Botan  1.11.15
src/lib/pubkey/keypair/keypair.cpp
Go to the documentation of this file.
00001 /*
00002 * Keypair Checks
00003 * (C) 1999-2010 Jack Lloyd
00004 *
00005 * Botan is released under the Simplified BSD License (see license.txt)
00006 */
00007 
00008 #include <botan/keypair.h>
00009 #include <botan/pubkey.h>
00010 
00011 namespace Botan {
00012 
00013 namespace KeyPair {
00014 
00015 /*
00016 * Check an encryption key pair for consistency
00017 */
00018 bool encryption_consistency_check(RandomNumberGenerator& rng,
00019                                   const Private_Key& key,
00020                                   const std::string& padding)
00021    {
00022    PK_Encryptor_EME encryptor(key, padding);
00023    PK_Decryptor_EME decryptor(key, padding);
00024 
00025    /*
00026    Weird corner case, if the key is too small to encrypt anything at
00027    all. This can happen with very small RSA keys with PSS
00028    */
00029    if(encryptor.maximum_input_size() == 0)
00030       return true;
00031 
00032    std::vector<byte> plaintext =
00033       unlock(rng.random_vec(encryptor.maximum_input_size() - 1));
00034 
00035    std::vector<byte> ciphertext = encryptor.encrypt(plaintext, rng);
00036    if(ciphertext == plaintext)
00037       return false;
00038 
00039    std::vector<byte> decrypted = unlock(decryptor.decrypt(ciphertext));
00040 
00041    return (plaintext == decrypted);
00042    }
00043 
00044 /*
00045 * Check a signature key pair for consistency
00046 */
00047 bool signature_consistency_check(RandomNumberGenerator& rng,
00048                                  const Private_Key& key,
00049                                  const std::string& padding)
00050    {
00051    PK_Signer signer(key, padding);
00052    PK_Verifier verifier(key, padding);
00053 
00054    std::vector<byte> message = unlock(rng.random_vec(16));
00055 
00056    std::vector<byte> signature;
00057 
00058    try
00059       {
00060       signature = signer.sign_message(message, rng);
00061       }
00062    catch(Encoding_Error)
00063       {
00064       return false;
00065       }
00066 
00067    if(!verifier.verify_message(message, signature))
00068       return false;
00069 
00070    // Now try to check a corrupt signature, ensure it does not succeed
00071    ++message[0];
00072 
00073    if(verifier.verify_message(message, signature))
00074       return false;
00075 
00076    return true;
00077    }
00078 
00079 }
00080 
00081 }