9#include <botan/p11_ecdh.h>
11#if defined(BOTAN_HAS_ECDH)
13#include <botan/internal/p11_mechanism.h>
14#include <botan/der_enc.h>
15#include <botan/pk_ops.h>
22ECDH_PublicKey PKCS11_ECDH_PublicKey::export_key()
const
24 return ECDH_PublicKey(domain(), public_point());
27ECDH_PrivateKey PKCS11_ECDH_PrivateKey::export_key()
const
35secure_vector<uint8_t> PKCS11_ECDH_PrivateKey::private_key_bits()
const
37 return export_key().private_key_bits();
41class PKCS11_ECDH_KA_Operation
final :
public PK_Ops::Key_Agreement
44 PKCS11_ECDH_KA_Operation(
const PKCS11_EC_PrivateKey& key,
const std::string& params)
45 : PK_Ops::Key_Agreement(), m_key(key), m_mechanism(MechanismWrapper::create_ecdh_mechanism(params))
48 size_t agreed_value_size()
const override {
return m_key.domain().get_p_bytes(); }
52 secure_vector<uint8_t> agree(
size_t key_len,
const uint8_t other_key[],
size_t other_key_len,
const uint8_t salt[],
55 std::vector<uint8_t> der_encoded_other_key;
56 if(m_key.point_encoding() == PublicPointEncoding::Der)
58 DER_Encoder(der_encoded_other_key).encode(other_key, other_key_len, OCTET_STRING);
59 m_mechanism.set_ecdh_other_key(der_encoded_other_key.data(), der_encoded_other_key.size());
63 m_mechanism.set_ecdh_other_key(other_key, other_key_len);
68 m_mechanism.set_ecdh_salt(salt,
salt_len);
72 AttributeContainer attributes;
73 attributes.add_bool(AttributeType::Sensitive,
false);
74 attributes.add_bool(AttributeType::Extractable,
true);
75 attributes.add_numeric(AttributeType::Class,
static_cast< CK_OBJECT_CLASS >(ObjectClass::SecretKey));
76 attributes.add_numeric(AttributeType::KeyType,
static_cast< CK_KEY_TYPE >(KeyType::GenericSecret));
77 attributes.add_numeric(AttributeType::ValueLen,
static_cast< CK_ULONG >(key_len));
78 m_key.module()->C_DeriveKey(m_key.session().handle(), m_mechanism.data(), m_key.handle(), attributes.data(),
79 static_cast<Ulong>(attributes.count()), &secret_handle);
81 Object secret_object(m_key.session(), secret_handle);
82 secure_vector<uint8_t> secret = secret_object.get_attribute_value(AttributeType::Value);
83 if(secret.size() < key_len)
85 throw PKCS11_Error(
"ECDH key derivation secret length is too short");
87 secret.resize(key_len);
92 const PKCS11_EC_PrivateKey& m_key;
93 MechanismWrapper m_mechanism;
98std::unique_ptr<PK_Ops::Key_Agreement>
99PKCS11_ECDH_PrivateKey::create_key_agreement_op(RandomNumberGenerator&,
100 const std::string& params,
101 const std::string& )
const
103 return std::unique_ptr<PK_Ops::Key_Agreement>(
new PKCS11_ECDH_KA_Operation(*
this, params));
106PKCS11_ECDH_KeyPair generate_ecdh_keypair(Session& session,
const EC_PublicKeyGenerationProperties& pub_props,
107 const EC_PrivateKeyGenerationProperties& priv_props)
114 session.module()->C_GenerateKeyPair(session.handle(), &mechanism,
115 pub_props.data(),
static_cast<Ulong>(pub_props.count()),
116 priv_props.data(),
static_cast<Ulong>(priv_props.count()),
117 &pub_key_handle, &priv_key_handle);
119 return std::make_pair(PKCS11_ECDH_PublicKey(session, pub_key_handle), PKCS11_ECDH_PrivateKey(session, priv_key_handle));
static BigInt decode(const uint8_t buf[], size_t length)
int(* final)(unsigned char *, CTX *)
CK_OBJECT_HANDLE ObjectHandle
unsigned long int CK_ULONG
CK_ULONG CK_MECHANISM_TYPE