7#include <botan/pubkey.h>
8#include <botan/der_enc.h>
9#include <botan/ber_dec.h>
10#include <botan/bigint.h>
11#include <botan/internal/pk_ops.h>
12#include <botan/internal/ct_utils.h>
19 uint8_t valid_mask = 0;
24 throw Decoding_Error(
"Invalid public key ciphertext, cannot decrypt");
32 size_t expected_pt_len,
34 const uint8_t required_content_bytes[],
35 const uint8_t required_content_offsets[],
36 size_t required_contents_length)
const
40 uint8_t decrypt_valid = 0;
46 decoded.resize(expected_pt_len);
48 for(
size_t i = 0; i != required_contents_length; ++i)
61 const uint8_t exp = required_content_bytes[i];
62 const uint8_t off = required_content_offsets[i];
64 BOTAN_ASSERT(off < expected_pt_len,
"Offset in range of plaintext");
72 valid_mask.select_n(decoded.data(), decoded.data(), fake_pms.data(), expected_pt_len);
80 size_t expected_pt_len,
89 const std::string& padding,
90 const std::string& provider)
101 return m_op->ciphertext_length(ptext_len);
107 return unlock(m_op->encrypt(in, length, rng));
112 return m_op->max_input_bits() / 8;
117 const std::string& padding,
118 const std::string& provider)
129 return m_op->plaintext_length(ctext_len);
133 const uint8_t in[],
size_t in_len)
const
135 return m_op->decrypt(valid_mask, in, in_len);
140 const std::string& param,
141 const std::string& provider)
152 size_t desired_shared_key_len,
154 const uint8_t salt[],
157 m_op->kem_encrypt(out_encapsulated_key,
159 desired_shared_key_len,
167 const std::string& param,
168 const std::string& provider)
178 size_t encap_key_len,
179 size_t desired_shared_key_len,
180 const uint8_t salt[],
183 return m_op->kem_decrypt(encap_key, encap_key_len,
184 desired_shared_key_len,
192 const
std::
string& kdf,
193 const
std::
string& provider)
195 m_op = key.create_key_agreement_op(rng, kdf, provider);
197 throw Invalid_Argument(
"Key type " + key.algo_name() +
" does not support key agreement");
204 return m_op->agreed_value_size();
208 const uint8_t in[],
size_t in_len,
209 const uint8_t salt[],
212 return m_op->agree(key_len, in, in_len, salt,
salt_len);
215static void check_der_format_supported(
Signature_Format format,
size_t parts)
223 const std::string& emsa,
225 const std::string& provider)
230 m_sig_format = format;
233 check_der_format_supported(format, m_parts);
240 m_op->update(in, length);
245std::vector<uint8_t> der_encode_signature(
const std::vector<uint8_t>& sig,
249 if(sig.size() % parts != 0 || sig.size() != parts * part_size)
252 std::vector<BigInt> sig_parts(parts);
253 for(
size_t i = 0; i != sig_parts.size(); ++i)
254 sig_parts[i].binary_decode(&sig[part_size*i], part_size);
256 std::vector<uint8_t> output;
270 return m_op->signature_length();
276 return m_op->signature_length() + (8 + 4*m_parts);
284 std::vector<uint8_t> sig =
unlock(m_op->sign(rng));
292 return der_encode_signature(sig, m_parts, m_part_size);
299 const std::string& emsa,
301 const std::string& provider)
306 m_sig_format = format;
309 check_der_format_supported(format, m_parts);
316 check_der_format_supported(format, m_parts);
317 m_sig_format = format;
321 const uint8_t sig[],
size_t sig_length)
329 m_op->update(in, length);
337 return m_op->is_valid_signature(sig, length);
341 std::vector<uint8_t> real_sig;
360 const std::vector<uint8_t> reencoded =
361 der_encode_signature(real_sig, m_parts, m_part_size);
363 if(reencoded.size() != length ||
364 same_mem(reencoded.data(), sig, reencoded.size()) ==
false)
366 throw Decoding_Error(
"PK_Verifier: signature is not the canonical DER encoding");
369 return m_op->is_valid_signature(real_sig.data(), real_sig.size());
372 throw Internal_Error(
"PK_Verifier: Invalid signature format enum");
#define BOTAN_ASSERT_NOMSG(expr)
#define BOTAN_ASSERT(expr, assertion_made)
BER_Decoder & decode(bool &out)
BER_Decoder start_sequence()
static secure_vector< uint8_t > encode_1363(const BigInt &n, size_t bytes)
static Mask< T > is_equal(T x, T y)
DER_Encoder & encode_list(const std::vector< T > &values)
DER_Encoder & start_sequence()
size_t plaintext_length(size_t ptext_len) const override
PK_Decryptor_EME(const Private_Key &key, RandomNumberGenerator &rng, const std::string &eme, const std::string &provider="")
secure_vector< uint8_t > decrypt_or_random(const uint8_t in[], size_t length, size_t expected_pt_len, RandomNumberGenerator &rng) const
secure_vector< uint8_t > decrypt(const uint8_t in[], size_t length) const
PK_Encryptor_EME(const Public_Key &key, RandomNumberGenerator &rng, const std::string &padding, const std::string &provider="")
size_t maximum_input_size() const override
size_t ciphertext_length(size_t ptext_len) const override
PK_KEM_Decryptor(const Private_Key &key, RandomNumberGenerator &rng, const std::string &kem_param="", const std::string &provider="")
secure_vector< uint8_t > decrypt(const uint8_t encap_key[], size_t encap_key_len, size_t desired_shared_key_len, const uint8_t salt[], size_t salt_len)
PK_KEM_Encryptor(const Public_Key &key, RandomNumberGenerator &rng, const std::string &kem_param="", const std::string &provider="")
void encrypt(secure_vector< uint8_t > &out_encapsulated_key, secure_vector< uint8_t > &out_shared_key, size_t desired_shared_key_len, Botan::RandomNumberGenerator &rng, const uint8_t salt[], size_t salt_len)
size_t agreed_value_size() const
PK_Key_Agreement(const Private_Key &key, RandomNumberGenerator &rng, const std::string &kdf, const std::string &provider="")
SymmetricKey derive_key(size_t key_len, const uint8_t in[], size_t in_len, const uint8_t params[], size_t params_len) const
PK_Signer(const Private_Key &key, RandomNumberGenerator &rng, const std::string &emsa, Signature_Format format=IEEE_1363, const std::string &provider="")
size_t signature_length() const
std::vector< uint8_t > signature(RandomNumberGenerator &rng)
void set_input_format(Signature_Format format)
bool verify_message(const uint8_t msg[], size_t msg_length, const uint8_t sig[], size_t sig_length)
PK_Verifier(const Public_Key &pub_key, const std::string &emsa, Signature_Format format=IEEE_1363, const std::string &provider="")
bool check_signature(const uint8_t sig[], size_t length)
virtual std::unique_ptr< PK_Ops::Signature > create_signature_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual std::unique_ptr< PK_Ops::Decryption > create_decryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual std::unique_ptr< PK_Ops::KEM_Decryption > create_kem_decryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual std::unique_ptr< PK_Ops::Encryption > create_encryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual std::unique_ptr< PK_Ops::KEM_Encryption > create_kem_encryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual size_t message_part_size() const
virtual std::string algo_name() const =0
virtual size_t message_parts() const
virtual std::unique_ptr< PK_Ops::Verification > create_verification_op(const std::string ¶ms, const std::string &provider) const
secure_vector< uint8_t > random_vec(size_t bytes)
std::vector< T > unlock(const secure_vector< T > &in)
bool same_mem(const T *p1, const T *p2, size_t n)
std::vector< T, secure_allocator< T > > secure_vector