Add PK_Signature_Options

This allows controlling all details of how signatures are created,
without having to stuff values into the single parameters string
which was previously available.

Author: randombit

src/cli/pubkey.cpp

@@ -21,10 +21,10 @@
    #include <botan/pkcs8.h>
    #include <botan/pubkey.h>
    #include <botan/x509_key.h>
+   #include <botan/internal/pk_options.h>
    #include <botan/internal/workfactor.h>
 
    #include <fstream>
-   #include <sstream>
 
    #if defined(BOTAN_HAS_DL_GROUP)
       #include <botan/dl_group.h>
@@ -97,26 +97,17 @@ BOTAN_REGISTER_COMMAND("keygen", PK_Keygen);
 
 namespace {
 
-std::string choose_sig_padding(const std::string& key, const std::string& padding, const std::string& hash) {
-   if(key == "RSA") {
-      std::ostringstream oss;
-      if(padding.empty()) {
-         oss << "PSS";
-      } else {
-         oss << padding;
-      }
-
-      oss << "(" << hash << ")";
-      return oss.str();
-   } else if(padding.empty()) {
-      return hash;
-   } else if(hash.empty()) {
-      return padding;
-   } else {
-      std::ostringstream oss;
-      oss << padding << "(" << hash << ")";
-      return oss.str();
+Botan::PK_Signature_Options sig_options(
+   std::string_view key, std::string_view padding, std::string_view hash, bool use_der, std::string_view provider) {
+   if(key == "RSA" && padding.empty()) {
+      return sig_options(key, "PSS", hash, use_der, provider);
    }
+
+   return Botan::PK_Signature_Options()
+      .with_hash(hash)
+      .with_padding(padding)
+      .with_der_encoded_signature(use_der)
+      .with_provider(provider);
 }
 
 }  // namespace
@@ -196,21 +187,14 @@ class PK_Sign final : public Command {
             throw CLI_Error_Unsupported("hashing", hash_fn);
          }
 
-         const std::string sig_padding = choose_sig_padding(key->algo_name(), get_arg("padding"), hash_fn);
-
-         auto format = Botan::Signature_Format::Standard;
-
-         if(flag_set("der-format")) {
-            if(!key->_signature_element_size_for_DER_encoding()) {
-               throw CLI_Usage_Error("Key type " + key->algo_name() +
-                                     " does not support DER formatting for signatures");
-            }
-            format = Botan::Signature_Format::DerSequence;
+         if(flag_set("der-format") && !key->_signature_element_size_for_DER_encoding()) {
+            throw CLI_Usage_Error("Key type " + key->algo_name() + " does not support DER formatting for signatures");
          }
 
-         const std::string provider = get_arg("provider");
+         const auto options =
+            sig_options(key->algo_name(), get_arg("padding"), hash_fn, flag_set("der-format"), get_arg("provider"));
 
-         Botan::PK_Signer signer(*key, rng(), sig_padding, format, provider);
+         Botan::PK_Signer signer(*key, rng(), options);
 
          auto onData = [&signer](const uint8_t b[], size_t l) { signer.update(b, l); };
          Command::read_file(get_arg("file"), onData);
@@ -254,18 +238,9 @@ class PK_Verify final : public Command {
             throw CLI_Error_Unsupported("hashing", hash_fn);
          }
 
-         const std::string sig_padding = choose_sig_padding(key->algo_name(), get_arg("padding"), hash_fn);
-
-         auto format = Botan::Signature_Format::Standard;
-         if(flag_set("der-format")) {
-            if(key->message_parts() == 1) {
-               throw CLI_Usage_Error("Key type " + key->algo_name() +
-                                     " does not support DER formatting for signatures");
-            }
-            format = Botan::Signature_Format::DerSequence;
-         }
+         const auto options = sig_options(key->algo_name(), get_arg("padding"), hash_fn, flag_set("der-format"), "");
 
-         Botan::PK_Verifier verifier(*key, sig_padding, format);
+         Botan::PK_Verifier verifier(*key, options);
          auto onData = [&verifier](const uint8_t b[], size_t l) { verifier.update(b, l); };
          Command::read_file(get_arg("file"), onData);
 

src/examples/pkcs10_csr_on_tpm2.cpp

@@ -2,7 +2,7 @@
 
 #include <botan/build.h>
 
-#if defined(BOTAN_HAS_TPM2)
+#if defined(BOTAN_HAS_TPM2) && defined(BOTAN_HAS_TPM2_RSA)
 
    #include <botan/auto_rng.h>
    #include <botan/hex.h>

src/lib/pk_pad/sig_padding/emsa_pkcs1/pkcs1_sig_padding.cpp

@@ -100,11 +100,16 @@ PKCS1v15_Raw_SignaturePaddingScheme::PKCS1v15_Raw_SignaturePaddingScheme() : m_h
    // m_hash_id, m_hash_name left empty
 }
 
-PKCS1v15_Raw_SignaturePaddingScheme::PKCS1v15_Raw_SignaturePaddingScheme(std::string_view hash_algo) {
-   std::unique_ptr<HashFunction> hash(HashFunction::create_or_throw(hash_algo));
-   m_hash_id = pkcs_hash_id(hash_algo);
-   m_hash_name = hash->name();
-   m_hash_output_len = hash->output_length();
+PKCS1v15_Raw_SignaturePaddingScheme::PKCS1v15_Raw_SignaturePaddingScheme(const std::optional<std::string>& hash_algo) {
+   if(hash_algo) {
+      std::unique_ptr<HashFunction> hash(HashFunction::create_or_throw(hash_algo.value()));
+      m_hash_id = pkcs_hash_id(hash->name());
+      m_hash_name = hash->name();
+      m_hash_output_len = hash->output_length();
+   } else {
+      m_hash_output_len = 0;
+      // m_hash_id, m_hash_name left empty
+   }
 }
 
 void PKCS1v15_Raw_SignaturePaddingScheme::update(const uint8_t input[], size_t length) {

src/lib/pk_pad/sig_padding/emsa_pkcs1/pkcs1_sig_padding.h

@@ -11,8 +11,8 @@
 #include <botan/internal/sig_padding.h>
 
 #include <memory>
+#include <optional>
 #include <string>
-#include <string_view>
 #include <vector>
 
 namespace Botan {
@@ -73,7 +73,7 @@ class PKCS1v15_Raw_SignaturePaddingScheme final : public SignaturePaddingScheme
       * @param hash_algo the digest id for that hash is included in
       * the signature.
       */
-      explicit PKCS1v15_Raw_SignaturePaddingScheme(std::string_view hash_algo);
+      explicit PKCS1v15_Raw_SignaturePaddingScheme(const std::optional<std::string>& hash_algo = std::nullopt);
 
       std::string hash_function() const override { return m_hash_name; }
 

src/lib/pk_pad/sig_padding/emsa_pssr/pssr.cpp

@@ -145,11 +145,10 @@ bool pss_verify(HashFunction& hash,
 
 }  // namespace
 
-PSSR::PSSR(std::unique_ptr<HashFunction> hash) :
-      m_hash(std::move(hash)), m_salt_size(m_hash->output_length()), m_required_salt_len(false) {}
-
-PSSR::PSSR(std::unique_ptr<HashFunction> hash, size_t salt_size) :
-      m_hash(std::move(hash)), m_salt_size(salt_size), m_required_salt_len(true) {}
+PSSR::PSSR(std::unique_ptr<HashFunction> hash, std::optional<size_t> salt_size) :
+      m_hash(std::move(hash)),
+      m_salt_size(salt_size.value_or(m_hash->output_length())),
+      m_required_salt_len(salt_size.has_value()) {}
 
 /*
 * PSSR Update Operation
@@ -192,11 +191,10 @@ std::string PSSR::name() const {
    return fmt("PSS({},MGF1,{})", m_hash->name(), m_salt_size);
 }
 
-PSS_Raw::PSS_Raw(std::unique_ptr<HashFunction> hash) :
-      m_hash(std::move(hash)), m_salt_size(m_hash->output_length()), m_required_salt_len(false) {}
-
-PSS_Raw::PSS_Raw(std::unique_ptr<HashFunction> hash, size_t salt_size) :
-      m_hash(std::move(hash)), m_salt_size(salt_size), m_required_salt_len(true) {}
+PSS_Raw::PSS_Raw(std::unique_ptr<HashFunction> hash, std::optional<size_t> salt_size) :
+      m_hash(std::move(hash)),
+      m_salt_size(salt_size.value_or(m_hash->output_length())),
+      m_required_salt_len(salt_size.has_value()) {}
 
 /*
 * PSS_Raw Update Operation

src/lib/pk_pad/sig_padding/emsa_pssr/pssr.h

@@ -10,6 +10,7 @@
 
 #include <botan/internal/sig_padding.h>
 #include <memory>
+#include <optional>
 #include <string>
 #include <vector>
 
@@ -23,16 +24,11 @@ class HashFunction;
 */
 class PSSR final : public SignaturePaddingScheme {
    public:
-      /**
-      * @param hash the hash function to use
-      */
-      explicit PSSR(std::unique_ptr<HashFunction> hash);
-
       /**
       * @param hash the hash function to use
       * @param salt_size the size of the salt to use in bytes
       */
-      PSSR(std::unique_ptr<HashFunction> hash, size_t salt_size);
+      PSSR(std::unique_ptr<HashFunction> hash, std::optional<size_t> salt_size);
 
       std::string name() const override;
 
@@ -60,16 +56,11 @@ class PSSR final : public SignaturePaddingScheme {
 */
 class PSS_Raw final : public SignaturePaddingScheme {
    public:
-      /**
-      * @param hash the hash function to use
-      */
-      explicit PSS_Raw(std::unique_ptr<HashFunction> hash);
-
       /**
       * @param hash the hash function to use
       * @param salt_size the size of the salt to use in bytes
       */
-      PSS_Raw(std::unique_ptr<HashFunction> hash, size_t salt_size);
+      explicit PSS_Raw(std::unique_ptr<HashFunction> hash, std::optional<size_t> salt_size = std::nullopt);
 
       std::string hash_function() const override;
 

src/lib/pk_pad/sig_padding/iso9796/iso9796.cpp

@@ -209,6 +209,9 @@ bool iso9796_verification(std::span<const uint8_t> repr,
 
 }  // namespace
 
+ISO_9796_DS2::ISO_9796_DS2(std::unique_ptr<HashFunction> hash, bool implicit, std::optional<size_t> salt_size) :
+      m_hash(std::move(hash)), m_implicit(implicit), m_salt_len(salt_size.value_or(m_hash->output_length())) {}
+
 /*
  *  ISO-9796-2 signature scheme 2
  *  DS 2 is probabilistic

src/lib/pk_pad/sig_padding/iso9796/iso9796.h

@@ -10,6 +10,7 @@
 
 #include <botan/internal/sig_padding.h>
 #include <memory>
+#include <optional>
 #include <string>
 #include <vector>
 
@@ -27,8 +28,7 @@ class ISO_9796_DS2 final : public SignaturePaddingScheme {
        * @param implicit whether or not the trailer is implicit
        * @param salt_size size of the salt to use in bytes
        */
-      ISO_9796_DS2(std::unique_ptr<HashFunction> hash, bool implicit, size_t salt_size) :
-            m_hash(std::move(hash)), m_implicit(implicit), m_salt_len(salt_size) {}
+      ISO_9796_DS2(std::unique_ptr<HashFunction> hash, bool implicit, std::optional<size_t> salt_size);
 
       std::string hash_function() const override;