7 #include <botan/pubkey.h>
8 #include <botan/der_enc.h>
9 #include <botan/ber_dec.h>
10 #include <botan/bigint.h>
11 #include <botan/pk_ops.h>
12 #include <botan/internal/ct_utils.h>
18 uint8_t valid_mask = 0;
23 throw Decoding_Error(
"Invalid public key ciphertext, cannot decrypt");
31 size_t expected_pt_len,
33 const uint8_t required_content_bytes[],
34 const uint8_t required_content_offsets[],
35 size_t required_contents_length)
const
39 uint8_t valid_mask = 0;
42 valid_mask &=
CT::is_equal(decoded.size(), expected_pt_len);
44 decoded.resize(expected_pt_len);
46 for(
size_t i = 0; i != required_contents_length; ++i)
59 const uint8_t exp = required_content_bytes[i];
60 const uint8_t off = required_content_offsets[i];
62 BOTAN_ASSERT(off < expected_pt_len,
"Offset in range of plaintext");
79 size_t expected_pt_len,
88 const std::string& padding,
89 const std::string& provider)
101 return unlock(m_op->encrypt(in, length, rng));
106 return m_op->max_input_bits() / 8;
111 const std::string& padding,
112 const std::string& provider)
122 const uint8_t in[],
size_t in_len)
const
124 return m_op->decrypt(valid_mask, in, in_len);
129 const std::string& param,
130 const std::string& provider)
141 size_t desired_shared_key_len,
143 const uint8_t salt[],
146 m_op->kem_encrypt(out_encapsulated_key,
148 desired_shared_key_len,
156 const std::string& param,
157 const std::string& provider)
167 size_t encap_key_len,
168 size_t desired_shared_key_len,
169 const uint8_t salt[],
172 return m_op->kem_decrypt(encap_key, encap_key_len,
173 desired_shared_key_len,
179 const std::string& kdf,
180 const std::string& provider)
193 m_op = std::move(other.m_op);
199 m_op(
std::move(other.m_op))
203 const uint8_t in[],
size_t in_len,
204 const uint8_t salt[],
205 size_t salt_len)
const
207 return m_op->agree(key_len, in, in_len, salt, salt_len);
212 const std::string& emsa,
214 const std::string& provider)
219 m_sig_format = format;
228 m_op->update(in, length);
233 const std::vector<uint8_t> sig =
unlock(m_op->sign(rng));
241 if(sig.size() % m_parts != 0 || sig.size() != m_parts * m_part_size)
242 throw Internal_Error(
"PK_Signer: DER signature sizes unexpected, cannot encode");
244 std::vector<BigInt> sig_parts(m_parts);
245 for(
size_t i = 0; i != sig_parts.size(); ++i)
246 sig_parts[i].binary_decode(&sig[m_part_size*i], m_part_size);
259 const std::string& emsa,
261 const std::string& provider)
266 m_sig_format = format;
276 throw Invalid_Argument(
"PK_Verifier: This algorithm does not support DER encoding");
277 m_sig_format = format;
281 const uint8_t sig[],
size_t sig_length)
289 m_op->update(in, length);
297 return m_op->is_valid_signature(sig, length);
301 std::vector<uint8_t> real_sig;
317 return m_op->is_valid_signature(real_sig.data(), real_sig.size());
320 throw Internal_Error(
"PK_Verifier: Invalid signature format enum");
DER_Encoder & encode_list(const std::vector< T > &values)
PK_Signer(const Private_Key &key, RandomNumberGenerator &rng, const std::string &emsa, Signature_Format format=IEEE_1363, const std::string &provider="")
secure_vector< uint8_t > random_vec(size_t bytes)
void conditional_copy_mem(T value, T *to, const T *from0, const T *from1, size_t elems)
std::vector< uint8_t > get_contents_unlocked()
bool verify_message(const uint8_t msg[], size_t msg_length, const uint8_t sig[], size_t sig_length)
virtual std::unique_ptr< PK_Ops::Signature > create_signature_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
PK_KEM_Encryptor(const Public_Key &key, RandomNumberGenerator &rng, const std::string &kem_param="", const std::string &provider="")
SymmetricKey derive_key(size_t key_len, const uint8_t in[], size_t in_len, const uint8_t params[], size_t params_len) const
virtual size_t message_part_size() const
PK_Key_Agreement(const Private_Key &key, RandomNumberGenerator &rng, const std::string &kdf, const std::string &provider="")
secure_vector< uint8_t > decrypt(const uint8_t in[], size_t length) const
std::vector< uint8_t > signature(RandomNumberGenerator &rng)
virtual std::string algo_name() const =0
BER_Decoder & decode(bool &v)
virtual std::unique_ptr< PK_Ops::Encryption > create_encryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
virtual std::unique_ptr< PK_Ops::Decryption > create_decryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
PK_Decryptor_EME(const Private_Key &key, RandomNumberGenerator &rng, const std::string &eme, const std::string &provider="")
#define BOTAN_ASSERT(expr, assertion_made)
std::vector< T, secure_allocator< T >> secure_vector
secure_vector< uint8_t > decrypt(const uint8_t encap_key[], size_t encap_key_len, size_t desired_shared_key_len, const uint8_t salt[], size_t salt_len)
secure_vector< uint8_t > decrypt_or_random(const uint8_t in[], size_t length, size_t expected_pt_len, RandomNumberGenerator &rng) const
virtual size_t message_parts() const
size_t maximum_input_size() const override
PK_KEM_Decryptor(const Private_Key &key, RandomNumberGenerator &rng, const std::string &kem_param="", const std::string &provider="")
PK_Key_Agreement & operator=(PK_Key_Agreement &&)
BER_Decoder start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
virtual std::unique_ptr< PK_Ops::KEM_Decryption > create_kem_decryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
void set_input_format(Signature_Format format)
virtual std::unique_ptr< PK_Ops::Key_Agreement > create_key_agreement_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
std::vector< T > unlock(const secure_vector< T > &in)
bool check_signature(const uint8_t sig[], size_t length)
PK_Encryptor_EME(const Public_Key &key, RandomNumberGenerator &rng, const std::string &padding, const std::string &provider="")
PK_Verifier(const Public_Key &pub_key, const std::string &emsa, Signature_Format format=IEEE_1363, const std::string &provider="")
virtual std::unique_ptr< PK_Ops::KEM_Encryption > create_kem_encryption_op(RandomNumberGenerator &rng, const std::string ¶ms, const std::string &provider) const
DER_Encoder & start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
static secure_vector< uint8_t > encode_1363(const BigInt &n, size_t bytes)
virtual std::unique_ptr< PK_Ops::Verification > create_verification_op(const std::string ¶ms, const std::string &provider) const
void encrypt(secure_vector< uint8_t > &out_encapsulated_key, secure_vector< uint8_t > &out_shared_key, size_t desired_shared_key_len, Botan::RandomNumberGenerator &rng, const uint8_t salt[], size_t salt_len)