/* * Choose a signing format for the key */ PK_Signer* choose_sig_format(const Private_Key& key, const std::string& hash_fn, AlgorithmIdentifier& sig_algo) { const std::string algo_name = key.algo_name(); std::unique_ptr<HashFunction> hash(HashFunction::create(hash_fn)); if(!hash) throw Algorithm_Not_Found(hash_fn); if(key.max_input_bits() < hash->output_length() * 8) throw Invalid_Argument("Key is too small for chosen hash function"); std::string padding; if(algo_name == "RSA") padding = "EMSA3"; else if(algo_name == "DSA") padding = "EMSA1"; else if(algo_name == "ECDSA") padding = "EMSA1_BSI"; else throw Invalid_Argument("Unknown X.509 signing key type: " + algo_name); const Signature_Format format = (key.message_parts() > 1) ? DER_SEQUENCE : IEEE_1363; padding = padding + "(" + hash->name() + ")"; sig_algo.oid = OIDS::lookup(algo_name + "/" + padding); sig_algo.parameters = key.algorithm_identifier().parameters; return new PK_Signer(key, padding, format); }
Hash_Filter::Hash_Filter(const std::string& hash_name, size_t len) : m_hash(HashFunction::create(hash_name)), m_out_len(len) { if(!m_hash) throw Algorithm_Not_Found(hash_name); }
EME* get_eme(const std::string& algo_spec) { #if defined(BOTAN_HAS_EME_RAW) if(algo_spec == "Raw") return new EME_Raw; #endif #if defined(BOTAN_HAS_EME_PKCS1v15) if(algo_spec == "PKCS1v15" || algo_spec == "EME-PKCS1-v1_5") return new EME_PKCS1v15; #endif #if defined(BOTAN_HAS_EME_OAEP) SCAN_Name req(algo_spec); if(req.algo_name() == "OAEP" || req.algo_name() == "EME-OAEP" || req.algo_name() == "EME1") { if(req.arg_count() == 1 || (req.arg_count() == 2 && req.arg(1) == "MGF1")) { if(auto hash = HashFunction::create(req.arg(0))) return new OAEP(hash.release()); } } #endif throw Algorithm_Not_Found(algo_spec); }
/* * Get an EME by name */ EME* get_eme(const std::string& algo_spec) { SCAN_Name request(algo_spec); Algorithm_Factory& af = global_state().algorithm_factory(); if(request.algo_name() == "Raw") return 0; // No padding #if defined(BOTAN_HAS_EME_PKCS1v15) if(request.algo_name() == "PKCS1v15" && request.arg_count() == 0) return new EME_PKCS1v15; #endif #if defined(BOTAN_HAS_EME1) if(request.algo_name() == "EME1" && request.arg_count_between(1, 2)) { if(request.arg_count() == 1 || (request.arg_count() == 2 && request.arg(1) == "MGF1")) { return new EME1(af.make_hash_function(request.arg(0))); } } #endif throw Algorithm_Not_Found(algo_spec); }
StreamCipher_Filter::StreamCipher_Filter(const std::string& sc_name) : m_buffer(DEFAULT_BUFFERSIZE), m_cipher(StreamCipher::create(sc_name)) { if(!m_cipher) throw Algorithm_Not_Found(sc_name); }
StreamCipher_Filter::StreamCipher_Filter(const std::string& sc_name, const SymmetricKey& key) : m_buffer(DEFAULT_BUFFERSIZE), m_cipher(StreamCipher::create(sc_name)) { if(!m_cipher) throw Algorithm_Not_Found(sc_name); m_cipher->set_key(key); }
KDF* get_kdf(const std::string& algo_spec) { SCAN_Name request(algo_spec); if(request.algo_name() == "Raw") return nullptr; // No KDF if(KDF* kdf = make_a<KDF>(algo_spec)) return kdf; throw Algorithm_Not_Found(algo_spec); }
EME* get_eme(const std::string& algo_spec) { SCAN_Name request(algo_spec); if(EME* eme = make_a<EME>(Botan::EME::Spec(algo_spec))) return eme; if(request.algo_name() == "Raw") return nullptr; // No padding throw Algorithm_Not_Found(algo_spec); }
KDF* get_kdf(const std::string& algo_spec) { SCAN_Name request(algo_spec); if(request.algo_name() == "Raw") return nullptr; // No KDF auto kdf = KDF::create(algo_spec); if(!kdf) throw Algorithm_Not_Found(algo_spec); return kdf.release(); }
/* * Get an EMSA by name */ EMSA* get_emsa(const std::string& algo_spec) { SCAN_Name request(algo_spec); Algorithm_Factory& af = global_state().algorithm_factory(); #if defined(BOTAN_HAS_EMSA_RAW) if(request.algo_name() == "Raw" && request.arg_count() == 0) return new EMSA_Raw; #endif #if defined(BOTAN_HAS_EMSA1) if(request.algo_name() == "EMSA1" && request.arg_count() == 1) return new EMSA1(af.make_hash_function(request.arg(0))); #endif #if defined(BOTAN_HAS_EMSA1_BSI) if(request.algo_name() == "EMSA1_BSI" && request.arg_count() == 1) return new EMSA1_BSI(af.make_hash_function(request.arg(0))); #endif #if defined(BOTAN_HAS_EMSA2) if(request.algo_name() == "EMSA2" && request.arg_count() == 1) return new EMSA2(af.make_hash_function(request.arg(0))); #endif #if defined(BOTAN_HAS_EMSA3) if(request.algo_name() == "EMSA3" && request.arg_count() == 1) { if(request.arg(0) == "Raw") return new EMSA3_Raw; return new EMSA3(af.make_hash_function(request.arg(0))); } #endif #if defined(BOTAN_HAS_EMSA4) if(request.algo_name() == "EMSA4" && request.arg_count_between(1, 3)) { // 3 args: Hash, MGF, salt size (MGF is hardcoded MGF1 in Botan) if(request.arg_count() == 1) return new EMSA4(af.make_hash_function(request.arg(0))); if(request.arg_count() == 2 && request.arg(1) != "MGF1") return new EMSA4(af.make_hash_function(request.arg(0))); if(request.arg_count() == 3) return new EMSA4(af.make_hash_function(request.arg(0)), request.arg_as_u32bit(2, 0)); } #endif throw Algorithm_Not_Found(algo_spec); }
/* * Get a S2K algorithm by name */ S2K* get_s2k(const std::string& algo_spec) { SCAN_Name request(algo_spec); Algorithm_Factory& af = global_state().algorithm_factory(); #if defined(BOTAN_HAS_PBKDF1) if(request.algo_name() == "PBKDF1" && request.arg_count() == 1) return new PKCS5_PBKDF1(af.make_hash_function(request.arg(0))); #endif #if defined(BOTAN_HAS_PBKDF2) if(request.algo_name() == "PBKDF2" && request.arg_count() == 1) return new PKCS5_PBKDF2(new HMAC(af.make_hash_function(request.arg(0)))); #endif #if defined(BOTAN_HAS_PGPS2K) if(request.algo_name() == "OpenPGP-S2K" && request.arg_count() == 1) return new OpenPGP_S2K(af.make_hash_function(request.arg(0))); #endif throw Algorithm_Not_Found(algo_spec); }
/* * Get an KDF by name */ KDF* get_kdf(const std::string& algo_spec) { SCAN_Name request(algo_spec); Algorithm_Factory& af = global_state().algorithm_factory(); if(request.algo_name() == "Raw") return 0; // No KDF #if defined(BOTAN_HAS_KDF1) if(request.algo_name() == "KDF1" && request.arg_count() == 1) return new KDF1(af.make_hash_function(request.arg(0))); #endif #if defined(BOTAN_HAS_KDF2) if(request.algo_name() == "KDF2" && request.arg_count() == 1) return new KDF2(af.make_hash_function(request.arg(0))); #endif #if defined(BOTAN_HAS_X942_PRF) if(request.algo_name() == "X9.42-PRF" && request.arg_count() == 1) return new X942_PRF(request.arg(0)); // OID #endif #if defined(BOTAN_HAS_TLS_V10_PRF) if(request.algo_name() == "TLS-PRF" && request.arg_count() == 0) return new TLS_PRF; #endif #if defined(BOTAN_HAS_SSL_V3_PRF) if(request.algo_name() == "SSL3-PRF" && request.arg_count() == 0) return new SSL3_PRF; #endif throw Algorithm_Not_Found(algo_spec); }
EMSA* get_emsa(const std::string& algo_spec) { SCAN_Name req(algo_spec); #if defined(BOTAN_HAS_EMSA1) if(req.algo_name() == "EMSA1" && req.arg_count() == 1) { if(auto hash = HashFunction::create(req.arg(0))) return new EMSA1(hash.release()); } #endif #if defined(BOTAN_HAS_EMSA_PKCS1) if(req.algo_name() == "EMSA_PKCS1" || req.algo_name() == "EMSA-PKCS1-v1_5" || req.algo_name() == "EMSA3") { if(req.arg_count() == 2 && req.arg(0) == "Raw") { return new EMSA_PKCS1v15_Raw(req.arg(1)); } else if(req.arg_count() == 1) { if(req.arg(0) == "Raw") { return new EMSA_PKCS1v15_Raw; } else { if(auto hash = HashFunction::create(req.arg(0))) { return new EMSA_PKCS1v15(hash.release()); } } } } #endif #if defined(BOTAN_HAS_EMSA_PSSR) if(req.algo_name() == "PSSR" || req.algo_name() == "EMSA-PSS" || req.algo_name() == "PSS-MGF1" || req.algo_name() == "EMSA4") { if(req.arg_count_between(1, 3)) { if(req.arg(1, "MGF1") != "MGF1") return nullptr; // not supported if(auto h = HashFunction::create(req.arg(0))) { const size_t salt_size = req.arg_as_integer(2, h->output_length()); return new PSSR(h.release(), salt_size); } } } #endif #if defined(BOTAN_HAS_ISO_9796) if(req.algo_name() == "ISO_9796_DS2") { if(req.arg_count_between(1, 3)) { if(auto h = HashFunction::create(req.arg(0))) { const size_t salt_size = req.arg_as_integer(2, h->output_length()); const bool implicit = req.arg(1, "exp") == "imp"; return new ISO_9796_DS2(h.release(), implicit, salt_size); } } } //ISO-9796-2 DS 3 is deterministic and DS2 without a salt if(req.algo_name() == "ISO_9796_DS3") { if(req.arg_count_between(1, 2)) { if(auto h = HashFunction::create(req.arg(0))) { const bool implicit = req.arg(1, "exp") == "imp"; return new ISO_9796_DS3(h.release(), implicit); } } } #endif #if defined(BOTAN_HAS_EMSA_X931) if(req.algo_name() == "EMSA_X931" || req.algo_name() == "EMSA2" || req.algo_name() == "X9.31") { if(req.arg_count() == 1) { if(auto hash = HashFunction::create(req.arg(0))) { return new EMSA_X931(hash.release()); } } } #endif #if defined(BOTAN_HAS_EMSA_RAW) if(req.algo_name() == "Raw") { if(req.arg_count() == 0) { return new EMSA_Raw; } else { auto hash = HashFunction::create(req.arg(0)); if(hash) return new EMSA_Raw(hash->output_length()); } } #endif throw Algorithm_Not_Found(algo_spec); }
PK_Ops::Signature_with_EMSA::Signature_with_EMSA(const std::string& emsa) { m_emsa.reset(get_emsa(emsa)); if(!m_emsa) throw Algorithm_Not_Found(emsa); }
PK_Ops::Decryption_with_EME::Decryption_with_EME(const std::string& eme) { m_eme.reset(get_eme(eme)); if(!m_eme.get()) throw Algorithm_Not_Found(eme); }
PK_Ops::Verification_with_EMSA::Verification_with_EMSA(const std::string& emsa) { m_emsa.reset(get_emsa(emsa)); if(!m_emsa) throw Algorithm_Not_Found(emsa); }