Botan::PK_Verifier Class Reference

#include <pubkey.h>

Public Member Functions
bool	check_signature (const uint8_t sig[], size_t length)
template<typename Alloc >
bool	check_signature (const std::vector< uint8_t, Alloc > &sig)
PK_Verifier &	operator= (const PK_Verifier &)=delete
	PK_Verifier (const Public_Key &pub_key, const std::string &emsa, Signature_Format format=IEEE_1363, const std::string &provider="")
	PK_Verifier (const PK_Verifier &)=delete
void	set_input_format (Signature_Format format)
void	update (uint8_t in)
void	update (const uint8_t msg_part[], size_t length)
template<typename Alloc >
void	update (const std::vector< uint8_t, Alloc > &in)
void	update (const std::string &in)
bool	verify_message (const uint8_t msg[], size_t msg_length, const uint8_t sig[], size_t sig_length)
template<typename Alloc , typename Alloc2 >
bool	verify_message (const std::vector< uint8_t, Alloc > &msg, const std::vector< uint8_t, Alloc2 > &sig)
	~PK_Verifier ()

Detailed Description

Public Key Verifier. Use the verify_message() functions for small messages. Use multiple calls update() to process large messages and verify the signature by finally calling check_signature().

Definition at line 298 of file pubkey.h.

Constructor & Destructor Documentation

Botan::PK_Verifier::PK_Verifier	(	const Public_Key &	pub_key,
		const std::string &	emsa,
		Signature_Format	format = IEEE_1363,
		const std::string &	provider = ""
	)

Construct a PK Verifier.

Parameters

pub_key	the public key to verify against
emsa	the EMSA to use (eg "EMSA3(SHA-1)")
format	the signature format to use
provider	the provider to use

Definition at line 302 of file pubkey.cpp.

References Botan::Public_Key::algo_name(), Botan::Public_Key::create_verification_op(), Botan::Public_Key::message_part_size(), and Botan::Public_Key::message_parts().

   {
   m_op = key.create_verification_op(emsa, provider);
   if(!m_op)
      throw Invalid_Argument("Key type " + key.algo_name() + " does not support signature verification");
   m_sig_format = format;
   m_parts = key.message_parts();
   m_part_size = key.message_part_size();
   }

Botan::PK_Verifier::~PK_Verifier

(

)

Definition at line 315 of file pubkey.cpp.

{ /* for unique_ptr */ }

Botan::PK_Verifier::PK_Verifier ( const PK_Verifier &  )

delete

Member Function Documentation

bool Botan::PK_Verifier::check_signature	(	const uint8_t	sig[],
		size_t	length
	)

Check the signature of the buffered message, i.e. the one build by successive calls to update.

Parameters

sig	the signature to be verified as a byte array
length	the length of the above byte array

Returns

true if the signature is valid, false otherwise

Definition at line 336 of file pubkey.cpp.

References BOTAN_ASSERT_NOMSG, Botan::BER_Decoder::decode(), Botan::DER_SEQUENCE, Botan::BigInt::encode_1363(), Botan::IEEE_1363, Botan::BER_Decoder::more_items(), Botan::same_mem(), Botan::SEQUENCE, and Botan::BER_Decoder::start_cons().

Referenced by botan_pk_op_verify_finish(), Botan::Roughtime::Response::validate(), and verify_message().

   {
   try {
      if(m_sig_format == IEEE_1363)
         {
         return m_op->is_valid_signature(sig, length);
         }
      else if(m_sig_format == DER_SEQUENCE)
         {
         std::vector<uint8_t> real_sig;
         BER_Decoder decoder(sig, length);
         BER_Decoder ber_sig = decoder.start_cons(SEQUENCE);

         BOTAN_ASSERT_NOMSG(m_parts != 0 && m_part_size != 0);

         size_t count = 0;

         while(ber_sig.more_items())
            {
            BigInt sig_part;
            ber_sig.decode(sig_part);
            real_sig += BigInt::encode_1363(sig_part, m_part_size);
            ++count;
            }

         if(count != m_parts)
            throw Decoding_Error("PK_Verifier: signature size invalid");

         const std::vector<uint8_t> reencoded =
            der_encode_signature(real_sig, m_parts, m_part_size);

         if(reencoded.size() != length ||
            same_mem(reencoded.data(), sig, reencoded.size()) == false)
            {
            throw Decoding_Error("PK_Verifier: signature is not the canonical DER encoding");
            }

         return m_op->is_valid_signature(real_sig.data(), real_sig.size());
         }
      else
         throw Internal_Error("PK_Verifier: Invalid signature format enum");
      }
   catch(Invalid_Argument&) { return false; }
   }

template<typename Alloc >

bool Botan::PK_Verifier::check_signature ( const std::vector< uint8_t, Alloc > &  sig )

inline

Check the signature of the buffered message, i.e. the one build by successive calls to update.

Parameters

sig	the signature to be verified

Returns

true if the signature is valid, false otherwise

Definition at line 393 of file pubkey.h.

         {
         return check_signature(sig.data(), sig.size());
         }

PK_Verifier& Botan::PK_Verifier::operator= ( const PK_Verifier &  )

delete

void Botan::PK_Verifier::set_input_format

(

Signature_Format

format

)

Set the format of the signatures fed to this verifier.

Parameters

format

the signature format to use

Definition at line 317 of file pubkey.cpp.

References Botan::IEEE_1363.

   {
   if(format != IEEE_1363 && m_parts == 1)
      throw Invalid_Argument("PK_Verifier: This algorithm does not support DER encoding");
   m_sig_format = format;
   }

void Botan::PK_Verifier::update ( uint8_t  in )

inline

Add a message part (single byte) of the message corresponding to the signature to be verified.

Parameters

in	the byte to add

Definition at line 347 of file pubkey.h.

References update().

Referenced by botan_pk_op_verify_update(), update(), Botan::Roughtime::Response::validate(), and verify_message().

{ update(&in, 1); }

void Botan::PK_Verifier::update	(	const uint8_t	msg_part[],
		size_t	length
	)

Add a message part of the message corresponding to the signature to be verified.

Parameters

msg_part	the new message part as a byte array
length	the length of the above byte array

Definition at line 331 of file pubkey.cpp.

   {
   m_op->update(in, length);
   }

template<typename Alloc >

void Botan::PK_Verifier::update ( const std::vector< uint8_t, Alloc > &  in )

inline

Add a message part of the message corresponding to the signature to be verified.

Parameters

in	the new message part

Definition at line 363 of file pubkey.h.

References update.

         {
         update(in.data(), in.size());
         }

void Botan::PK_Verifier::update ( const std::string &  in )

inline

Add a message part of the message corresponding to the signature to be verified.

Definition at line 372 of file pubkey.h.

References Botan::cast_char_ptr_to_uint8(), and update.

         {
         update(cast_char_ptr_to_uint8(in.data()), in.size());
         }

bool Botan::PK_Verifier::verify_message	(	const uint8_t	msg[],
		size_t	msg_length,
		const uint8_t	sig[],
		size_t	sig_length
	)

Verify a signature.

Parameters

msg	the message that the signature belongs to, as a byte array
msg_length	the length of the above byte array msg
sig	the signature as a byte array
sig_length	the length of the above byte array sig

Returns

true if the signature is valid

Definition at line 324 of file pubkey.cpp.

References check_signature(), and update().

Referenced by Botan::KeyPair::signature_consistency_check(), Botan::TLS::Callbacks::tls_verify_message(), Botan::X509_Object::verify_signature(), and Botan::OCSP::Response::verify_signature().

   {
   update(msg, msg_length);
   return check_signature(sig, sig_length);
   }

template<typename Alloc , typename Alloc2 >

bool Botan::PK_Verifier::verify_message ( const std::vector< uint8_t, Alloc > &  msg, const std::vector< uint8_t, Alloc2 > &  sig  )

inline

Verify a signature.

Parameters

msg	the message that the signature belongs to
sig	the signature

Returns

true if the signature is valid

Definition at line 335 of file pubkey.h.

         {
         return verify_message(msg.data(), msg.size(),
                               sig.data(), sig.size());
         }

---

The documentation for this class was generated from the following files:

• src/lib/pubkey/pubkey.h
• src/lib/pubkey/pubkey.cpp