
187 class KEM_Encryption_with_KDF : public KEM_Encryption
188  {
189  public:
190  void kem_encrypt(secure_vector<uint8_t>& out_encapsulated_key,
191  secure_vector<uint8_t>& out_shared_key,
192  size_t desired_shared_key_len,
193  Botan::RandomNumberGenerator& rng,
194  const uint8_t salt[],
195  size_t salt_len) override;
196 
197  protected:
198  virtual void raw_kem_encrypt(secure_vector<uint8_t>& out_encapsulated_key,
199  secure_vector<uint8_t>& raw_shared_key,
200  Botan::RandomNumberGenerator& rng) = 0;
201 
202  explicit KEM_Encryption_with_KDF(const std::string& kdf);
203  ~KEM_Encryption_with_KDF() = default;
204  private:
205  std::unique_ptr<KDF> m_kdf;
206  };
207 
208 class KEM_Decryption_with_KDF : public KEM_Decryption
209  {
210  public:
211  secure_vector<uint8_t> kem_decrypt(const uint8_t encap_key[],
212  size_t len,
213  size_t desired_shared_key_len,
214  const uint8_t salt[],
215  size_t salt_len) override;
216 
217  protected:
218  virtual secure_vector<uint8_t>
219  raw_kem_decrypt(const uint8_t encap_key[], size_t len) = 0;
220 
221  explicit KEM_Decryption_with_KDF(const std::string& kdf);
222  ~KEM_Decryption_with_KDF() = default;
223  private:
224  std::unique_ptr<KDF> m_kdf;
225  };
226 
227 }
228 
229 }
230 
231 #endif
Botan::PK_Ops::Verification_with_EMSA::message_prefix
virtual secure_vector< uint8_t > message_prefix() const
Definition: pk_ops_impl.h:85
Botan::PK_Ops::Encryption_with_EME::encrypt
secure_vector< uint8_t > encrypt(const uint8_t msg[], size_t msg_len, RandomNumberGenerator &rng) override
Definition: pk_ops.cpp:26
Botan::PK_Ops::Verification_with_EMSA::update
void update(const uint8_t msg[], size_t msg_len) override
Definition: pk_ops.cpp:105
Botan::PK_Ops::Signature_with_EMSA::~Signature_with_EMSA
~Signature_with_EMSA()=default
Botan::PK_Ops::KEM_Encryption_with_KDF::raw_kem_encrypt
virtual void raw_kem_encrypt(secure_vector< uint8_t > &out_encapsulated_key, secure_vector< uint8_t > &raw_shared_key, Botan::RandomNumberGenerator &rng)=0
Botan::PK_Ops::KEM_Decryption_with_KDF::kem_decrypt
secure_vector< uint8_t > kem_decrypt(const uint8_t encap_key[], size_t len, size_t desired_shared_key_len, const uint8_t salt[], size_t salt_len) override
Definition: pk_ops.cpp:155
Botan::PK_Ops::Key_Agreement_with_KDF::Key_Agreement_with_KDF
Key_Agreement_with_KDF(const std::string &kdf)
Definition: pk_ops.cpp:50
Botan::PK_Ops::KEM_Encryption_with_KDF
Definition: pk_ops_impl.h:187
Botan::PK_Ops::KEM_Decryption_with_KDF::~KEM_Decryption_with_KDF
~KEM_Decryption_with_KDF()=default
Botan::PK_Ops::Encryption_with_EME::Encryption_with_EME
Encryption_with_EME(const std::string &eme)
Definition: pk_ops.cpp:14
Botan::PK_Ops::KEM_Decryption_with_KDF::KEM_Decryption_with_KDF
KEM_Decryption_with_KDF(const std::string &kdf)
Definition: pk_ops.cpp:168
Botan::PK_Ops::Verification_with_EMSA::do_check
bool do_check(const secure_vector< uint8_t > &msg, const uint8_t sig[], size_t sig_len)
Botan::PK_Ops::Signature_with_EMSA::clone_emsa
std::unique_ptr< EMSA > clone_emsa() const
Definition: pk_ops_impl.h:151
Botan::PK_Ops::Verification_with_EMSA::has_prefix
virtual bool has_prefix()
Definition: pk_ops_impl.h:79
Botan::PK_Ops::Verification_with_EMSA::verify
virtual bool verify(const uint8_t[], size_t, const uint8_t[], size_t)
Definition: pk_ops_impl.h:101
Botan::PK_Ops::Signature
Definition: pk_ops.h:86
Botan::PK_Ops::Decryption_with_EME::Decryption_with_EME
Decryption_with_EME(const std::string &eme)
Definition: pk_ops.cpp:34
Botan::PK_Ops::Signature_with_EMSA::Signature_with_EMSA
Signature_with_EMSA(const std::string &emsa)
Definition: pk_ops.cpp:66
Botan::PK_Ops::KEM_Encryption_with_KDF::KEM_Encryption_with_KDF
KEM_Encryption_with_KDF(const std::string &kdf)
Definition: pk_ops.cpp:149
Botan::PK_Ops::KEM_Encryption_with_KDF::~KEM_Encryption_with_KDF
~KEM_Encryption_with_KDF()=default
Botan::PK_Ops::KEM_Decryption
Definition: pk_ops.h:134
Botan::PK_Ops::Key_Agreement_with_KDF::~Key_Agreement_with_KDF
~Key_Agreement_with_KDF()=default
Botan::PK_Ops::KEM_Encryption
Definition: pk_ops.h:121
Botan::PK_Ops::Key_Agreement_with_KDF
Definition: pk_ops_impl.h:172
Botan::PK_Ops::Verification_with_EMSA::clone_emsa
std::unique_ptr< EMSA > clone_emsa() const
Definition: pk_ops_impl.h:119
Botan::PK_Ops::Signature_with_EMSA::has_prefix
virtual bool has_prefix()
Definition: pk_ops_impl.h:143
Botan::PK_Ops::KEM_Encryption_with_KDF::kem_encrypt
void kem_encrypt(secure_vector< uint8_t > &out_encapsulated_key, secure_vector< uint8_t > &out_shared_key, size_t desired_shared_key_len, Botan::RandomNumberGenerator &rng, const uint8_t salt[], size_t salt_len) override
Definition: pk_ops.cpp:134
Botan::PK_Ops::KEM_Decryption_with_KDF::raw_kem_decrypt
virtual secure_vector< uint8_t > raw_kem_decrypt(const uint8_t encap_key[], size_t len)=0
Botan::PK_Ops::Verification_with_EMSA::max_input_bits
virtual size_t max_input_bits() const =0
Botan::PK_Ops::Signature_with_EMSA::sign
secure_vector< uint8_t > sign(RandomNumberGenerator &rng) override
Definition: pk_ops.cpp:87
Botan::PK_Ops::Verification_with_EMSA::~Verification_with_EMSA
~Verification_with_EMSA()=default
Botan::PK_Ops::Encryption_with_EME::max_input_bits
size_t max_input_bits() const override
Definition: pk_ops.cpp:21
Botan::PK_Ops::Verification_with_EMSA::Verification_with_EMSA
Verification_with_EMSA(const std::string &emsa)
Definition: pk_ops.cpp:95
Botan::PK_Ops::Signature_with_EMSA::hash_for_signature
std::string hash_for_signature()
Definition: pk_ops_impl.h:137
salt_len
size_t salt_len
Definition: x509_obj.cpp:26
Botan::PK_Ops::Signature_with_EMSA
Definition: pk_ops_impl.h:127
Botan
Definition: alg_id.cpp:13
Botan::PK_Ops::Encryption_with_EME
Definition: pk_ops_impl.h:20
Botan::PK_Ops::Signature_with_EMSA::update
void update(const uint8_t msg[], size_t msg_len) override
Definition: pk_ops.cpp:76
Botan::PK_Ops::Key_Agreement
Definition: pk_ops.h:108
Botan::PK_Ops::Verification_with_EMSA::with_recovery
virtual bool with_recovery() const =0
Botan::PK_Ops::Verification_with_EMSA::is_valid_signature
bool is_valid_signature(const uint8_t sig[], size_t sig_len) override
Definition: pk_ops.cpp:116
Botan::PK_Ops::Verification_with_EMSA
Definition: pk_ops_impl.h:53
Botan::Invalid_State
Definition: exceptn.h:56
Botan::PK_Ops::Verification_with_EMSA::hash_for_signature
std::string hash_for_signature()
Definition: pk_ops_impl.h:64
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
Botan::PK_Ops::Signature_with_EMSA::message_prefix
virtual secure_vector< uint8_t > message_prefix() const
Definition: pk_ops_impl.h:149
Botan::PK_Ops::Verification_with_EMSA::verify_mr
virtual secure_vector< uint8_t > verify_mr(const uint8_t[], size_t)
Definition: pk_ops_impl.h:114
Botan::PK_Ops::Decryption
Definition: pk_ops.h:51
Botan::PK_Ops::Encryption
Definition: pk_ops.h:36
Botan::PK_Ops::Encryption_with_EME::~Encryption_with_EME
~Encryption_with_EME()=default
Botan::PK_Ops::Verification
Definition: pk_ops.h:64
Botan::PK_Ops::Decryption_with_EME::decrypt
secure_vector< uint8_t > decrypt(uint8_t &valid_mask, const uint8_t msg[], size_t msg_len) override
Definition: pk_ops.cpp:42
Botan::PK_Ops::Decryption_with_EME::~Decryption_with_EME
~Decryption_with_EME()=default
Botan::PK_Ops::Decryption_with_EME
Definition: pk_ops_impl.h:39
Botan::PK_Ops::KEM_Decryption_with_KDF
Definition: pk_ops_impl.h:208
Botan::PK_Ops::Key_Agreement_with_KDF::agree
secure_vector< uint8_t > agree(size_t key_len, const uint8_t other_key[], size_t other_key_len, const uint8_t salt[], size_t salt_len) override
Definition: pk_ops.cpp:56
Generated by   doxygen 1.8.14