remove half-baked c'tors of PK_Signer/Verifier

as discussed: https://github.com/randombit/botan/pull/4318\#issuecomment-2297990007

src/cli/pubkey.cpp

@@ -97,18 +97,12 @@ BOTAN_REGISTER_COMMAND("keygen", PK_Keygen);
 
 namespace {
 
-Botan::PK_Signature_Options sig_options(
-   std::string_view key, std::string_view padding, std::string_view hash, bool use_der, std::string_view provider) {
-   if(key == "RSA" && padding.empty()) {
-      return sig_options(key, "PSS", hash, use_der, provider);
+std::string_view normalize_padding(const std::string& algo, const std::string& requested_padding) {
+   if(algo == "RSA" && requested_padding.empty()) {
+      return "PSS";
+   } else {
+      return requested_padding;
    }
-
-   return Botan::PK_Signature_Options_Builder()
-      .with_hash(hash)
-      .with_padding(padding)
-      .with_der_encoded_signature(use_der)
-      .with_provider(provider)
-      .commit();
 }
 
 }  // namespace
@@ -188,10 +182,13 @@ class PK_Sign final : public Command {
             throw CLI_Error_Unsupported("hashing", hash_fn);
          }
 
-         Botan::PK_Signer signer(
-            *key,
-            rng(),
-            sig_options(key->algo_name(), get_arg("padding"), hash_fn, flag_set("der-format"), get_arg("provider")));
+         auto signer = key->signer()
+                          .with_rng(rng())
+                          .with_hash(hash_fn)
+                          .with_padding(normalize_padding(key->algo_name(), get_arg("padding")))
+                          .with_der_encoded_signature(flag_set("der-format"))
+                          .with_provider(get_arg("provider"))
+                          .create();
 
          auto onData = [&signer](const uint8_t b[], size_t l) { signer.update(b, l); };
          Command::read_file(get_arg("file"), onData);
@@ -235,8 +232,13 @@ class PK_Verify final : public Command {
             throw CLI_Error_Unsupported("hashing", hash_fn);
          }
 
-         Botan::PK_Verifier verifier(
-            *key, sig_options(key->algo_name(), get_arg("padding"), hash_fn, flag_set("der-format"), ""));
+         auto verifier = key->signature_verifier()
+                            .with_hash(hash_fn)
+                            .with_padding(normalize_padding(key->algo_name(), get_arg("padding")))
+                            .with_der_encoded_signature(flag_set("der-format"))
+                            .with_provider(get_arg("provider"))
+                            .create();
+
          auto onData = [&verifier](const uint8_t b[], size_t l) { verifier.update(b, l); };
          Command::read_file(get_arg("file"), onData);
 

src/examples/pkcs11_ecdsa.cpp

@@ -96,10 +96,10 @@ int main() {
 
    std::vector<uint8_t> plaintext(20, 0x01);
 
-   Botan::PK_Signer signer(key_pair.second, rng, Botan::PK_Signature_Options_Builder().with_hash("Raw").commit());
+   auto signer = key_pair.second.signer().with_rng(rng).with_hash("Raw").create();
    auto signature = signer.sign_message(plaintext, rng);
 
-   Botan::PK_Verifier token_verifier(key_pair.first, Botan::PK_Signature_Options_Builder().with_hash("Raw").commit());
+   auto token_verifier = key_pair.first.signature_verifier().with_hash("Raw").create();
    bool ecdsa_ok = token_verifier.verify_message(plaintext, signature);
 
    return ecdsa_ok ? 0 : 1;

src/examples/pkcs11_rsa.cpp

@@ -92,14 +92,12 @@ int main() {
 
    /************ RSA sign *************/
 
-   Botan::PK_Signer signer(
-      rsa_keypair.second, rng, Botan::PK_Signature_Options_Builder().with_hash("SHA-256").with_padding("PSS").commit());
+   auto signer = rsa_keypair.second.signer().with_rng(rng).with_hash("SHA-256").with_padding("PSS").create();
    auto signature = signer.sign_message(plaintext, rng);
 
    /************ RSA verify *************/
 
-   Botan::PK_Verifier verifier(rsa_keypair.first,
-                               Botan::PK_Signature_Options_Builder().with_hash("SHA-256").with_padding("PSS").commit());
+   auto verifier = rsa_keypair.first.signature_verifier().with_hash("SHA-256").with_padding("PSS").create();
    auto ok = verifier.verify_message(plaintext, signature);
 
    return ok ? 0 : 1;

src/lib/pubkey/gost_3410/gost_3410.cpp

@@ -191,7 +191,7 @@ PK_Signature_Options gost_hash_from_algid(const AlgorithmIdentifier& alg_id) {
       throw Decoding_Error(fmt("Unknown OID ({}) for GOST 34.10 signatures", alg_id.oid()));
    }
 
-   return PK_Signature_Options_Builder().with_hash(hash.value()).commit();
+   return PK_Verification_Options_Builder().with_hash(hash.value()).commit();
 }
 
 /**

src/lib/pubkey/pubkey.cpp

@@ -266,17 +266,6 @@ PK_Signer::PK_Signer(const Private_Key& key,
                      std::string_view provider) :
       PK_Signer(PK_Signature_Options_Builder(key, rng, padding, format, provider).commit()) {}
 
-PK_Signer::PK_Signer(const Private_Key& key, RandomNumberGenerator& rng, PK_Signature_Options& options) {
-   m_op = key._create_signature_op(rng, options);
-   if(!m_op) {
-      throw Invalid_Argument(fmt("Key type {} does not support signature generation", key.algo_name()));
-   }
-   m_sig_format = options.using_der_encoded_signature() ? Signature_Format::DerSequence : Signature_Format::Standard;
-   m_parts = key.message_parts();
-   m_part_size = key.message_part_size();
-   check_der_format_supported(m_sig_format, m_parts);
-}
-
 AlgorithmIdentifier PK_Signer::algorithm_identifier() const {
    return m_op->algorithm_identifier();
 }
@@ -363,17 +352,6 @@ PK_Verifier::PK_Verifier(const Public_Key& pub_key,
                          std::string_view provider) :
       PK_Verifier(PK_Verification_Options_Builder(pub_key, padding, format, provider).commit()) {}
 
-PK_Verifier::PK_Verifier(const Public_Key& key, PK_Signature_Options& options) {
-   m_op = key._create_verification_op(options);
-   if(!m_op) {
-      throw Invalid_Argument(fmt("Key type {} does not support signature verification", key.algo_name()));
-   }
-   m_sig_format = options.using_der_encoded_signature() ? Signature_Format::DerSequence : Signature_Format::Standard;
-   m_parts = key.message_parts();
-   m_part_size = key.message_part_size();
-   check_der_format_supported(m_sig_format, m_parts);
-}
-
 PK_Verifier::PK_Verifier(const Public_Key& key,
                          const AlgorithmIdentifier& signature_algorithm,
                          std::string_view provider) {

src/lib/pubkey/pubkey.h

@@ -169,31 +169,6 @@ class BOTAN_PUBLIC_API(2, 0) PK_Signer final {
       */
       explicit PK_Signer(PK_Signature_Options options);
 
-      /**
-      * Construct a PK signer
-      *
-      * @param key the key to use to generate signatures
-      * @param rng the random generator to use
-      * @param options controls the behavior of the signature generation, eg which hash function to use
-      *
-      * Note that most common algorithms (eg RSA or ECDSA) require an options
-      * parameter to specify at least which hash function to use.
-      */
-      PK_Signer(const Private_Key& key, RandomNumberGenerator& rng, PK_Signature_Options& options);
-
-      /**
-      * Construct a PK signer
-      *
-      * @param key the key to use to generate signatures
-      * @param rng the random generator to use
-      * @param options controls the behavior of the signature generation, eg which hash function to use
-      *
-      * Note that most common algorithms (eg RSA or ECDSA) require an options
-      * parameter to specify at least which hash function to use.
-      */
-      PK_Signer(const Private_Key& key, RandomNumberGenerator& rng, PK_Signature_Options&& options) :
-            PK_Signer(key, rng, options) {}
-
       /**
       * Construct a PK Signer.
       * @param key the key to use inside this signer
@@ -317,20 +292,6 @@ class BOTAN_PUBLIC_API(2, 0) PK_Verifier final {
       */
       explicit PK_Verifier(PK_Signature_Options options);
 
-      /**
-      * Construct a PK Verifier.
-      * @param pub_key the public key to verify against
-      * @param options relating to the signature
-      */
-      PK_Verifier(const Public_Key& pub_key, PK_Signature_Options& options);
-
-      /**
-      * Construct a PK Verifier.
-      * @param pub_key the public key to verify against
-      * @param options relating to the signature
-      */
-      PK_Verifier(const Public_Key& pub_key, PK_Signature_Options&& options) : PK_Verifier(pub_key, options) {}
-
       /**
       * Construct a PK Verifier.
       * @param pub_key the public key to verify against

src/lib/pubkey/rsa/rsa.cpp

@@ -751,7 +751,7 @@ PK_Signature_Options parse_rsa_signature_algorithm(const AlgorithmIdentifier& al
 
    const std::string& padding = sig_info[1];
 
-   PK_Signature_Options_Builder opts;
+   PK_Verification_Options_Builder opts;
 
    if(padding == "EMSA4") {
       // "MUST contain RSASSA-PSS-params"

src/tests/test_dilithium.cpp

@@ -62,7 +62,7 @@ class Dilithium_KAT_Tests : public Text_Based_Test {
          }
 
          Botan::Dilithium_PublicKey pub_key(priv_key.public_key_bits(), DerivedT::mode);
-         auto verifier = Botan::PK_Verifier(pub_key, Botan::PK_Signature_Options{});
+         auto verifier = pub_key.signature_verifier().create();
          verifier.update(ref_msg.data(), ref_msg.size());
          result.confirm("signature verifies", verifier.check_signature(signature.data(), signature.size()));
 
@@ -121,7 +121,7 @@ class DilithiumRoundtripTests final : public Test {
          };
 
          auto verify = [](const auto& public_key, const auto& msg, const auto& signature) {
-            auto verifier = Botan::PK_Verifier(public_key, Botan::PK_Signature_Options{});
+            auto verifier = public_key.signature_verifier().create();
             verifier.update(msg);
             return verifier.check_signature(signature);
          };

src/tests/test_ecdsa.cpp

@@ -258,8 +258,8 @@ class ECDSA_AllGroups_Test : public Test {
                }
 
                try {
-                  Botan::PK_Signer signer(priv, rng(), Botan::PK_Signature_Options_Builder().with_hash(hash).commit());
-                  Botan::PK_Verifier verifier(*pub, Botan::PK_Signature_Options_Builder().with_hash(hash).commit());
+                  auto signer = priv.signer().with_rng(rng()).with_hash(hash).create();
+                  auto verifier = pub->signature_verifier().with_hash(hash).create();
 
                   for(size_t i = 0; i != 16; ++i) {
                      auto message = rng().random_vec(rng().next_byte());

src/tests/test_ed25519.cpp

@@ -90,11 +90,11 @@ class Ed25519_Curdle_Format_Tests final : public Test {
          auto pub_key = Botan::X509::load_key(pub_data);
          result.confirm("Public key loaded", pub_key != nullptr);
 
-         Botan::PK_Signer signer(*priv_key, this->rng(), Botan::PK_Signature_Options{});
+         auto signer = priv_key->signer().with_rng(this->rng()).create();
          signer.update("message");
          std::vector<uint8_t> sig = signer.signature(this->rng());
 
-         Botan::PK_Verifier verifier(*pub_key, Botan::PK_Signature_Options{});
+         auto verifier = pub_key->signature_verifier().create();
          verifier.update("message");
          result.confirm("Signature valid", verifier.check_signature(sig));
 

src/tests/test_hss_lms.cpp

@@ -127,8 +127,8 @@ class HSS_LMS_Negative_Tests final : public Test {
 
          auto sk = Botan::create_private_key("HSS-LMS", Test::rng(), "Truncated(SHA-256,192),HW(5,8)");
 
-         Botan::PK_Signer signer(*sk, Test::rng(), Botan::PK_Signature_Options{});
-         Botan::PK_Verifier verifier(*sk, Botan::PK_Signature_Options{});
+         auto signer = sk->signer().with_rng(Test::rng()).create();
+         auto verifier = sk->signature_verifier().create();
 
          std::vector<uint8_t> mes = {0xde, 0xad, 0xbe, 0xef};
 
@@ -154,8 +154,8 @@ class HSS_LMS_Negative_Tests final : public Test {
 
          auto sk = Botan::create_private_key("HSS-LMS", Test::rng(), "Truncated(SHA-256,192),HW(5,8)");
 
-         Botan::PK_Signer signer(*sk, Test::rng(), Botan::PK_Signature_Options{});
-         Botan::PK_Verifier verifier(*sk, Botan::PK_Signature_Options{});
+         auto signer = sk->signer().with_rng(Test::rng()).create();
+         auto verifier = sk->signature_verifier().create();
 
          std::vector<uint8_t> mes = {0xde, 0xad, 0xbe, 0xef};
 
@@ -240,7 +240,7 @@ class HSS_LMS_Statefulness_Test final : public Test {
          Test::Result result("HSS-LMS");
 
          auto sk = Botan::HSS_LMS_PrivateKey(Test::rng(), "Truncated(SHA-256,192),HW(5,8),HW(5,8)");
-         Botan::PK_Signer signer(sk, Test::rng(), Botan::PK_Signature_Options{});
+         auto signer = sk.signer().with_rng(Test::rng()).create();
          std::vector<uint8_t> mes = {0xde, 0xad, 0xbe, 0xef};
          auto sk_bytes_begin = sk.private_key_bits();
 
@@ -275,7 +275,7 @@ class HSS_LMS_Statefulness_Test final : public Test {
          uint64_t total_sig_count = 32;
          auto sk = create_private_key_with_idx(total_sig_count - 1);
 
-         Botan::PK_Signer signer(sk, Test::rng(), Botan::PK_Signature_Options{});
+         auto signer = sk.signer().with_rng(Test::rng()).create();
          std::vector<uint8_t> mes = {0xde, 0xad, 0xbe, 0xef};
          auto sk_bytes_begin = sk.private_key_bits();
 
@@ -306,14 +306,14 @@ class HSS_LMS_Missing_API_Test final : public Test {
                         3 * sizeof(uint32_t) + Botan::LMS_IDENTIFIER_LEN);
 
          // HSS_LMS_Verification_Operation::hash_function()
-         Botan::PK_Verifier verifier(*sk, Botan::PK_Signature_Options{});
+         auto verifier = sk->signature_verifier().create();
          result.test_eq("PK_Verifier should report the hash of the key", verifier.hash_function(), "SHA-256");
 
          // HSS_LMS_PrivateKey::raw_private_key_bits()
          result.test_eq("Our BER and raw encoding is the same", sk->raw_private_key_bits(), sk->private_key_bits());
 
          // HSS_LMS_Signature_Operation::algorithm_identifier()
-         Botan::PK_Signer signer(*sk, Test::rng(), Botan::PK_Signature_Options{});
+         auto signer = sk->signer().with_rng(Test::rng()).create();
          result.test_is_eq(signer.algorithm_identifier(), sk->algorithm_identifier());
 
          // HSS_LMS_Signature_Operation::hash_function()

src/tests/test_rsa.cpp

@@ -204,8 +204,8 @@ class RSA_Blinding_Tests final : public Test {
          */
 
          // don't try this at home
-         Botan::PK_Signer signer(rsa, this->rng(), Botan::PK_Signature_Options_Builder().with_hash("Raw").commit());
-         Botan::PK_Verifier verifier(rsa, Botan::PK_Signature_Options_Builder().with_hash("Raw").commit());
+         auto signer = rsa.signer().with_rng(this->rng()).with_hash("Raw").create();
+         auto verifier = rsa.signature_verifier().with_hash("Raw").create();
 
          for(size_t i = 1; i <= BOTAN_BLINDING_REINIT_INTERVAL * 6; ++i) {
             std::vector<uint8_t> input(16);

src/tests/test_sphincsplus.cpp

@@ -111,15 +111,13 @@ class SPHINCS_Plus_Test final : public Text_Based_Test {
          // Signature with generated Keypair
 
          // TODO: No KAT for 'deterministic'?
-         auto signer = Botan::PK_Signer(priv_key, fixed_rng, Botan::PK_Signature_Options{});
-         auto signature = signer.sign_message(msg_ref.data(), msg_ref.size(), fixed_rng);
+         auto signature = priv_key.signer().with_rng(fixed_rng).create().sign_message(msg_ref, fixed_rng);
 
          result.test_is_eq("signature creation", unlock(hash->process(signature)), sig_hash);
 
          // Verification with generated Keypair
-         Botan::PK_Verifier verifier(*priv_key.public_key(), params.algorithm_identifier());
-         bool verify_success =
-            verifier.verify_message(msg_ref.data(), msg_ref.size(), signature.data(), signature.size());
+         const bool verify_success =
+            priv_key.public_key()->signature_verifier().create().verify_message(msg_ref, signature);
          result.confirm("verification of valid signature", verify_success);
 
          // Run additional parsing and re-verification tests on one parameter

src/tests/test_xmss.cpp

@@ -169,8 +169,7 @@ std::vector<Test::Result> xmss_statefulness() {
    auto sign_something = [&rng](auto& sk) {
       auto msg = Botan::hex_decode("deadbeef");
 
-      Botan::PK_Signer signer(sk, *rng, Botan::PK_Signature_Options{});
-      signer.sign_message(msg, *rng);
+      sk.signer().with_rng(*rng).create().sign_message(msg, *rng);
    };
 
    return {CHECK("signing alters state",
@@ -297,27 +296,27 @@ std::vector<Test::Result> xmss_legacy_private_key() {
    return {
       CHECK("Use a legacy private key to create a signature",
             [&](auto& result) {
-               Botan::PK_Signer signer(legacy_secret_key, *rng, Botan::PK_Signature_Options{});
+               auto signer = legacy_secret_key.signer().with_rng(*rng).create();
                auto signature = signer.sign_message(message, *rng);
 
-               Botan::PK_Verifier verifier(public_key_from_secret_key, Botan::PK_Signature_Options{});
+               auto verifier = public_key_from_secret_key.signature_verifier().create();
                result.confirm("legacy private key generates signatures that are still verifiable",
                               verifier.verify_message(message, signature));
             }),
 
       CHECK("Verify a legacy signature",
             [&](auto& result) {
-               Botan::PK_Verifier verifier(public_key_from_secret_key, Botan::PK_Signature_Options{});
+               auto verifier = public_key_from_secret_key.signature_verifier().create();
                result.confirm("legacy private key generates signatures that are still verifiable",
                               verifier.verify_message(message, legacy_signature));
             }),
 
       CHECK("Verify a new signature by a legacy private key with a legacy public key",
             [&](auto& result) {
-               Botan::PK_Signer signer(legacy_secret_key, *rng, Botan::PK_Signature_Options{});
+               auto signer = legacy_secret_key.signer().with_rng(*rng).create();
                auto signature = signer.sign_message(message, *rng);
 
-               Botan::PK_Verifier verifier(legacy_public_key, Botan::PK_Signature_Options{});
+               auto verifier = legacy_public_key.signature_verifier().create();
                result.confirm("legacy private key generates signatures that are still verifiable",
                               verifier.verify_message(message, legacy_signature));
             }),

src/tests/unit_ecdsa.cpp

@@ -139,8 +139,8 @@ Test::Result test_read_pkcs8() {
 
       result.confirm("EC_Group is marked as explicit encoding", ecdsa_nodp->domain().used_explicit_encoding());
 
-      Botan::PK_Signer signer(*ecdsa_nodp, *rng, Botan::PK_Signature_Options_Builder().with_hash("SHA-256").commit());
-      Botan::PK_Verifier verifier(*ecdsa_nodp, Botan::PK_Signature_Options_Builder().with_hash("SHA-256").commit());
+      auto signer = ecdsa_nodp->signer().with_rng(*rng).with_hash("SHA-256").create();
+      auto verifier = ecdsa_nodp->signature_verifier().with_hash("SHA-256").create();
 
       const auto msg = rng->random_vec(48);