/*
* Create a RSA private key
*/
RSA_PrivateKey::RSA_PrivateKey(RandomNumberGenerator& rng,
size_t bits, size_t exp)
{
if(bits < 1024)
throw Invalid_Argument(algo_name() + ": Can't make a key that is only " +
std::to_string(bits) + " bits long");
if(exp < 3 || exp % 2 == 0)
throw Invalid_Argument(algo_name() + ": Invalid encryption exponent");
e = exp;
do
{
p = random_prime(rng, (bits + 1) / 2, e);
q = random_prime(rng, bits - p.bits(), e);
n = p * q;
} while(n.bits() != bits);
d = inverse_mod(e, lcm(p - 1, q - 1));
d1 = d % (p - 1);
d2 = d % (q - 1);
c = inverse_mod(q, p);
gen_check(rng);
}
Test::Result
PK_Signature_NonVerification_Test::run_one_test(const std::string& pad_hdr, const VarMap& vars)
{
const std::string padding = choose_padding(vars, pad_hdr);
const std::vector<uint8_t> message = get_req_bin(vars, "Msg");
std::unique_ptr<Botan::Public_Key> pubkey = load_public_key(vars);
const std::vector<uint8_t> invalid_signature = get_req_bin(vars, "InvalidSignature");
Test::Result result(algo_name() + "/" + padding + " verify invalid signature");
for(auto const& verify_provider : possible_providers(algo_name()))
{
std::unique_ptr<Botan::PK_Verifier> verifier;
try
{
verifier.reset(new Botan::PK_Verifier(*pubkey, padding, Botan::IEEE_1363, verify_provider));
result.test_eq("incorrect signature rejected", verifier->verify_message(message, invalid_signature), false);
}
catch(Botan::Lookup_Error&)
{
result.test_note("Skipping verifying with " + verify_provider);
}
}
return result;
}
Test::Result PK_Key_Agreement_Test::run_one_test(const std::string& header, const VarMap& vars)
{
const std::vector<uint8_t> shared = get_req_bin(vars, "K");
const std::string kdf = get_opt_str(vars, "KDF", default_kdf(vars));
Test::Result result(algo_name() + "/" + kdf +
(header.empty() ? header : " " + header) +
" key agreement");
std::unique_ptr<Botan::Private_Key> privkey = load_our_key(header, vars);
const std::vector<uint8_t> pubkey = load_their_key(header, vars);
const size_t key_len = get_opt_sz(vars, "OutLen", 0);
for(auto const& provider : possible_providers(algo_name()))
{
std::unique_ptr<Botan::PK_Key_Agreement> kas;
try
{
kas.reset(new Botan::PK_Key_Agreement(*privkey, Test::rng(), kdf, provider));
result.test_eq(provider, "agreement", kas->derive_key(key_len, pubkey).bits_of(), shared);
}
catch(Botan::Lookup_Error&)
{
//result.test_note("Skipping key agreement with with " + provider);
}
}
return result;
}
std::unique_ptr<PK_Ops::Key_Agreement>
ECDH_PrivateKey::create_key_agreement_op(RandomNumberGenerator& rng,
const std::string& params,
const std::string& provider) const
{
#if defined(BOTAN_HAS_OPENSSL)
if(provider == "openssl" || provider.empty())
{
try
{
return make_openssl_ecdh_ka_op(*this, params);
}
catch(Lookup_Error&)
{
if(provider == "openssl")
throw;
}
}
#endif
if(provider == "base" || provider.empty())
return std::unique_ptr<PK_Ops::Key_Agreement>(new ECDH_KA_Operation(*this, params, rng));
throw Provider_Not_Found(algo_name(), provider);
}
std::unique_ptr<PK_Ops::Signature>
ECDSA_PrivateKey::create_signature_op(RandomNumberGenerator& /*rng*/,
const std::string& params,
const std::string& provider) const
{
#if defined(BOTAN_HAS_OPENSSL)
if(provider == "openssl" || provider.empty())
{
try
{
return make_openssl_ecdsa_sig_op(*this, params);
}
catch(Lookup_Error& e)
{
if(provider == "openssl")
throw;
}
}
#endif
if(provider == "base" || provider.empty())
return std::unique_ptr<PK_Ops::Signature>(new ECDSA_Signature_Operation(*this, params));
throw Provider_Not_Found(algo_name(), provider);
}
Test::Result
PK_Signature_Verification_Test::run_one_test(const std::string&, const VarMap& vars)
{
const std::vector<uint8_t> message = get_req_bin(vars, "Msg");
const std::vector<uint8_t> signature = get_req_bin(vars, "Signature");
const std::string padding = get_opt_str(vars, "Padding", default_padding(vars));
std::unique_ptr<Botan::Public_Key> pubkey = load_public_key(vars);
Test::Result result(algo_name() + "/" + padding + " signature verification");
for(auto&& verify_provider : possible_pk_providers())
{
std::unique_ptr<Botan::PK_Verifier> verifier;
try
{
verifier.reset(new Botan::PK_Verifier(*pubkey, padding, Botan::IEEE_1363, verify_provider));
result.test_eq("correct signature valid", verifier->verify_message(message, signature), true);
check_invalid_signatures(result, *verifier, message, signature);
}
catch(Botan::Lookup_Error&)
{
result.test_note("Skipping verifying with " + verify_provider);
}
}
return result;
}
Test::Result
PK_Signature_Generation_Test::run_one_test(const std::string&, const VarMap& vars)
{
const std::vector<uint8_t> message = get_req_bin(vars, "Msg");
const std::vector<uint8_t> signature = get_req_bin(vars, "Signature");
const std::string padding = get_opt_str(vars, "Padding", default_padding(vars));
std::unique_ptr<Botan::RandomNumberGenerator> rng;
if(vars.count("Nonce"))
{
rng.reset(new Fixed_Output_RNG(get_req_bin(vars, "Nonce")));
}
Test::Result result(algo_name() + "/" + padding + " signature generation");
std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars);
std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(Botan::X509::BER_encode(*privkey)));
Botan::PK_Signer signer(*privkey, padding);
Botan::PK_Verifier verifier(*pubkey, padding);
const std::vector<uint8_t> generated_signature = signer.sign_message(message, rng ? *rng : Test::rng());
result.test_eq("generated signature matches KAT", generated_signature, signature);
result.test_eq("generated signature valid", verifier.verify_message(message, generated_signature), true);
check_invalid_signatures(result, verifier, message, signature);
result.test_eq("correct signature valid", verifier.verify_message(message, signature), true);
return result;
}
Test::Result
PK_Encryption_Decryption_Test::run_one_test(const std::string&, const VarMap& vars)
{
const std::vector<uint8_t> plaintext = get_req_bin(vars, "Msg");
const std::vector<uint8_t> ciphertext = get_req_bin(vars, "Ciphertext");
const std::string padding = get_opt_str(vars, "Padding", default_padding(vars));
std::unique_ptr<Botan::RandomNumberGenerator> kat_rng;
if(vars.count("Nonce"))
{
kat_rng.reset(new Fixed_Output_RNG(get_req_bin(vars, "Nonce")));
}
Test::Result result(algo_name() + "/" + padding + " decryption");
std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars);
// instead slice the private key to work around elgamal test inputs
//std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(Botan::X509::BER_encode(*privkey)));
Botan::PK_Encryptor_EME encryptor(*privkey, padding);
result.test_eq("encryption", encryptor.encrypt(plaintext, kat_rng ? *kat_rng : Test::rng()), ciphertext);
Botan::PK_Decryptor_EME decryptor(*privkey, padding);
result.test_eq("decryption", decryptor.decrypt(ciphertext), plaintext);
check_invalid_ciphertexts(result, decryptor, plaintext, ciphertext);
return result;
}
/*************************************************
* Derive a key *
*************************************************/
SecureVector<byte> DH_PrivateKey::derive_key(const BigInt& w) const
{
const BigInt& p = group_p();
if(w <= 1 || w >= p-1)
throw Invalid_Argument(algo_name() + "::derive_key: Invalid key input");
return BigInt::encode_1363(core.agree(w), p.bytes());
}
Test::Result PK_KEM_Test::run_one_test(const std::string&, const VarMap& vars)
{
const std::vector<uint8_t> K = get_req_bin(vars, "K");
const std::vector<uint8_t> C0 = get_req_bin(vars, "C0");
const std::vector<uint8_t> salt = get_opt_bin(vars, "Salt");
const std::string kdf = get_req_str(vars, "KDF");
Test::Result result(algo_name() + "/" + kdf + " KEM");
std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars);
const Botan::Public_Key& pubkey = *privkey;
const size_t desired_key_len = K.size();
std::unique_ptr<Botan::PK_KEM_Encryptor> enc;
try
{
enc.reset(new Botan::PK_KEM_Encryptor(pubkey, Test::rng(), kdf));
}
catch(Botan::Lookup_Error&)
{
result.test_note("Skipping due to missing KDF: " + kdf);
return result;
}
Fixed_Output_RNG fixed_output_rng(get_req_bin(vars, "R"));
Botan::secure_vector<uint8_t> produced_encap_key, shared_key;
enc->encrypt(produced_encap_key,
shared_key,
desired_key_len,
fixed_output_rng,
salt);
result.test_eq("C0 matches", produced_encap_key, C0);
result.test_eq("K matches", shared_key, K);
std::unique_ptr<Botan::PK_KEM_Decryptor> dec;
try
{
dec.reset(new Botan::PK_KEM_Decryptor(*privkey, Test::rng(), kdf));
}
catch(Botan::Lookup_Error& e)
{
result.test_note("Skipping test", e.what());
return result;
}
const Botan::secure_vector<uint8_t> decr_shared_key =
dec->decrypt(C0.data(), C0.size(),
desired_key_len,
salt.data(),
salt.size());
result.test_eq("decrypted K matches", decr_shared_key, K);
return result;
}
std::unique_ptr<PK_Ops::Verification>
ECKCDSA_PublicKey::create_verification_op(const std::string& params,
const std::string& provider) const
{
if(provider == "base" || provider.empty())
return std::unique_ptr<PK_Ops::Verification>(new ECKCDSA_Verification_Operation(*this, params));
throw Provider_Not_Found(algo_name(), provider);
}
std::unique_ptr<PK_Ops::Key_Agreement>
DH_PrivateKey::create_key_agreement_op(RandomNumberGenerator& rng,
const std::string& params,
const std::string& provider) const
{
if(provider == "base" || provider.empty())
return std::unique_ptr<PK_Ops::Key_Agreement>(new DH_KA_Operation(*this, params, rng));
throw Provider_Not_Found(algo_name(), provider);
}
std::unique_ptr<PK_Ops::Signature>
ECKCDSA_PrivateKey::create_signature_op(RandomNumberGenerator& /*rng*/,
const std::string& params,
const std::string& provider) const
{
if(provider == "base" || provider.empty())
return std::unique_ptr<PK_Ops::Signature>(new ECKCDSA_Signature_Operation(*this, params));
throw Provider_Not_Found(algo_name(), provider);
}
Test::Result PK_Key_Agreement_Test::run_one_test(const std::string&, const VarMap& vars)
{
const std::vector<uint8_t> shared = get_req_bin(vars, "K");
const std::string kdf = get_opt_str(vars, "KDF", default_kdf(vars));
Test::Result result(algo_name() + "/" + kdf + " key agreement");
std::unique_ptr<Botan::Private_Key> privkey = load_our_key(vars);
const std::vector<uint8_t> pubkey = load_their_key(vars);
const size_t key_len = get_opt_sz(vars, "OutLen", 0);
Botan::PK_Key_Agreement kas(*privkey, kdf);
result.test_eq("agreement", kas.derive_key(key_len, pubkey).bits_of(), shared);
return result;
}
Test::Result
PK_Signature_Verification_Test::run_one_test(const std::string&, const VarMap& vars)
{
const std::vector<uint8_t> message = get_req_bin(vars, "Msg");
const std::vector<uint8_t> signature = get_req_bin(vars, "Signature");
const std::string padding = get_opt_str(vars, "Padding", default_padding(vars));
std::unique_ptr<Botan::Public_Key> pubkey = load_public_key(vars);
Test::Result result(algo_name() + "/" + padding + " signature verification");
Botan::PK_Verifier verifier(*pubkey, padding);
result.test_eq("correct signature valid", verifier.verify_message(message, signature), true);
check_invalid_signatures(result, verifier, message, signature);
return result;
}
std::string SCAN_Name::algo_name_and_args() const
{
std::string out;
out = algo_name();
if(arg_count())
{
out += '(';
for(size_t i = 0; i != arg_count(); ++i)
{
out += arg(i);
if(i != arg_count() - 1)
out += ',';
}
out += ')';
}
return out;
}
std::unique_ptr<PK_Ops::Verification>
ECDSA_PublicKey::create_verification_op(const std::string& params,
const std::string& provider) const
{
#if defined(BOTAN_HAS_BEARSSL)
if(provider == "bearssl" || provider.empty())
{
try
{
return make_bearssl_ecdsa_ver_op(*this, params);
}
catch(Lookup_Error& e)
{
if(provider == "bearssl")
throw;
}
}
#endif
#if defined(BOTAN_HAS_OPENSSL)
if(provider == "openssl" || provider.empty())
{
try
{
return make_openssl_ecdsa_ver_op(*this, params);
}
catch(Lookup_Error& e)
{
if(provider == "openssl")
throw;
}
}
#endif
if(provider == "base" || provider.empty())
return std::unique_ptr<PK_Ops::Verification>(new ECDSA_Verification_Operation(*this, params));
throw Provider_Not_Found(algo_name(), provider);
}
Test::Result
PK_Signature_Generation_Test::run_one_test(const std::string& pad_hdr, const VarMap& vars)
{
const std::vector<uint8_t> message = get_req_bin(vars, "Msg");
const std::vector<uint8_t> signature = get_req_bin(vars, "Signature");
const std::string padding = choose_padding(vars, pad_hdr);
Test::Result result(algo_name() + "/" + padding + " signature generation");
std::unique_ptr<Botan::Private_Key> privkey;
try
{
privkey = load_private_key(vars);
}
catch(Botan::Lookup_Error& e)
{
result.note_missing(e.what());
return result;
}
std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(Botan::X509::BER_encode(*privkey)));
std::vector<std::unique_ptr<Botan::PK_Verifier>> verifiers;
for(auto const& verify_provider : possible_providers(algo_name()))
{
std::unique_ptr<Botan::PK_Verifier> verifier;
try
{
verifier.reset(new Botan::PK_Verifier(*pubkey, padding, Botan::IEEE_1363, verify_provider));
}
catch(Botan::Lookup_Error&)
{
//result.test_note("Skipping verifying with " + verify_provider);
continue;
}
result.test_eq("KAT signature valid", verifier->verify_message(message, signature), true);
check_invalid_signatures(result, *verifier, message, signature);
verifiers.push_back(std::move(verifier));
}
for(auto const& sign_provider : possible_providers(algo_name()))
{
std::unique_ptr<Botan::RandomNumberGenerator> rng;
if(vars.count("Nonce"))
{
rng.reset(test_rng(get_req_bin(vars, "Nonce")));
}
std::unique_ptr<Botan::PK_Signer> signer;
std::vector<uint8_t> generated_signature;
try
{
signer.reset(new Botan::PK_Signer(*privkey, Test::rng(), padding, Botan::IEEE_1363, sign_provider));
generated_signature = signer->sign_message(message, rng ? *rng : Test::rng());
}
catch(Botan::Lookup_Error&)
{
//result.test_note("Skipping signing with " + sign_provider);
continue;
}
if(sign_provider == "base")
{
result.test_eq("generated signature matches KAT", generated_signature, signature);
}
else if(generated_signature != signature)
{
for(std::unique_ptr<Botan::PK_Verifier>& verifier : verifiers)
{
if(!result.test_eq("generated signature valid",
verifier->verify_message(message, generated_signature), true))
{
result.test_failure("generated signature", generated_signature);
}
}
}
}
return result;
}
Test::Result
PK_Encryption_Decryption_Test::run_one_test(const std::string& pad_hdr, const VarMap& vars)
{
const std::vector<uint8_t> plaintext = get_req_bin(vars, "Msg");
const std::vector<uint8_t> ciphertext = get_req_bin(vars, "Ciphertext");
const std::string padding = choose_padding(vars, pad_hdr);
Test::Result result(algo_name() + (padding.empty() ? padding : "/" + padding) + " decryption");
std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars);
// instead slice the private key to work around elgamal test inputs
//std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(Botan::X509::BER_encode(*privkey)));
Botan::Public_Key* pubkey = privkey.get();
std::vector<std::unique_ptr<Botan::PK_Decryptor>> decryptors;
for(auto const& dec_provider : possible_providers(algo_name()))
{
std::unique_ptr<Botan::PK_Decryptor> decryptor;
try
{
decryptor.reset(new Botan::PK_Decryptor_EME(*privkey, Test::rng(), padding, dec_provider));
}
catch(Botan::Lookup_Error&)
{
continue;
}
Botan::secure_vector<uint8_t> decrypted;
try
{
decrypted = decryptor->decrypt(ciphertext);
}
catch(Botan::Exception& e)
{
result.test_failure("Failed to decrypt KAT ciphertext", e.what());
}
result.test_eq(dec_provider, "decryption of KAT", decrypted, plaintext);
check_invalid_ciphertexts(result, *decryptor, plaintext, ciphertext);
}
for(auto const& enc_provider : possible_providers(algo_name()))
{
std::unique_ptr<Botan::PK_Encryptor> encryptor;
try
{
encryptor.reset(new Botan::PK_Encryptor_EME(*pubkey, Test::rng(), padding, enc_provider));
}
catch(Botan::Lookup_Error&)
{
continue;
}
std::unique_ptr<Botan::RandomNumberGenerator> kat_rng;
if(vars.count("Nonce"))
{
kat_rng.reset(test_rng(get_req_bin(vars, "Nonce")));
}
if(padding == "Raw")
{
/*
Hack for RSA with no padding since sometimes one more bit will fit in but maximum_input_size
rounds down to nearest byte
*/
result.test_lte("Input within accepted bounds",
plaintext.size(), encryptor->maximum_input_size() + 1);
}
else
{
result.test_lte("Input within accepted bounds",
plaintext.size(), encryptor->maximum_input_size());
}
const std::vector<uint8_t> generated_ciphertext =
encryptor->encrypt(plaintext, kat_rng ? *kat_rng : Test::rng());
if(enc_provider == "base")
{
result.test_eq(enc_provider, "generated ciphertext matches KAT",
generated_ciphertext, ciphertext);
}
else if(generated_ciphertext != ciphertext)
{
for(std::unique_ptr<Botan::PK_Decryptor>& dec : decryptors)
{
result.test_eq("decryption of generated ciphertext",
dec->decrypt(generated_ciphertext), plaintext);
}
}
}
return result;
}
std::vector<Test::Result> PK_Key_Generation_Test::run()
{
std::vector<Test::Result> results;
for(auto const& param : keygen_params())
{
const std::string report_name = algo_name() + (param.empty() ? param : " " + param);
Test::Result result(report_name + " keygen");
const std::vector<std::string> providers = possible_providers(algo_name());
if(providers.empty())
{
result.note_missing("provider key generation " + algo_name());
}
result.start_timer();
for(auto&& prov : providers)
{
std::unique_ptr<Botan::Private_Key> key_p =
Botan::create_private_key(algo_name(), Test::rng(), param, prov);
const Botan::Private_Key& key = *key_p;
try
{
result.confirm("Key passes self tests", key.check_key(Test::rng(), true));
}
catch(Botan::Lookup_Error&) {}
result.test_gte("Key has reasonable estimated strength (lower)", key.estimated_strength(), 64);
result.test_lt("Key has reasonable estimated strength (upper)", key.estimated_strength(), 512);
// Test PEM public key round trips OK
try
{
Botan::DataSource_Memory data_src(Botan::X509::PEM_encode(key));
std::unique_ptr<Botan::Public_Key> loaded(Botan::X509::load_key(data_src));
result.confirm("recovered public key from private", loaded.get() != nullptr);
result.test_eq("public key has same type", loaded->algo_name(), key.algo_name());
try
{
result.test_eq("public key passes checks", loaded->check_key(Test::rng(), false), true);
}
catch(Botan::Lookup_Error&) {}
}
catch(std::exception& e)
{
result.test_failure("roundtrip PEM public key", e.what());
}
// Test DER public key round trips OK
try
{
Botan::DataSource_Memory data_src(Botan::X509::BER_encode(key));
std::unique_ptr<Botan::Public_Key> loaded(Botan::X509::load_key(data_src));
result.confirm("recovered public key from private", loaded.get() != nullptr);
result.test_eq("public key has same type", loaded->algo_name(), key.algo_name());
try
{
result.confirm("public key passes self tests", loaded->check_key(Test::rng(), true));
}
catch(Botan::Lookup_Error&) {}
}
catch(std::exception& e)
{
result.test_failure("roundtrip BER public key", e.what());
}
// Test PEM private key round trips OK
try
{
Botan::DataSource_Memory data_src(Botan::PKCS8::PEM_encode(key));
std::unique_ptr<Botan::Private_Key> loaded(
Botan::PKCS8::load_key(data_src, Test::rng()));
result.confirm("recovered private key from PEM blob", loaded.get() != nullptr);
result.test_eq("reloaded key has same type", loaded->algo_name(), key.algo_name());
try
{
result.confirm("private key passes self tests", loaded->check_key(Test::rng(), true));
}
catch(Botan::Lookup_Error&) {}
}
catch(std::exception& e)
{
result.test_failure("roundtrip PEM private key", e.what());
}
try
{
Botan::DataSource_Memory data_src(Botan::PKCS8::BER_encode(key));
std::unique_ptr<Botan::Public_Key> loaded(Botan::PKCS8::load_key(data_src, Test::rng()));
result.confirm("recovered public key from private", loaded.get() != nullptr);
result.test_eq("public key has same type", loaded->algo_name(), key.algo_name());
try
{
result.confirm("private key passes self tests", loaded->check_key(Test::rng(), true));
}
catch(Botan::Lookup_Error&) {}
}
catch(std::exception& e)
{
result.test_failure("roundtrip BER private key", e.what());
}
#if defined(BOTAN_HAS_PKCS5_PBE2) && defined(BOTAN_HAS_AES) && defined(BOTAN_HAS_SHA2_32)
const std::string pbe_algo = "PBE-PKCS5v20(AES-128,SHA-256)";
const std::string passphrase = Test::random_password();
try
{
Botan::DataSource_Memory data_src(
Botan::PKCS8::PEM_encode(key, Test::rng(), passphrase,
std::chrono::milliseconds(10),
pbe_algo));
std::unique_ptr<Botan::Private_Key> loaded(
Botan::PKCS8::load_key(data_src, Test::rng(), passphrase));
result.confirm("recovered private key from encrypted blob", loaded.get() != nullptr);
result.test_eq("reloaded key has same type", loaded->algo_name(), key.algo_name());
try
{
result.confirm("private key passes self tests", loaded->check_key(Test::rng(), true));
}
catch(Botan::Lookup_Error&) {}
}
catch(std::exception& e)
{
result.test_failure("roundtrip encrypted PEM private key", e.what());
}
try
{
Botan::DataSource_Memory data_src(
Botan::PKCS8::BER_encode(key, Test::rng(), passphrase,
std::chrono::milliseconds(10),
pbe_algo));
std::unique_ptr<Botan::Private_Key> loaded(
Botan::PKCS8::load_key(data_src, Test::rng(), passphrase));
result.confirm("recovered private key from BER blob", loaded.get() != nullptr);
result.test_eq("reloaded key has same type", loaded->algo_name(), key.algo_name());
try
{
result.confirm("private key passes self tests", loaded->check_key(Test::rng(), true));
}
catch(Botan::Lookup_Error&) {}
}
catch(std::exception& e)
{
result.test_failure("roundtrip encrypted BER private key", e.what());
}
#endif
}
result.end_timer();
results.push_back(result);
}
return results;
}
Test::Result
PK_Signature_Generation_Test::run_one_test(const std::string&, const VarMap& vars)
{
const std::vector<uint8_t> message = get_req_bin(vars, "Msg");
const std::vector<uint8_t> signature = get_req_bin(vars, "Signature");
const std::string padding = get_opt_str(vars, "Padding", default_padding(vars));
Test::Result result(algo_name() + "/" + padding + " signature generation");
std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars);
std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(Botan::X509::BER_encode(*privkey)));
for(auto&& sign_provider : possible_pk_providers())
{
std::unique_ptr<Botan::PK_Signer> signer;
try
{
signer.reset(new Botan::PK_Signer(*privkey, padding, Botan::IEEE_1363, sign_provider));
}
catch(Botan::Lookup_Error&)
{
//result.test_note("Skipping signing with " + sign_provider);
continue;
}
std::unique_ptr<Botan::RandomNumberGenerator> rng;
if(vars.count("Nonce"))
{
rng.reset(new Fixed_Output_RNG(get_req_bin(vars, "Nonce")));
}
const std::vector<uint8_t> generated_signature =
signer->sign_message(message, rng ? *rng : Test::rng());
if(sign_provider == "base")
{
result.test_eq("generated signature matches KAT", generated_signature, signature);
}
for(auto&& verify_provider : possible_pk_providers())
{
std::unique_ptr<Botan::PK_Verifier> verifier;
try
{
verifier.reset(new Botan::PK_Verifier(*pubkey, padding, Botan::IEEE_1363, verify_provider));
}
catch(Botan::Lookup_Error&)
{
//result.test_note("Skipping verifying with " + verify_provider);
continue;
}
if(!result.test_eq("generated signature valid",
verifier->verify_message(message, generated_signature), true))
{
result.test_failure("generated signature", generated_signature);
}
check_invalid_signatures(result, *verifier, message, signature);
result.test_eq("KAT signature valid", verifier->verify_message(message, signature), true);
}
}
return result;
}
Test::Result
PK_Encryption_Decryption_Test::run_one_test(const std::string&, const VarMap& vars)
{
const std::vector<uint8_t> plaintext = get_req_bin(vars, "Msg");
const std::vector<uint8_t> ciphertext = get_req_bin(vars, "Ciphertext");
const std::string padding = get_opt_str(vars, "Padding", default_padding(vars));
Test::Result result(algo_name() + "/" + padding + " decryption");
std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars);
// instead slice the private key to work around elgamal test inputs
//std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(Botan::X509::BER_encode(*privkey)));
Botan::Public_Key* pubkey = privkey.get();
for(auto&& enc_provider : possible_pk_providers())
{
std::unique_ptr<Botan::PK_Encryptor> encryptor;
try
{
encryptor.reset(new Botan::PK_Encryptor_EME(*pubkey, padding, enc_provider));
}
catch(Botan::Lookup_Error&)
{
//result.test_note("Skipping encryption with provider " + enc_provider);
continue;
}
std::unique_ptr<Botan::RandomNumberGenerator> kat_rng;
if(vars.count("Nonce"))
{
kat_rng.reset(new Fixed_Output_RNG(get_req_bin(vars, "Nonce")));
}
const std::vector<uint8_t> generated_ciphertext =
encryptor->encrypt(plaintext, kat_rng ? *kat_rng : Test::rng());
if(enc_provider == "base")
{
result.test_eq("generated ciphertext matches KAT", generated_ciphertext, ciphertext);
}
for(auto&& dec_provider : possible_pk_providers())
{
std::unique_ptr<Botan::PK_Decryptor> decryptor;
try
{
decryptor.reset(new Botan::PK_Decryptor_EME(*privkey, padding, dec_provider));
}
catch(Botan::Lookup_Error&)
{
//result.test_note("Skipping decryption with provider " + dec_provider);
continue;
}
result.test_eq("decryption of KAT", decryptor->decrypt(ciphertext), plaintext);
check_invalid_ciphertexts(result, *decryptor, plaintext, ciphertext);
result.test_eq("decryption of generated ciphertext",
decryptor->decrypt(generated_ciphertext), plaintext);
}
}
return result;
}
