bool BotanDSA::reconstructPrivateKey(PrivateKey** ppPrivateKey, ByteString& serialisedData)
{
// Check input
if ((ppPrivateKey == NULL) ||
(serialisedData.size() == 0))
{
return false;
}
BotanDSAPrivateKey* priv = new BotanDSAPrivateKey();
if (!priv->deserialise(serialisedData))
{
delete priv;
return false;
}
*ppPrivateKey = priv;
return true;
}
// Signing functions
bool BotanDSA::sign(PrivateKey* privateKey, const ByteString& dataToSign,
ByteString& signature, const std::string mechanism)
{
std::string lowerMechanism;
lowerMechanism.resize(mechanism.size());
std::transform(mechanism.begin(), mechanism.end(), lowerMechanism.begin(), tolower);
std::string emsa;
if (!lowerMechanism.compare("dsa"))
{
emsa = "Raw";
}
else
{
// Call default implementation
return AsymmetricAlgorithm::sign(privateKey, dataToSign, signature, mechanism);
}
// Check if the private key is the right type
if (!privateKey->isOfType(BotanDSAPrivateKey::type))
{
ERROR_MSG("Invalid key type supplied");
return false;
}
BotanDSAPrivateKey* pk = (BotanDSAPrivateKey*) privateKey;
Botan::DSA_PrivateKey* botanKey = pk->getBotanKey();
if (!botanKey)
{
ERROR_MSG("Could not get the Botan private key");
return false;
}
try
{
signer = new Botan::PK_Signer(*botanKey, emsa);
// Should we add DISABLE_FAULT_PROTECTION? Makes this operation faster.
}
catch (...)
{
ERROR_MSG("Could not create the signer token");
return false;
}
// Perform the signature operation
Botan::SecureVector<Botan::byte> signResult;
try
{
BotanRNG* rng = (BotanRNG*)BotanCryptoFactory::i()->getRNG();
signResult = signer->sign_message(dataToSign.const_byte_str(), dataToSign.size(), *rng->getRNG());
}
catch (...)
{
ERROR_MSG("Could not sign the data");
delete signer;
signer = NULL;
return false;
}
// Return the result
signature.resize(signResult.size());
memcpy(&signature[0], signResult.begin(), signResult.size());
delete signer;
signer = NULL;
return true;
}
// Signing functions
bool BotanDSA::sign(PrivateKey* privateKey, const ByteString& dataToSign,
ByteString& signature, const AsymMech::Type mechanism,
const void* param /* = NULL */, const size_t paramLen /* = 0 */)
{
std::string emsa;
if (mechanism == AsymMech::DSA)
{
emsa = "Raw";
}
else
{
// Call default implementation
return AsymmetricAlgorithm::sign(privateKey, dataToSign, signature, mechanism, param, paramLen);
}
// Check if the private key is the right type
if (!privateKey->isOfType(BotanDSAPrivateKey::type))
{
ERROR_MSG("Invalid key type supplied");
return false;
}
BotanDSAPrivateKey* pk = (BotanDSAPrivateKey*) privateKey;
Botan::DSA_PrivateKey* botanKey = pk->getBotanKey();
if (!botanKey)
{
ERROR_MSG("Could not get the Botan private key");
return false;
}
try
{
signer = new Botan::PK_Signer(*botanKey, emsa);
// Should we add DISABLE_FAULT_PROTECTION? Makes this operation faster.
}
catch (...)
{
ERROR_MSG("Could not create the signer token");
return false;
}
// Perform the signature operation
#if BOTAN_VERSION_MINOR == 11
std::vector<Botan::byte> signResult;
#else
Botan::SecureVector<Botan::byte> signResult;
#endif
try
{
BotanRNG* rng = (BotanRNG*)BotanCryptoFactory::i()->getRNG();
signResult = signer->sign_message(dataToSign.const_byte_str(), dataToSign.size(), *rng->getRNG());
}
catch (...)
{
ERROR_MSG("Could not sign the data");
delete signer;
signer = NULL;
return false;
}
// Return the result
signature.resize(signResult.size());
#if BOTAN_VERSION_MINOR == 11
memcpy(&signature[0], signResult.data(), signResult.size());
#else
memcpy(&signature[0], signResult.begin(), signResult.size());
#endif
delete signer;
signer = NULL;
return true;
}
bool BotanDSA::signInit(PrivateKey* privateKey, const std::string mechanism)
{
if (!AsymmetricAlgorithm::signInit(privateKey, mechanism))
{
return false;
}
// Check if the private key is the right type
if (!privateKey->isOfType(BotanDSAPrivateKey::type))
{
ERROR_MSG("Invalid key type supplied");
ByteString dummy;
AsymmetricAlgorithm::signFinal(dummy);
return false;
}
std::string lowerMechanism;
lowerMechanism.resize(mechanism.size());
std::transform(mechanism.begin(), mechanism.end(), lowerMechanism.begin(), tolower);
std::string emsa;
if (!lowerMechanism.compare("dsa-sha1"))
{
emsa = "EMSA1(SHA-160)";
}
else if (!lowerMechanism.compare("dsa-sha224"))
{
emsa = "EMSA1(SHA-224)";
}
else if (!lowerMechanism.compare("dsa-sha256"))
{
emsa = "EMSA1(SHA-256)";
}
else if (!lowerMechanism.compare("dsa-sha384"))
{
emsa = "EMSA1(SHA-384)";
}
else if (!lowerMechanism.compare("dsa-sha512"))
{
emsa = "EMSA1(SHA-512)";
}
else
{
ERROR_MSG("Invalid mechanism supplied (%s)", mechanism.c_str());
ByteString dummy;
AsymmetricAlgorithm::signFinal(dummy);
return false;
}
BotanDSAPrivateKey* pk = (BotanDSAPrivateKey*) currentPrivateKey;
Botan::DSA_PrivateKey* botanKey = pk->getBotanKey();
if (!botanKey)
{
ERROR_MSG("Could not get the Botan private key");
ByteString dummy;
AsymmetricAlgorithm::signFinal(dummy);
return false;
}
try
{
signer = new Botan::PK_Signer(*botanKey, emsa);
// Should we add DISABLE_FAULT_PROTECTION? Makes this operation faster.
}
catch (...)
{
ERROR_MSG("Could not create the signer token");
ByteString dummy;
AsymmetricAlgorithm::signFinal(dummy);
return false;
}
return true;
}
bool BotanDSA::signInit(PrivateKey* privateKey, const AsymMech::Type mechanism,
const void* param /* = NULL */, const size_t paramLen /* = 0 */)
{
if (!AsymmetricAlgorithm::signInit(privateKey, mechanism, param, paramLen))
{
return false;
}
// Check if the private key is the right type
if (!privateKey->isOfType(BotanDSAPrivateKey::type))
{
ERROR_MSG("Invalid key type supplied");
ByteString dummy;
AsymmetricAlgorithm::signFinal(dummy);
return false;
}
std::string emsa;
switch (mechanism)
{
case AsymMech::DSA_SHA1:
emsa = "EMSA1(SHA-160)";
break;
case AsymMech::DSA_SHA224:
emsa = "EMSA1(SHA-224)";
break;
case AsymMech::DSA_SHA256:
emsa = "EMSA1(SHA-256)";
break;
case AsymMech::DSA_SHA384:
emsa = "EMSA1(SHA-384)";
break;
case AsymMech::DSA_SHA512:
emsa = "EMSA1(SHA-512)";
break;
default:
ERROR_MSG("Invalid mechanism supplied (%i)", mechanism);
ByteString dummy;
AsymmetricAlgorithm::signFinal(dummy);
return false;
}
BotanDSAPrivateKey* pk = (BotanDSAPrivateKey*) currentPrivateKey;
Botan::DSA_PrivateKey* botanKey = pk->getBotanKey();
if (!botanKey)
{
ERROR_MSG("Could not get the Botan private key");
ByteString dummy;
AsymmetricAlgorithm::signFinal(dummy);
return false;
}
try
{
signer = new Botan::PK_Signer(*botanKey, emsa);
// Should we add DISABLE_FAULT_PROTECTION? Makes this operation faster.
}
catch (...)
{
ERROR_MSG("Could not create the signer token");
ByteString dummy;
AsymmetricAlgorithm::signFinal(dummy);
return false;
}
return true;
}
