randombit · reneme · Feb 16, 2024 · Jan 9, 2024 · Jan 10, 2024 · Jan 9, 2024
diff --git a/doc/migration_guide.rst b/doc/migration_guide.rst
@@ -26,6 +26,14 @@ algorithm headers (such as ``aes.h``) have been removed. Instead you should
 create objects via the factory methods (in the case of AES,
 ``BlockCipher::create``) which works in both 2.x and 3.0
 
+Errata: ``pk_ops.h``
+^^^^^^^^^^^^^^^^^^^^
+
+Between Botan 3.0 and 3.2 the public header ``pk_ops.h`` was removed
+accidentally. This header is typically required for specialized applications
+that interface with dedicated crypto hardware. If you are migrating such an
+application, please make sure to use Botan 3.3 or newer.
+
 Build Artifacts
 ---------------
 

diff --git a/src/examples/hybrid_key_encapsulation.cpp b/src/examples/hybrid_key_encapsulation.cpp
diff --git a/src/lib/prov/pkcs11/p11_ecdh.cpp b/src/lib/prov/pkcs11/p11_ecdh.cpp
@@ -11,9 +11,9 @@
 #if defined(BOTAN_HAS_ECDH)
 
    #include <botan/der_enc.h>
+   #include <botan/pk_ops.h>
    #include <botan/rng.h>
    #include <botan/internal/p11_mechanism.h>
-   #include <botan/internal/pk_ops.h>
 
 namespace Botan::PKCS11 {
 

diff --git a/src/lib/prov/pkcs11/p11_ecdsa.cpp b/src/lib/prov/pkcs11/p11_ecdsa.cpp
@@ -10,10 +10,10 @@
 
 #if defined(BOTAN_HAS_ECDSA)
 
+   #include <botan/pk_ops.h>
    #include <botan/rng.h>
    #include <botan/internal/keypair.h>
    #include <botan/internal/p11_mechanism.h>
-   #include <botan/internal/pk_ops.h>
 
 namespace Botan::PKCS11 {
 

diff --git a/src/lib/prov/pkcs11/p11_rsa.cpp b/src/lib/prov/pkcs11/p11_rsa.cpp
@@ -16,7 +16,6 @@
    #include <botan/rng.h>
    #include <botan/internal/blinding.h>
    #include <botan/internal/p11_mechanism.h>
-   #include <botan/internal/pk_ops.h>
    #include <botan/internal/pk_ops_impl.h>
 
 namespace Botan::PKCS11 {

diff --git a/src/lib/prov/tpm/tpm.cpp b/src/lib/prov/tpm/tpm.cpp
@@ -9,10 +9,10 @@
 
 #include <botan/der_enc.h>
 #include <botan/hash.h>
+#include <botan/pk_ops.h>
 #include <botan/rsa.h>
 #include <botan/internal/fmt.h>
 #include <botan/internal/hash_id.h>
-#include <botan/internal/pk_ops.h>
 #include <botan/internal/workfactor.h>
 #include <limits>
 

diff --git a/src/lib/pubkey/info.txt b/src/lib/pubkey/info.txt
@@ -11,14 +11,14 @@ brief -> "Implementations of public key schemes"
 pk_algs.h
 pk_keys.h
 pk_ops_fwd.h
+pk_ops.h
 pkcs8.h
 pubkey.h
 x509_key.h
 </header:public>
 
 <header:internal>
 blinding.h
-pk_ops.h
 pk_ops_impl.h
 workfactor.h
 </header:internal>

diff --git a/src/lib/pubkey/mce/mce_internal.h b/src/lib/pubkey/mce/mce_internal.h
@@ -13,7 +13,7 @@
 #define BOTAN_MCELIECE_INTERNAL_H_
 
 #include <botan/mceliece.h>
-#include <botan/internal/pk_ops.h>
+#include <botan/pk_ops.h>
 #include <botan/internal/polyn_gf2m.h>
 
 namespace Botan {

diff --git a/src/lib/pubkey/pk_keys.cpp b/src/lib/pubkey/pk_keys.cpp
@@ -10,8 +10,8 @@
 #include <botan/der_enc.h>
 #include <botan/hash.h>
 #include <botan/hex.h>
+#include <botan/pk_ops.h>
 #include <botan/internal/fmt.h>
-#include <botan/internal/pk_ops.h>
 
 namespace Botan {
 

diff --git a/src/lib/pubkey/pk_ops.h b/src/lib/pubkey/pk_ops.h
@@ -16,6 +16,11 @@
 * Unless you're doing something like that, you don't need anything
 * here. Instead use pubkey.h which wraps these types safely and
 * provides a stable application-oriented API.
+*
+* Note: This header was accidentally pulled from the public API between
+*       Botan 3.0.0 and 3.2.0, and then restored in 3.3.0. If you are
+*       maintaining an application which used this header in Botan 2.x,
+*       you should make sure to use Botan 3.3.0 or later when migrating.
 */
 
 #include <botan/pk_keys.h>
@@ -33,7 +38,7 @@ namespace PK_Ops {
 /**
 * Public key encryption interface
 */
-class Encryption {
+class BOTAN_UNSTABLE_API Encryption {
    public:
       virtual secure_vector<uint8_t> encrypt(const uint8_t msg[], size_t msg_len, RandomNumberGenerator& rng) = 0;
 
@@ -47,7 +52,7 @@ class Encryption {
 /**
 * Public key decryption interface
 */
-class Decryption {
+class BOTAN_UNSTABLE_API Decryption {
    public:
       virtual secure_vector<uint8_t> decrypt(uint8_t& valid_mask,
                                              const uint8_t ciphertext[],
@@ -61,7 +66,7 @@ class Decryption {
 /**
 * Public key signature verification interface
 */
-class Verification {
+class BOTAN_UNSTABLE_API Verification {
    public:
       /**
       * Add more data to the message currently being signed
@@ -86,7 +91,7 @@ class Verification {
 /**
 * Public key signature creation interface
 */
-class Signature {
+class BOTAN_UNSTABLE_API Signature {
    public:
       /**
       * Add more data to the message currently being signed
@@ -124,7 +129,7 @@ class Signature {
 /**
 * A generic key agreement operation (eg DH or ECDH)
 */
-class Key_Agreement {
+class BOTAN_UNSTABLE_API Key_Agreement {
    public:
       virtual secure_vector<uint8_t> agree(
          size_t key_len, const uint8_t other_key[], size_t other_key_len, const uint8_t salt[], size_t salt_len) = 0;
@@ -137,7 +142,7 @@ class Key_Agreement {
 /**
 * KEM (key encapsulation)
 */
-class KEM_Encryption {
+class BOTAN_UNSTABLE_API KEM_Encryption {
    public:
       virtual void kem_encrypt(std::span<uint8_t> out_encapsulated_key,
                                std::span<uint8_t> out_shared_key,
@@ -152,7 +157,7 @@ class KEM_Encryption {
       virtual ~KEM_Encryption() = default;
 };
 
-class KEM_Decryption {
+class BOTAN_UNSTABLE_API KEM_Decryption {
    public:
       virtual void kem_decrypt(std::span<uint8_t> out_shared_key,
                                std::span<const uint8_t> encapsulated_key,

diff --git a/src/lib/pubkey/pk_ops_impl.h b/src/lib/pubkey/pk_ops_impl.h
@@ -10,8 +10,8 @@
 
 #include <botan/hash.h>
 #include <botan/kdf.h>
+#include <botan/pk_ops.h>
 #include <botan/internal/eme.h>
-#include <botan/internal/pk_ops.h>
 
 namespace Botan::PK_Ops {
 

diff --git a/src/lib/pubkey/pubkey.cpp b/src/lib/pubkey/pubkey.cpp
@@ -10,11 +10,11 @@
 #include <botan/bigint.h>
 #include <botan/der_enc.h>
 #include <botan/mem_ops.h>
+#include <botan/pk_ops.h>
 #include <botan/rng.h>
 #include <botan/internal/ct_utils.h>
 #include <botan/internal/fmt.h>
 #include <botan/internal/parsing.h>
-#include <botan/internal/pk_ops.h>
 #include <botan/internal/pss_params.h>
 
 namespace Botan {

diff --git a/src/lib/pubkey/sm2/sm2_enc.cpp b/src/lib/pubkey/sm2/sm2_enc.cpp
@@ -11,9 +11,9 @@
 #include <botan/der_enc.h>
 #include <botan/hash.h>
 #include <botan/kdf.h>
+#include <botan/pk_ops.h>
 #include <botan/internal/ct_utils.h>
 #include <botan/internal/fmt.h>
-#include <botan/internal/pk_ops.h>
 #include <botan/internal/point_mul.h>
 
 namespace Botan {

diff --git a/src/lib/pubkey/sphincsplus/sphincsplus_common/sphincsplus.cpp b/src/lib/pubkey/sphincsplus/sphincsplus_common/sphincsplus.cpp
@@ -6,9 +6,9 @@
 * Botan is released under the Simplified BSD License (see license.txt)
 **/
 
-#include <botan/rng.h>
 #include <botan/sphincsplus.h>
 
+#include <botan/rng.h>
 #include <botan/internal/pk_ops_impl.h>
 #include <botan/internal/sp_fors.h>
 #include <botan/internal/sp_hash.h>

diff --git a/src/lib/pubkey/xmss/xmss_signature_operation.h b/src/lib/pubkey/xmss/xmss_signature_operation.h
@@ -8,8 +8,8 @@
 #ifndef BOTAN_XMSS_SIGNATURE_OPERATION_H_
 #define BOTAN_XMSS_SIGNATURE_OPERATION_H_
 
+#include <botan/pk_ops.h>
 #include <botan/xmss.h>
-#include <botan/internal/pk_ops.h>
 #include <botan/internal/xmss_address.h>
 #include <botan/internal/xmss_signature.h>
 #include <botan/internal/xmss_wots.h>

diff --git a/src/lib/pubkey/xmss/xmss_verification_operation.h b/src/lib/pubkey/xmss/xmss_verification_operation.h
@@ -8,8 +8,8 @@
 #ifndef BOTAN_XMSS_VERIFICATION_OPERATION_H_
 #define BOTAN_XMSS_VERIFICATION_OPERATION_H_
 
+#include <botan/pk_ops.h>
 #include <botan/xmss.h>
-#include <botan/internal/pk_ops.h>
 #include <botan/internal/xmss_signature.h>
 
 namespace Botan {