Botan
1.11.15
|
#include <pubkey.h>
Public Member Functions | |
bool | check_signature (const byte sig[], size_t length) |
template<typename Alloc > | |
bool | check_signature (const std::vector< byte, Alloc > &sig) |
PK_Verifier (const Public_Key &pub_key, const std::string &emsa, Signature_Format format=IEEE_1363) | |
void | set_input_format (Signature_Format format) |
void | update (byte in) |
void | update (const byte msg_part[], size_t length) |
void | update (const std::vector< byte > &in) |
bool | verify_message (const byte msg[], size_t msg_length, const byte sig[], size_t sig_length) |
template<typename Alloc , typename Alloc2 > | |
bool | verify_message (const std::vector< byte, Alloc > &msg, const std::vector< byte, Alloc2 > &sig) |
Public Key Verifier. Use the verify_message() functions for small messages. Use multiple calls update() to process large messages and verify the signature by finally calling check_signature().
Botan::PK_Verifier::PK_Verifier | ( | const Public_Key & | pub_key, |
const std::string & | emsa, | ||
Signature_Format | format = IEEE_1363 |
||
) |
Construct a PK Verifier.
pub_key | the public key to verify against |
emsa | the EMSA to use (eg "EMSA3(SHA-1)") |
format | the signature format to use |
Definition at line 225 of file pubkey.cpp.
References Botan::Public_Key::algo_name(), and Botan::get_emsa().
{ m_op.reset(get_pk_op<PK_Ops::Verification>(key, emsa_name)); if(!m_op) throw Lookup_Error("Verification with " + key.algo_name() + " not supported"); m_emsa.reset(get_emsa(emsa_name)); m_sig_format = format; }
bool Botan::PK_Verifier::check_signature | ( | const byte | sig[], |
size_t | length | ||
) |
Check the signature of the buffered message, i.e. the one build by successive calls to update.
sig | the signature to be verified as a byte array |
length | the length of the above byte array |
Definition at line 269 of file pubkey.cpp.
References Botan::BER_Decoder::decode(), Botan::DER_SEQUENCE, Botan::BigInt::encode_1363(), Botan::IEEE_1363, Botan::BER_Decoder::more_items(), Botan::SEQUENCE, Botan::BER_Decoder::start_cons(), and Botan::ASN1::to_string().
Referenced by botan_pk_op_verify_finish(), Botan::TLS::Server_Key_Exchange::verify(), and verify_message().
{ try { if(m_sig_format == IEEE_1363) return validate_signature(m_emsa->raw_data(), sig, length); else if(m_sig_format == DER_SEQUENCE) { BER_Decoder decoder(sig, length); BER_Decoder ber_sig = decoder.start_cons(SEQUENCE); size_t count = 0; std::vector<byte> real_sig; while(ber_sig.more_items()) { BigInt sig_part; ber_sig.decode(sig_part); real_sig += BigInt::encode_1363(sig_part, m_op->message_part_size()); ++count; } if(count != m_op->message_parts()) throw Decoding_Error("PK_Verifier: signature size invalid"); return validate_signature(m_emsa->raw_data(), &real_sig[0], real_sig.size()); } else throw Decoding_Error("PK_Verifier: Unknown signature format " + std::to_string(m_sig_format)); } catch(Invalid_Argument) { return false; } }
bool Botan::PK_Verifier::check_signature | ( | const std::vector< byte, Alloc > & | sig | ) | [inline] |
Check the signature of the buffered message, i.e. the one build by successive calls to update.
sig | the signature to be verified |
Definition at line 281 of file pubkey.h.
{ return check_signature(&sig[0], sig.size()); }
void Botan::PK_Verifier::set_input_format | ( | Signature_Format | format | ) |
Set the format of the signatures fed to this verifier.
format | the signature format to use |
Definition at line 241 of file pubkey.cpp.
References Botan::IEEE_1363.
{ if(m_op->message_parts() == 1 && format != IEEE_1363) throw Invalid_State("PK_Verifier: This algorithm always uses IEEE 1363"); m_sig_format = format; }
void Botan::PK_Verifier::update | ( | byte | in | ) | [inline] |
Add a message part (single byte) of the message corresponding to the signature to be verified.
in | the byte to add |
Definition at line 247 of file pubkey.h.
References update().
Referenced by botan_pk_op_verify_update(), update(), Botan::TLS::Server_Key_Exchange::verify(), and verify_message().
{ update(&in, 1); }
void Botan::PK_Verifier::update | ( | const byte | msg_part[], |
size_t | length | ||
) |
Add a message part of the message corresponding to the signature to be verified.
msg_part | the new message part as a byte array |
length | the length of the above byte array |
Definition at line 261 of file pubkey.cpp.
{ m_emsa->update(in, length); }
void Botan::PK_Verifier::update | ( | const std::vector< byte > & | in | ) | [inline] |
bool Botan::PK_Verifier::verify_message | ( | const byte | msg[], |
size_t | msg_length, | ||
const byte | sig[], | ||
size_t | sig_length | ||
) |
Verify a signature.
msg | the message that the signature belongs to, as a byte array |
msg_length | the length of the above byte array msg |
sig | the signature as a byte array |
sig_length | the length of the above byte array sig |
Definition at line 251 of file pubkey.cpp.
References check_signature(), and update().
Referenced by Botan::EAC_Signed_Object::check_signature(), Botan::X509_Object::check_signature(), Botan::KeyPair::signature_consistency_check(), and Botan::TLS::Certificate_Verify::verify().
{ update(msg, msg_length); return check_signature(sig, sig_length); }
bool Botan::PK_Verifier::verify_message | ( | const std::vector< byte, Alloc > & | msg, |
const std::vector< byte, Alloc2 > & | sig | ||
) | [inline] |
Verify a signature.
msg | the message that the signature belongs to |
sig | the signature |
Definition at line 235 of file pubkey.h.
{ return verify_message(&msg[0], msg.size(), &sig[0], sig.size()); }