7#include <botan/pubkey.h>
8#include <botan/der_enc.h>
9#include <botan/ber_dec.h>
10#include <botan/bigint.h>
11#include <botan/pk_ops.h>
12#include <botan/internal/ct_utils.h>
19 uint8_t valid_mask = 0;
24 throw Decoding_Error(
"Invalid public key ciphertext, cannot decrypt");
32 size_t expected_pt_len,
34 const uint8_t required_content_bytes[],
35 const uint8_t required_content_offsets[],
36 size_t required_contents_length)
const
40 uint8_t decrypt_valid = 0;
46 decoded.resize(expected_pt_len);
48 for(
size_t i = 0; i != required_contents_length; ++i)
61 const uint8_t exp = required_content_bytes[i];
62 const uint8_t off = required_content_offsets[i];
64 BOTAN_ASSERT(off < expected_pt_len,
"Offset in range of plaintext");
72 valid_mask.select_n(decoded.data(), decoded.data(), fake_pms.data(), expected_pt_len);
80 size_t expected_pt_len,
89 const std::string& padding,
90 const std::string& provider)
101 return m_op->ciphertext_length(ptext_len);
107 return unlock(m_op->encrypt(in, length, rng));
112 return m_op->max_input_bits() / 8;
117 const std::string& padding,
118 const std::string& provider)
129 return m_op->plaintext_length(ctext_len);
133 const uint8_t in[],
size_t in_len)
const
135 return m_op->decrypt(valid_mask, in, in_len);
140 const std::string& param,
141 const std::string& provider)
152 size_t desired_shared_key_len,
154 const uint8_t salt[],
157 m_op->kem_encrypt(out_encapsulated_key,
159 desired_shared_key_len,
167 const std::string& param,
168 const std::string& provider)
178 size_t encap_key_len,
179 size_t desired_shared_key_len,
180 const uint8_t salt[],
183 return m_op->kem_decrypt(encap_key, encap_key_len,
184 desired_shared_key_len,
190 const std::string& kdf,
191 const std::string& provider)
204 m_op = std::move(other.m_op);
210 m_op(
std::move(other.m_op))
215 return m_op->agreed_value_size();
219 const uint8_t in[],
size_t in_len,
220 const uint8_t salt[],
223 return m_op->agree(key_len, in, in_len, salt,
salt_len);
226static void check_der_format_supported(
Signature_Format format,
size_t parts)
234 const std::string& emsa,
236 const std::string& provider)
241 m_sig_format = format;
244 check_der_format_supported(format, m_parts);
251 m_op->update(in, length);
256std::vector<uint8_t> der_encode_signature(
const std::vector<uint8_t>& sig,
260 if(sig.size() % parts != 0 || sig.size() != parts * part_size)
263 std::vector<BigInt> sig_parts(parts);
264 for(
size_t i = 0; i != sig_parts.size(); ++i)
265 sig_parts[i].binary_decode(&sig[part_size*i], part_size);
267 std::vector<uint8_t> output;
281 return m_op->signature_length();
287 return m_op->signature_length() + (8 + 4*m_parts);
295 const std::vector<uint8_t> sig =
unlock(m_op->sign(rng));
303 return der_encode_signature(sig, m_parts, m_part_size);
310 const std::string& emsa,
312 const std::string& provider)
317 m_sig_format = format;
320 check_der_format_supported(format, m_parts);
327 check_der_format_supported(format, m_parts);
328 m_sig_format = format;
332 const uint8_t sig[],
size_t sig_length)
340 m_op->update(in, length);
348 return m_op->is_valid_signature(sig, length);
352 std::vector<uint8_t> real_sig;
371 const std::vector<uint8_t> reencoded =
372 der_encode_signature(real_sig, m_parts, m_part_size);
374 if(reencoded.size() != length ||
375 same_mem(reencoded.data(), sig, reencoded.size()) ==
false)
377 throw Decoding_Error(
"PK_Verifier: signature is not the canonical DER encoding");
380 return m_op->is_valid_signature(real_sig.data(), real_sig.size());
383 throw Internal_Error(
"PK_Verifier: Invalid signature format enum");
#define BOTAN_ASSERT_NOMSG(expr)
#define BOTAN_ASSERT(expr, assertion_made)
BER_Decoder start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
BER_Decoder & decode(bool &out)
static secure_vector< uint8_t > encode_1363(const BigInt &n, size_t bytes)
static Mask< T > is_equal(T x, T y)
DER_Encoder & encode_list(const std::vector< T > &values)
DER_Encoder & start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
size_t plaintext_length(size_t ptext_len) const override
PK_Decryptor_EME(const Private_Key &key, RandomNumberGenerator &rng, const std::string &eme, const std::string &provider="")
secure_vector< uint8_t > decrypt_or_random(const uint8_t in[], size_t length, size_t expected_pt_len, RandomNumberGenerator &rng) const
secure_vector< uint8_t > decrypt(const uint8_t in[], size_t length) const
PK_Encryptor_EME(const Public_Key &key, RandomNumberGenerator &rng, const std::string &padding, const std::string &provider="")
size_t maximum_input_size() const override
size_t ciphertext_length(size_t ptext_len) const override
PK_KEM_Decryptor(const Private_Key &key, RandomNumberGenerator &rng, const std::string &kem_param="", const std::string &provider="")
secure_vector< uint8_t > decrypt(const uint8_t encap_key[], size_t encap_key_len, size_t desired_shared_key_len, const uint8_t salt[], size_t salt_len)
PK_KEM_Encryptor(const Public_Key &key, RandomNumberGenerator &rng, const std::string &kem_param="", const std::string &provider="")
void encrypt(secure_vector< uint8_t > &out_encapsulated_key, secure_vector< uint8_t > &out_shared_key, size_t desired_shared_key_len, Botan::RandomNumberGenerator &rng, const uint8_t salt[], size_t salt_len)
PK_Key_Agreement & operator=(PK_Key_Agreement &&)
size_t agreed_value_size() const
PK_Key_Agreement(const Private_Key &key, RandomNumberGenerator &rng, const std::string &kdf, const std::string &provider="")
SymmetricKey derive_key(size_t key_len, const uint8_t in[], size_t in_len, const uint8_t params[], size_t params_len) const
PK_Signer(const Private_Key &key, RandomNumberGenerator &rng, const std::string &emsa, Signature_Format format=IEEE_1363, const std::string &provider="")
size_t signature_length() const
std::vector< uint8_t > signature(RandomNumberGenerator &rng)
void set_input_format(Signature_Format format)
bool verify_message(const uint8_t msg[], size_t msg_length, const uint8_t sig[], size_t sig_length)
PK_Verifier(const Public_Key &pub_key, const std::string &emsa, Signature_Format format=IEEE_1363, const std::string &provider="")
bool check_signature(const uint8_t sig[], size_t length)
virtual std::unique_ptr< PK_Ops::Signature > create_signature_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual std::unique_ptr< PK_Ops::Key_Agreement > create_key_agreement_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual std::unique_ptr< PK_Ops::Decryption > create_decryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual std::unique_ptr< PK_Ops::KEM_Decryption > create_kem_decryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual std::unique_ptr< PK_Ops::Encryption > create_encryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual std::unique_ptr< PK_Ops::KEM_Encryption > create_kem_encryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual size_t message_part_size() const
virtual std::string algo_name() const =0
virtual size_t message_parts() const
virtual std::unique_ptr< PK_Ops::Verification > create_verification_op(const std::string ¶ms, const std::string &provider) const
secure_vector< uint8_t > random_vec(size_t bytes)
int(* update)(CTX *, const void *, CC_LONG len)
std::vector< T > unlock(const secure_vector< T > &in)
bool same_mem(const T *p1, const T *p2, size_t n)
std::vector< T, secure_allocator< T > > secure_vector