Refactor pgp_encrypted_material_t to C++ classes.

.cirrus.yml

@@ -23,7 +23,7 @@
 # POSSIBILITY OF SUCH DAMAGE.
 
 freebsd_instance:
-  image: freebsd-13-2-release-amd64
+  image: freebsd-13-4-release-amd64
 
 task:
   name: build

src/lib/CMakeLists.txt

@@ -370,6 +370,8 @@ add_library(librnp-obj OBJECT
   pass-provider.cpp
   sig_subpacket.cpp
   key_material.cpp
+  enc_material.cpp
+  sig_material.cpp
   keygen.cpp
   pgp-key.cpp
   rnp.cpp

src/lib/crypto/dsa.h

@@ -40,18 +40,18 @@ namespace dsa {
 
 class Signature {
   public:
-    pgp::mpi r;
-    pgp::mpi s;
+    mpi r;
+    mpi s;
 };
 
 class Key {
   public:
-    pgp::mpi p{};
-    pgp::mpi q{};
-    pgp::mpi g{};
-    pgp::mpi y{};
+    mpi p{};
+    mpi q{};
+    mpi g{};
+    mpi y{};
     /* secret mpi */
-    pgp::mpi x{};
+    mpi x{};
 
     void
     clear_secret()

src/lib/crypto/dsa_ossl.cpp

@@ -245,7 +245,7 @@ Key::verify(const Signature &sig, const rnp::secure_bytes &hash) const
         RNP_LOG("Failed to initialize verify: %lu", ERR_peek_last_error());
         return RNP_ERROR_GENERIC;
     }
-    pgp::mpi sigbuf;
+    mpi sigbuf;
     if (!encode_sig(sigbuf.mpi, &sigbuf.len, sig)) {
         return RNP_ERROR_GENERIC;
     }

src/lib/crypto/ec.h

@@ -106,16 +106,16 @@ class Curve {
 
 class Signature {
   public:
-    pgp::mpi r;
-    pgp::mpi s;
+    mpi r;
+    mpi s;
 };
 
 class Key {
   public:
     pgp_curve_t curve;
-    pgp::mpi    p;
+    mpi         p;
     /* secret mpi */
-    pgp::mpi x;
+    mpi x;
     /* ecdh params */
     pgp_hash_alg_t kdf_hash_alg; /* Hash used by kdf */
     pgp_symm_alg_t key_wrap_alg; /* Symmetric algorithm used to wrap KEK*/

src/lib/crypto/ec_ossl.cpp

@@ -101,7 +101,7 @@ generate_pkey(const pgp_pubkey_alg_t alg_id, const pgp_curve_t curve)
 }
 
 static bool
-write_raw_seckey(const rnp::ossl::evp::PKey &pkey, pgp::ec::Key &key)
+write_raw_seckey(const rnp::ossl::evp::PKey &pkey, ec::Key &key)
 {
     /* EdDSA and X25519 keys are saved in a different way */
     static_assert(sizeof(key.x.mpi) > 32, "mpi is too small.");
@@ -123,7 +123,7 @@ write_raw_seckey(const rnp::ossl::evp::PKey &pkey, pgp::ec::Key &key)
 }
 
 static bool
-write_seckey(rnp::ossl::evp::PKey &pkey, pgp::mpi &key)
+write_seckey(rnp::ossl::evp::PKey &pkey, mpi &key)
 {
 #if defined(CRYPTO_BACKEND_OPENSSL3)
     rnp::bn x;
@@ -173,7 +173,7 @@ Key::generate(rnp::RNG &rng, const pgp_pubkey_alg_t alg_id, const pgp_curve_t cu
 }
 
 static rnp::ossl::evp::PKey
-load_raw_key(const pgp::mpi &keyp, const pgp::mpi *keyx, int nid)
+load_raw_key(const mpi &keyp, const mpi *keyx, int nid)
 {
     if (!keyx) {
         /* as per RFC, EdDSA & 25519 keys must use 0x40 byte for encoding */
@@ -219,7 +219,7 @@ load_raw_key(const pgp::mpi &keyp, const pgp::mpi *keyx, int nid)
 
 #if defined(CRYPTO_BACKEND_OPENSSL3)
 static rnp::ossl::Param
-build_params(const pgp::mpi &p, const pgp::mpi *x, const char *curve)
+build_params(const mpi &p, const mpi *x, const char *curve)
 {
     rnp::ossl::ParamBld bld(OSSL_PARAM_BLD_new());
     if (!bld) {
@@ -235,7 +235,7 @@ build_params(const pgp::mpi &p, const pgp::mpi *x, const char *curve)
 }
 
 static rnp::ossl::evp::PKey
-load_key_openssl3(const pgp::mpi &keyp, const pgp::mpi *keyx, const Curve &curv_desc)
+load_key_openssl3(const mpi &keyp, const mpi *keyx, const Curve &curv_desc)
 {
     auto params = build_params(keyp, keyx, curv_desc.openssl_name);
     if (!params) {
@@ -266,7 +266,7 @@ load_key_openssl3(const pgp::mpi &keyp, const pgp::mpi *keyx, const Curve &curv_
 #endif
 
 rnp::ossl::evp::PKey
-load_key(const pgp::mpi &keyp, const pgp::mpi *keyx, pgp_curve_t curve)
+load_key(const mpi &keyp, const mpi *keyx, pgp_curve_t curve)
 {
     auto curv_desc = Curve::get(curve);
     if (!curv_desc) {
@@ -394,7 +394,7 @@ validate_key(const Key &key, bool secret)
 }
 
 bool
-write_pubkey(const rnp::ossl::evp::PKey &pkey, pgp::mpi &mpi, pgp_curve_t curve)
+write_pubkey(const rnp::ossl::evp::PKey &pkey, mpi &mpi, pgp_curve_t curve)
 {
     if (is_raw_key(curve)) {
         /* EdDSA and X25519 keys are saved in a different way */

src/lib/crypto/ec_ossl.h

@@ -35,13 +35,13 @@
 namespace pgp {
 namespace ec {
 
-rnp::ossl::evp::PKey load_key(const pgp::mpi &keyp, const pgp::mpi *keyx, pgp_curve_t curve);
+rnp::ossl::evp::PKey load_key(const mpi &keyp, const mpi *keyx, pgp_curve_t curve);
 
-rnp_result_t validate_key(const pgp::ec::Key &key, bool secret);
+rnp_result_t validate_key(const ec::Key &key, bool secret);
 
 rnp::ossl::evp::PKey generate_pkey(const pgp_pubkey_alg_t alg_id, const pgp_curve_t curve);
 
-bool write_pubkey(const rnp::ossl::evp::PKey &key, pgp::mpi &mpi, pgp_curve_t curve);
+bool write_pubkey(const rnp::ossl::evp::PKey &key, mpi &mpi, pgp_curve_t curve);
 
 } // namespace ec
 } // namespace pgp

src/lib/crypto/ecdh.cpp

@@ -163,11 +163,7 @@ validate_key(rnp::RNG &rng, const ec::Key &key, bool secret)
 }
 
 rnp_result_t
-encrypt_pkcs5(rnp::RNG &                  rng,
-              Encrypted &                 out,
-              const rnp::secure_bytes &   in,
-              const ec::Key &             key,
-              const std::vector<uint8_t> &fp)
+encrypt_pkcs5(rnp::RNG &rng, Encrypted &out, const rnp::secure_bytes &in, const ec::Key &key)
 {
     if (in.size() > MAX_SESSION_KEY_SIZE) {
         return RNP_ERROR_BAD_PARAMETERS;
@@ -193,7 +189,7 @@ encrypt_pkcs5(rnp::RNG &                  rng,
     // See 13.5 of RFC 4880 for definition of other_info size
     const size_t kek_len = pgp_key_size(key.key_wrap_alg);
     auto         other_info =
-      kdf_other_info_serialize(*curve_desc, fp, key.kdf_hash_alg, key.key_wrap_alg);
+      kdf_other_info_serialize(*curve_desc, out.fp, key.kdf_hash_alg, key.key_wrap_alg);
     assert(other_info.size() == curve_desc->OID.size() + 46);
 
     rnp::botan::Privkey eph_prv_key;
@@ -253,10 +249,7 @@ encrypt_pkcs5(rnp::RNG &                  rng,
 }
 
 rnp_result_t
-decrypt_pkcs5(rnp::secure_bytes &         out,
-              const Encrypted &           in,
-              const ec::Key &             key,
-              const std::vector<uint8_t> &fp)
+decrypt_pkcs5(rnp::secure_bytes &out, const Encrypted &in, const ec::Key &key)
 {
     if (!key.x.bytes()) {
         return RNP_ERROR_BAD_PARAMETERS;
@@ -277,7 +270,7 @@ decrypt_pkcs5(rnp::secure_bytes &         out,
     }
 
     // See 13.5 of RFC 4880 for definition of other_info_size
-    auto other_info = kdf_other_info_serialize(*curve_desc, fp, kdf_hash, wrap_alg);
+    auto other_info = kdf_other_info_serialize(*curve_desc, in.fp, kdf_hash, wrap_alg);
     assert(other_info.size() == curve_desc->OID.size() + 46);
 
     rnp::botan::Privkey prv_key;

src/lib/crypto/ecdh.h

@@ -70,19 +70,17 @@ bool set_params(ec::Key &key, pgp_curve_t curve_id);
  *        as specified in RFC 3394
  * @param in data to be encrypted
  * @param key public key to be used for encryption
- * @param fp fingerprint of the encrypting key
  *
  * @return RNP_SUCCESS on success and output parameters are populated
  * @return RNP_ERROR_NOT_SUPPORTED unknown curve
  * @return RNP_ERROR_BAD_PARAMETERS unexpected input provided
  * @return RNP_ERROR_SHORT_BUFFER `wrapped_key_len' to small to store result
  * @return RNP_ERROR_GENERIC implementation error
  */
-rnp_result_t encrypt_pkcs5(rnp::RNG &                  rng,
-                           Encrypted &                 out,
-                           const rnp::secure_bytes &   in,
-                           const ec::Key &             key,
-                           const std::vector<uint8_t> &fp);
+rnp_result_t encrypt_pkcs5(rnp::RNG &               rng,
+                           Encrypted &              out,
+                           const rnp::secure_bytes &in,
+                           const ec::Key &          key);
 
 /*
  * Decrypts session key with a KEK agreed during ECDH as specified in
@@ -104,10 +102,7 @@ rnp_result_t encrypt_pkcs5(rnp::RNG &                  rng,
  * @return RNP_ERROR_SHORT_BUFFER `session_key_len' to small to store result
  * @return RNP_ERROR_GENERIC decryption failed or implementation error
  */
-rnp_result_t decrypt_pkcs5(rnp::secure_bytes &         out,
-                           const Encrypted &           in,
-                           const ec::Key &             key,
-                           const std::vector<uint8_t> &fp);
+rnp_result_t decrypt_pkcs5(rnp::secure_bytes &out, const Encrypted &in, const ec::Key &key);
 } // namespace ecdh
 } // namespace pgp
 

src/lib/crypto/ecdh_ossl.cpp

@@ -248,11 +248,7 @@ ecdh_kek_len(pgp_symm_alg_t wrap_alg)
 }
 
 rnp_result_t
-encrypt_pkcs5(rnp::RNG &                  rng,
-              Encrypted &                 out,
-              const rnp::secure_bytes &   in,
-              const ec::Key &             key,
-              const std::vector<uint8_t> &fp)
+encrypt_pkcs5(rnp::RNG &rng, Encrypted &out, const rnp::secure_bytes &in, const ec::Key &key)
 {
     if (in.size() > MAX_SESSION_KEY_SIZE) {
         return RNP_ERROR_BAD_PARAMETERS;
@@ -298,7 +294,7 @@ encrypt_pkcs5(rnp::RNG &                  rng,
     }
     /* here we got x value in sec, deriving kek */
     rnp::secure_bytes kek(keklen, 0);
-    auto              ret = derive_kek(sec, key, fp, kek);
+    auto              ret = derive_kek(sec, key, out.fp, kek);
     if (ret) {
         /* LCOV_EXCL_START */
         RNP_LOG("Failed to derive KEK.");
@@ -329,10 +325,7 @@ encrypt_pkcs5(rnp::RNG &                  rng,
 }
 
 rnp_result_t
-decrypt_pkcs5(rnp::secure_bytes &         out,
-              const Encrypted &           in,
-              const ec::Key &             key,
-              const std::vector<uint8_t> &fp)
+decrypt_pkcs5(rnp::secure_bytes &out, const Encrypted &in, const ec::Key &key)
 {
     if (!key.x.bytes()) {
         return RNP_ERROR_BAD_PARAMETERS;
@@ -368,7 +361,7 @@ decrypt_pkcs5(rnp::secure_bytes &         out,
     }
     /* here we got x value in sec, deriving kek */
     rnp::secure_bytes kek(keklen, 0);
-    auto              ret = derive_kek(sec, key, fp, kek);
+    auto              ret = derive_kek(sec, key, in.fp, kek);
     if (ret) {
         /* LCOV_EXCL_START */
         RNP_LOG("Failed to derive KEK.");

src/lib/crypto/ecdh_utils.cpp

@@ -53,7 +53,7 @@ static const struct ecdh_params_t {
 
 // returns size of data written to other_info
 std::vector<uint8_t>
-kdf_other_info_serialize(const pgp::ec::Curve &      curve,
+kdf_other_info_serialize(const ec::Curve &           curve,
                          const std::vector<uint8_t> &fp,
                          const pgp_hash_alg_t        kdf_hash,
                          const pgp_symm_alg_t        wrap_alg)
@@ -117,7 +117,7 @@ unpad_pkcs7(rnp::secure_bytes &buf)
 }
 
 bool
-set_params(pgp::ec::Key &key, pgp_curve_t curve_id)
+set_params(ec::Key &key, pgp_curve_t curve_id)
 {
     for (size_t i = 0; i < ARRAY_SIZE(ecdh_params); i++) {
         if (ecdh_params[i].curve == curve_id) {

src/lib/crypto/ecdh_utils.h

@@ -35,7 +35,7 @@
 
 namespace pgp {
 namespace ecdh {
-std::vector<uint8_t> kdf_other_info_serialize(const pgp::ec::Curve &      curve,
+std::vector<uint8_t> kdf_other_info_serialize(const ec::Curve &           curve,
                                               const std::vector<uint8_t> &fp,
                                               const pgp_hash_alg_t        kdf_hash,
                                               const pgp_symm_alg_t        wrap_alg);

src/lib/crypto/ecdsa.cpp

@@ -34,9 +34,9 @@ namespace pgp {
 namespace ecdsa {
 
 static bool
-load_public_key(rnp::botan::Pubkey &pubkey, const pgp::ec::Key &keydata)
+load_public_key(rnp::botan::Pubkey &pubkey, const ec::Key &keydata)
 {
-    auto curve = pgp::ec::Curve::get(keydata.curve);
+    auto curve = ec::Curve::get(keydata.curve);
     if (!curve) {
         RNP_LOG("unknown curve");
         return false;
@@ -62,9 +62,9 @@ load_public_key(rnp::botan::Pubkey &pubkey, const pgp::ec::Key &keydata)
 }
 
 static bool
-load_secret_key(rnp::botan::Privkey &seckey, const pgp::ec::Key &keydata)
+load_secret_key(rnp::botan::Privkey &seckey, const ec::Key &keydata)
 {
-    auto curve = pgp::ec::Curve::get(keydata.curve);
+    auto curve = ec::Curve::get(keydata.curve);
     if (!curve) {
         return false;
     }
@@ -82,7 +82,7 @@ load_secret_key(rnp::botan::Privkey &seckey, const pgp::ec::Key &keydata)
 }
 
 rnp_result_t
-validate_key(rnp::RNG &rng, const pgp::ec::Key &key, bool secret)
+validate_key(rnp::RNG &rng, const ec::Key &key, bool secret)
 {
     rnp::botan::Pubkey bpkey;
     if (!load_public_key(bpkey, key) || botan_pubkey_check_key(bpkey.get(), rng.handle(), 0)) {
@@ -131,12 +131,12 @@ padding_str_for(pgp_hash_alg_t hash_alg)
 
 rnp_result_t
 sign(rnp::RNG &               rng,
-     pgp::ec::Signature &     sig,
+     ec::Signature &          sig,
      pgp_hash_alg_t           hash_alg,
      const rnp::secure_bytes &hash,
-     const pgp::ec::Key &     key)
+     const ec::Key &          key)
 {
-    auto curve = pgp::ec::Curve::get(key.curve);
+    auto curve = ec::Curve::get(key.curve);
     if (!curve) {
         return RNP_ERROR_BAD_PARAMETERS;
     }
@@ -172,12 +172,12 @@ sign(rnp::RNG &               rng,
 }
 
 rnp_result_t
-verify(const pgp::ec::Signature &sig,
-       pgp_hash_alg_t            hash_alg,
-       const rnp::secure_bytes & hash,
-       const pgp::ec::Key &      key)
+verify(const ec::Signature &    sig,
+       pgp_hash_alg_t           hash_alg,
+       const rnp::secure_bytes &hash,
+       const ec::Key &          key)
 {
-    auto curve = pgp::ec::Curve::get(key.curve);
+    auto curve = ec::Curve::get(key.curve);
     if (!curve) {
         RNP_LOG("unknown curve");
         return RNP_ERROR_BAD_PARAMETERS;