Botan 2.19.3
Crypto and TLS for C&
Public Member Functions | List of all members
Botan::PK_Verifier Class Referencefinal

#include <pubkey.h>

Public Member Functions

template<typename Alloc >
bool check_signature (const std::vector< uint8_t, Alloc > &sig)
 
bool check_signature (const uint8_t sig[], size_t length)
 
PK_Verifieroperator= (const PK_Verifier &)=delete
 
 PK_Verifier (const PK_Verifier &)=delete
 
 PK_Verifier (const Public_Key &pub_key, const std::string &emsa, Signature_Format format=IEEE_1363, const std::string &provider="")
 
void set_input_format (Signature_Format format)
 
void update (const std::string &in)
 
template<typename Alloc >
void update (const std::vector< uint8_t, Alloc > &in)
 
void update (const uint8_t msg_part[], size_t length)
 
void update (uint8_t in)
 
template<typename Alloc , typename Alloc2 >
bool verify_message (const std::vector< uint8_t, Alloc > &msg, const std::vector< uint8_t, Alloc2 > &sig)
 
bool verify_message (const uint8_t msg[], size_t msg_length, const uint8_t sig[], size_t sig_length)
 
 ~PK_Verifier ()
 

Detailed Description

Public Key Verifier. Use the verify_message() functions for small messages. Use multiple calls update() to process large messages and verify the signature by finally calling check_signature().

Definition at line 298 of file pubkey.h.

Constructor & Destructor Documentation

◆ PK_Verifier() [1/2]

Botan::PK_Verifier::PK_Verifier ( const Public_Key pub_key,
const std::string &  emsa,
Signature_Format  format = IEEE_1363,
const std::string &  provider = "" 
)

Construct a PK Verifier.

Parameters
pub_keythe public key to verify against
emsathe EMSA to use (eg "EMSA3(SHA-1)")
formatthe signature format to use
providerthe provider to use

Definition at line 309 of file pubkey.cpp.

313 {
314 m_op = key.create_verification_op(emsa, provider);
315 if(!m_op)
316 throw Invalid_Argument("Key type " + key.algo_name() + " does not support signature verification");
317 m_sig_format = format;
318 m_parts = key.message_parts();
319 m_part_size = key.message_part_size();
320 check_der_format_supported(format, m_parts);
321 }

References Botan::Public_Key::algo_name(), Botan::Public_Key::create_verification_op(), Botan::Public_Key::message_part_size(), and Botan::Public_Key::message_parts().

◆ ~PK_Verifier()

Botan::PK_Verifier::~PK_Verifier ( )

Definition at line 323 of file pubkey.cpp.

323{ /* for unique_ptr */ }

◆ PK_Verifier() [2/2]

Botan::PK_Verifier::PK_Verifier ( const PK_Verifier )
delete

Member Function Documentation

◆ check_signature() [1/2]

template<typename Alloc >
bool Botan::PK_Verifier::check_signature ( const std::vector< uint8_t, Alloc > &  sig)
inline

Check the signature of the buffered message, i.e. the one build by successive calls to update.

Parameters
sigthe signature to be verified
Returns
true if the signature is valid, false otherwise

Definition at line 393 of file pubkey.h.

394 {
395 return check_signature(sig.data(), sig.size());
396 }
bool check_signature(const uint8_t sig[], size_t length)
Definition pubkey.cpp:343

◆ check_signature() [2/2]

bool Botan::PK_Verifier::check_signature ( const uint8_t  sig[],
size_t  length 
)

Check the signature of the buffered message, i.e. the one build by successive calls to update.

Parameters
sigthe signature to be verified as a byte array
lengththe length of the above byte array
Returns
true if the signature is valid, false otherwise

Definition at line 343 of file pubkey.cpp.

344 {
345 try {
346 if(m_sig_format == IEEE_1363)
347 {
348 return m_op->is_valid_signature(sig, length);
349 }
350 else if(m_sig_format == DER_SEQUENCE)
351 {
352 std::vector<uint8_t> real_sig;
353 BER_Decoder decoder(sig, length);
354 BER_Decoder ber_sig = decoder.start_cons(SEQUENCE);
355
356 BOTAN_ASSERT_NOMSG(m_parts != 0 && m_part_size != 0);
357
358 size_t count = 0;
359
360 while(ber_sig.more_items())
361 {
362 BigInt sig_part;
363 ber_sig.decode(sig_part);
364 real_sig += BigInt::encode_1363(sig_part, m_part_size);
365 ++count;
366 }
367
368 if(count != m_parts)
369 throw Decoding_Error("PK_Verifier: signature size invalid");
370
371 const std::vector<uint8_t> reencoded =
372 der_encode_signature(real_sig, m_parts, m_part_size);
373
374 if(reencoded.size() != length ||
375 same_mem(reencoded.data(), sig, reencoded.size()) == false)
376 {
377 throw Decoding_Error("PK_Verifier: signature is not the canonical DER encoding");
378 }
379
380 return m_op->is_valid_signature(real_sig.data(), real_sig.size());
381 }
382 else
383 throw Internal_Error("PK_Verifier: Invalid signature format enum");
384 }
385 catch(Invalid_Argument&) { return false; }
386 }
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:68
static secure_vector< uint8_t > encode_1363(const BigInt &n, size_t bytes)
Definition big_code.cpp:111
bool same_mem(const T *p1, const T *p2, size_t n)
Definition mem_ops.h:217
@ SEQUENCE
Definition asn1_obj.h:42
@ DER_SEQUENCE
Definition pk_keys.h:23
@ IEEE_1363
Definition pk_keys.h:23

References BOTAN_ASSERT_NOMSG, Botan::BER_Decoder::decode(), Botan::DER_SEQUENCE, Botan::BigInt::encode_1363(), Botan::IEEE_1363, Botan::BER_Decoder::more_items(), Botan::same_mem(), Botan::SEQUENCE, and Botan::BER_Decoder::start_cons().

Referenced by botan_pk_op_verify_finish(), Botan::Roughtime::Response::validate(), and verify_message().

◆ operator=()

PK_Verifier & Botan::PK_Verifier::operator= ( const PK_Verifier )
delete

◆ set_input_format()

void Botan::PK_Verifier::set_input_format ( Signature_Format  format)

Set the format of the signatures fed to this verifier.

Parameters
formatthe signature format to use

Definition at line 325 of file pubkey.cpp.

326 {
327 check_der_format_supported(format, m_parts);
328 m_sig_format = format;
329 }

◆ update() [1/4]

void Botan::PK_Verifier::update ( const std::string &  in)
inline

Add a message part of the message corresponding to the signature to be verified.

Definition at line 372 of file pubkey.h.

373 {
374 update(cast_char_ptr_to_uint8(in.data()), in.size());
375 }
int(* update)(CTX *, const void *, CC_LONG len)
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition mem_ops.h:190

References Botan::cast_char_ptr_to_uint8(), and update.

◆ update() [2/4]

template<typename Alloc >
void Botan::PK_Verifier::update ( const std::vector< uint8_t, Alloc > &  in)
inline

Add a message part of the message corresponding to the signature to be verified.

Parameters
inthe new message part

Definition at line 363 of file pubkey.h.

364 {
365 update(in.data(), in.size());
366 }

References update.

◆ update() [3/4]

void Botan::PK_Verifier::update ( const uint8_t  msg_part[],
size_t  length 
)

Add a message part of the message corresponding to the signature to be verified.

Parameters
msg_partthe new message part as a byte array
lengththe length of the above byte array

Definition at line 338 of file pubkey.cpp.

339 {
340 m_op->update(in, length);
341 }

◆ update() [4/4]

void Botan::PK_Verifier::update ( uint8_t  in)
inline

Add a message part (single byte) of the message corresponding to the signature to be verified.

Parameters
inthe byte to add

Definition at line 347 of file pubkey.h.

347{ update(&in, 1); }

References update().

Referenced by botan_pk_op_verify_update(), update(), and Botan::Roughtime::Response::validate().

◆ verify_message() [1/2]

template<typename Alloc , typename Alloc2 >
bool Botan::PK_Verifier::verify_message ( const std::vector< uint8_t, Alloc > &  msg,
const std::vector< uint8_t, Alloc2 > &  sig 
)
inline

Verify a signature.

Parameters
msgthe message that the signature belongs to
sigthe signature
Returns
true if the signature is valid

Definition at line 335 of file pubkey.h.

337 {
338 return verify_message(msg.data(), msg.size(),
339 sig.data(), sig.size());
340 }
bool verify_message(const uint8_t msg[], size_t msg_length, const uint8_t sig[], size_t sig_length)
Definition pubkey.cpp:331

◆ verify_message() [2/2]

bool Botan::PK_Verifier::verify_message ( const uint8_t  msg[],
size_t  msg_length,
const uint8_t  sig[],
size_t  sig_length 
)

Verify a signature.

Parameters
msgthe message that the signature belongs to, as a byte array
msg_lengththe length of the above byte array msg
sigthe signature as a byte array
sig_lengththe length of the above byte array sig
Returns
true if the signature is valid

Definition at line 331 of file pubkey.cpp.

333 {
334 update(msg, msg_length);
335 return check_signature(sig, sig_length);
336 }

References check_signature(), and update.

Referenced by Botan::KeyPair::signature_consistency_check(), Botan::TLS::Callbacks::tls_verify_message(), Botan::X509_Object::verify_signature(), and Botan::OCSP::Response::verify_signature().


The documentation for this class was generated from the following files: