Add botan 2 support

Botan 1.10 will be EOL'd this year. This patch is a rough port to botan 2 API. Also:

- Removes support for botan < 1.10 to simplify code (1.10 was released 7 years ago)
- Ports the cmake module to use pkgconfig, since botan-config doesn't exist anymore in v2.
- To minimize ifdef'd code, botan2 unique_ptr's are release'd
- Removes -ansi C(XX)FLAGS, botan 2 requires C++11

Differential Revision: https://phabricator.kde.org/D11997

CMakeLists.txt

@@ -131,8 +131,8 @@ if (CMAKE_COMPILER_IS_GNUCXX)
        set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wcast-align")
      endif()
 
-     set ( CMAKE_C_FLAGS     "${CMAKE_C_FLAGS} -Wno-long-long -ansi -Wundef -Werror-implicit-function-declaration -Wchar-subscripts -Wall -W -Wpointer-arith -Wwrite-strings -Wformat-security -Wmissing-format-attribute -fno-common")
-     set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wnon-virtual-dtor -Wno-long-long -ansi -Wundef -Wchar-subscripts -Wall -W -Wpointer-arith -Wwrite-strings -Wformat-security -fno-check-new -fno-common")
+     set ( CMAKE_C_FLAGS     "${CMAKE_C_FLAGS} -Wno-long-long -Wundef -Werror-implicit-function-declaration -Wchar-subscripts -Wall -W -Wpointer-arith -Wwrite-strings -Wformat-security -Wmissing-format-attribute -fno-common")
+     set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wnon-virtual-dtor -Wno-long-long -Wundef -Wchar-subscripts -Wall -W -Wpointer-arith -Wwrite-strings -Wformat-security -fno-check-new -fno-common")
    endif (CMAKE_SYSTEM_NAME MATCHES Linux)
 endif (CMAKE_COMPILER_IS_GNUCXX)
 

cmake/modules/FindBotan.cmake

@@ -11,30 +11,12 @@
 # Redistribution and use is allowed according to the terms of the BSD license.
 # For details see the accompanying COPYING-CMAKE-SCRIPTS file.
 
-# libgcrypt is moving to pkg-config, but earlier version don't have it
-
-#search in typical paths for libgcrypt-config
-FIND_PROGRAM(BOTANCONFIG_EXECUTABLE NAMES botan-config botan-config-1.10)
-mark_as_advanced(BOTANCONFIG_EXECUTABLE)
-
 #reset variables
 set(BOTAN_LIBRARIES)
 set(BOTAN_CFLAGS)
 
-# if botan-config has been found
-IF(BOTANCONFIG_EXECUTABLE)
-
-  EXEC_PROGRAM(${BOTANCONFIG_EXECUTABLE} ARGS --libs RETURN_VALUE _return_VALUE OUTPUT_VARIABLE BOTAN_LIBRARIES)
-
-  EXEC_PROGRAM(${BOTANCONFIG_EXECUTABLE} ARGS --cflags RETURN_VALUE _return_VALUE OUTPUT_VARIABLE BOTAN_CFLAGS)
-
-  IF(BOTAN_LIBRARIES)
-    SET(BOTAN_FOUND TRUE)
-  ENDIF(BOTAN_LIBRARIES)
-
-  MARK_AS_ADVANCED(BOTAN_CFLAGS BOTAN_LIBRARIES)
-
-ENDIF(BOTANCONFIG_EXECUTABLE)
+find_package(PkgConfig)
+pkg_search_module(BOTAN REQUIRED botan>=1.10 botan-1.10 botan-2)
 
 if (BOTAN_FOUND)
    if (NOT Botan_FIND_QUIETLY)

plugins/qca-botan/qca-botan.cpp

@@ -23,13 +23,18 @@
 
 #include <qstringlist.h>
 
-#include <botan/botan.h>
 #include <botan/hmac.h>
-#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,0)
-#include <botan/s2k.h>
-#endif
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,8,0)
+#include <botan/version.h>
+#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(2,0,0)
+#include <botan/botan.h>
 #include <botan/algo_factory.h>
+#else
+#include <botan/auto_rng.h>
+#include <botan/block_cipher.h>
+#include <botan/filters.h>
+#include <botan/hash.h>
+#include <botan/pbkdf.h>
+#include <botan/stream_cipher.h>
 #endif
 
 #include <stdlib.h>
@@ -51,14 +56,8 @@ public:
     QCA::SecureArray nextBytes(int size)
     {
         QCA::SecureArray buf(size);
-#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,5,0)
-	Botan::Global_RNG::randomize( (Botan::byte*)buf.data(), buf.size(), Botan::SessionKey );
-#elif BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,7,6)
-	Botan::Global_RNG::randomize( (Botan::byte*)buf.data(), buf.size() );
-#else
 	Botan::AutoSeeded_RNG rng;
 	rng.randomize(reinterpret_cast<Botan::byte*>(buf.data()), buf.size());
-#endif
 	return buf;
     }
 };
@@ -70,7 +69,11 @@ class BotanHashContext : public QCA::HashContext
 public:
     BotanHashContext( const QString &hashName, QCA::Provider *p, const QString &type) : QCA::HashContext(p, type)
     {
+#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(2,0,0)
 	m_hashObj = Botan::get_hash(hashName.toStdString());
+#else
+	m_hashObj = Botan::HashFunction::create(hashName.toStdString()).release();
+#endif
     }
 
     ~BotanHashContext()
@@ -95,11 +98,7 @@ public:
 
     QCA::MemoryRegion final()
     {
-#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,0)
-        QCA::SecureArray a( m_hashObj->OUTPUT_LENGTH );
-#else
 	QCA::SecureArray a( m_hashObj->output_length() );
-#endif
 	m_hashObj->final( (Botan::byte *)a.data() );
 	return a;
     }
@@ -115,10 +114,10 @@ class BotanHMACContext : public QCA::MACContext
 public:
     BotanHMACContext( const QString &hashName, QCA::Provider *p, const QString &type) : QCA::MACContext(p, type)
     {
-#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,8,0)
-	m_hashObj = new Botan::HMAC(hashName.toStdString());
-#else
+#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(2,0,0)
 	m_hashObj = new Botan::HMAC(Botan::global_state().algorithm_factory().make_hash_function(hashName.toStdString()));
+#else
+	m_hashObj = new Botan::HMAC(Botan::HashFunction::create_or_throw(hashName.toStdString()).release());
 #endif
 	if (0 == m_hashObj) {
 	    std::cout << "null context object" << std::endl;
@@ -161,11 +160,7 @@ public:
 
     void final( QCA::MemoryRegion *out)
     {
-#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,0)
-	QCA::SecureArray sa( m_hashObj->OUTPUT_LENGTH, 0 );
-#else
 	QCA::SecureArray sa( m_hashObj->output_length(), 0 );
-#endif
 	m_hashObj->final( (Botan::byte *)sa.data() );
 	*out = sa;
     }
@@ -197,15 +192,8 @@ public:
     QCA::SymmetricKey makeKey(const QCA::SecureArray &secret, const QCA::InitializationVector &salt,
 			      unsigned int keyLength, unsigned int iterationCount)
     {
-#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,0)
-	m_s2k->set_iterations(iterationCount);
-	m_s2k->change_salt((const Botan::byte*)salt.data(), salt.size());
-	std::string secretString(secret.data(), secret.size() );
-	Botan::OctetString key = m_s2k->derive_key(keyLength, secretString);
-#else
 	std::string secretString(secret.data(), secret.size() );
 	Botan::OctetString key = m_s2k->derive_key(keyLength, secretString, (const Botan::byte*)salt.data(), salt.size(), iterationCount);
-#endif
         QCA::SecureArray retval(QByteArray((const char*)key.begin(), key.length()));
 	return QCA::SymmetricKey(retval);
     }
@@ -222,15 +210,6 @@ public:
 		std::string secretString(secret.data(), secret.size() );
 
 		*iterationCount = 0;
-#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,0)
-		m_s2k->set_iterations(1);
-		m_s2k->change_salt((const Botan::byte*)salt.data(), salt.size());
-		timer.start();
-		while (timer.elapsed() < msecInterval) {
-			key = m_s2k->derive_key(keyLength, secretString);
-			++(*iterationCount);
-		}
-#else
 		timer.start();
 		while (timer.elapsed() < msecInterval) {
 			key = m_s2k->derive_key(keyLength,
@@ -240,7 +219,6 @@ public:
 									1);
 			++(*iterationCount);
 		}
-#endif
 		return makeKey(secret, salt, keyLength, *iterationCount);
 	}
 
@@ -304,7 +282,14 @@ public:
 
     int blockSize() const
     {
+#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(2,0,0)
 	return Botan::block_size_of(m_algoName);
+#else
+	if(const std::unique_ptr<Botan::BlockCipher> bc = Botan::BlockCipher::create(m_algoName))
+	    return bc->block_size();
+        
+	throw Botan::Algorithm_Not_Found(m_algoName);
+#endif
     }
 
     QCA::AuthTag tag() const
@@ -337,23 +322,31 @@ public:
 
     QCA::KeyLength keyLength() const
     {
-#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,0)
-	return QCA::KeyLength( Botan::min_keylength_of(m_algoName),
-			       Botan::max_keylength_of(m_algoName),
-			       Botan::keylength_multiple_of(m_algoName) );
-#else
+#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(2,0,0)
         Botan::Algorithm_Factory &af = Botan::global_state().algorithm_factory();
+#endif
         Botan::Key_Length_Specification kls(0);
+#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(2,0,0)
         if(const Botan::BlockCipher *bc = af.prototype_block_cipher(m_algoName))
+#else
+        if(const std::unique_ptr<Botan::BlockCipher> bc = Botan::BlockCipher::create(m_algoName))
+#endif
             kls = bc->key_spec();
+#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(2,0,0)
         else if(const Botan::StreamCipher *sc = af.prototype_stream_cipher(m_algoName))
+#else
+        else if(const std::unique_ptr<Botan::StreamCipher> sc = Botan::StreamCipher::create(m_algoName))
+#endif
             kls = sc->key_spec();
+#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(2,0,0)
         else if(const Botan::MessageAuthenticationCode *mac = af.prototype_mac(m_algoName))
+#else
+        else if(const std::unique_ptr<Botan::MessageAuthenticationCode> mac = Botan::MessageAuthenticationCode::create(m_algoName))
+#endif
             kls = mac->key_spec();
         return QCA::KeyLength( kls.minimum_keylength(),
                                kls.maximum_keylength(),
                                kls.keylength_multiple() );
-#endif
     }
 
 
@@ -379,7 +372,9 @@ class botanProvider : public QCA::Provider
 public:
     void init()
     {
+#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(2,0,0)
 	m_init = new Botan::LibraryInitializer;
+#endif
     }
 
     ~botanProvider()
@@ -538,7 +533,9 @@ public:
 	    return 0;
     }
 private:
+#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(2,0,0)
     Botan::LibraryInitializer *m_init;
+#endif
 
 };