Botan 2.19.3
Crypto and TLS for C&
p11_rsa.h
Go to the documentation of this file.
1/*
2* PKCS#11 RSA
3* (C) 2016 Daniel Neus, Sirrix AG
4* (C) 2016 Philipp Weber, Sirrix AG
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_P11_RSA_H_
10#define BOTAN_P11_RSA_H_
11
12#include <botan/p11_types.h>
13#include <botan/p11_object.h>
14#include <botan/pk_keys.h>
15#include <botan/bigint.h>
16
17#if defined(BOTAN_HAS_RSA)
18#include <botan/rsa.h>
19#include <utility>
20
21namespace Botan {
22namespace PKCS11 {
23
24/// Properties for generating a PKCS#11 RSA public key
25class BOTAN_PUBLIC_API(2,0) RSA_PublicKeyGenerationProperties final : public PublicKeyProperties
26 {
27 public:
28 /// @param bits length in bits of modulus n
29 explicit RSA_PublicKeyGenerationProperties(Ulong bits);
30
31 /// @param pub_exponent public exponent e
32 inline void set_pub_exponent(const BigInt& pub_exponent = BigInt(0x10001))
33 {
34 add_binary(AttributeType::PublicExponent, BigInt::encode(pub_exponent));
35 }
36
37 virtual ~RSA_PublicKeyGenerationProperties() = default;
38 };
39
40/// Properties for importing a PKCS#11 RSA public key
41class BOTAN_PUBLIC_API(2,0) RSA_PublicKeyImportProperties final : public PublicKeyProperties
42 {
43 public:
44 /// @param modulus modulus n
45 /// @param pub_exponent public exponent e
46 RSA_PublicKeyImportProperties(const BigInt& modulus, const BigInt& pub_exponent);
47
48 /// @return the modulus
49 inline const BigInt& modulus() const
50 {
51 return m_modulus;
52 }
53
54 /// @return the public exponent
55 inline const BigInt& pub_exponent() const
56 {
57 return m_pub_exponent;
58 }
59
60 virtual ~RSA_PublicKeyImportProperties() = default;
61 private:
62 const BigInt m_modulus;
63 const BigInt m_pub_exponent;
64 };
65
66/// Represents a PKCS#11 RSA public key
67class BOTAN_PUBLIC_API(2,0) PKCS11_RSA_PublicKey : public Object, public RSA_PublicKey
68 {
69 public:
70 static const ObjectClass Class = ObjectClass::PublicKey;
71
72 /**
73 * Creates a PKCS11_RSA_PublicKey object from an existing PKCS#11 RSA public key
74 * @param session the session to use
75 * @param handle the handle of the RSA public key
76 */
77 PKCS11_RSA_PublicKey(Session& session, ObjectHandle handle);
78
79 /**
80 * Imports a RSA public key
81 * @param session the session to use
82 * @param pubkey_props the attributes of the public key
83 */
84 PKCS11_RSA_PublicKey(Session& session, const RSA_PublicKeyImportProperties& pubkey_props);
85
86 std::unique_ptr<PK_Ops::Encryption>
87 create_encryption_op(RandomNumberGenerator& rng,
88 const std::string& params,
89 const std::string& provider) const override;
90
91 std::unique_ptr<PK_Ops::Verification>
92 create_verification_op(const std::string& params,
93 const std::string& provider) const override;
94 };
95
96/// Properties for importing a PKCS#11 RSA private key
97class BOTAN_PUBLIC_API(2,0) RSA_PrivateKeyImportProperties final : public PrivateKeyProperties
98 {
99 public:
100 /**
101 * @param modulus modulus n
102 * @param priv_exponent private exponent d
103 */
104 RSA_PrivateKeyImportProperties(const BigInt& modulus, const BigInt& priv_exponent);
105
106 /// @param pub_exponent public exponent e
107 inline void set_pub_exponent(const BigInt& pub_exponent)
108 {
109 add_binary(AttributeType::PublicExponent, BigInt::encode(pub_exponent));
110 }
111
112 /// @param prime1 prime p
113 inline void set_prime_1(const BigInt& prime1)
114 {
115 add_binary(AttributeType::Prime1, BigInt::encode(prime1));
116 }
117
118 /// @param prime2 prime q
119 inline void set_prime_2(const BigInt& prime2)
120 {
121 add_binary(AttributeType::Prime2, BigInt::encode(prime2));
122 }
123
124 /// @param exp1 private exponent d modulo p-1
125 inline void set_exponent_1(const BigInt& exp1)
126 {
127 add_binary(AttributeType::Exponent1, BigInt::encode(exp1));
128 }
129
130 /// @param exp2 private exponent d modulo q-1
131 inline void set_exponent_2(const BigInt& exp2)
132 {
133 add_binary(AttributeType::Exponent2, BigInt::encode(exp2));
134 }
135
136 /// @param coeff CRT coefficient q^-1 mod p
137 inline void set_coefficient(const BigInt& coeff)
138 {
139 add_binary(AttributeType::Coefficient, BigInt::encode(coeff));
140 }
141
142 /// @return the modulus
143 inline const BigInt& modulus() const
144 {
145 return m_modulus;
146 }
147
148 /// @return the private exponent
149 inline const BigInt& priv_exponent() const
150 {
151 return m_priv_exponent;
152 }
153
154 virtual ~RSA_PrivateKeyImportProperties() = default;
155
156 private:
157 const BigInt m_modulus;
158 const BigInt m_priv_exponent;
159 };
160
161/// Properties for generating a PKCS#11 RSA private key
162class BOTAN_PUBLIC_API(2,0) RSA_PrivateKeyGenerationProperties final : public PrivateKeyProperties
163 {
164 public:
165 RSA_PrivateKeyGenerationProperties()
166 : PrivateKeyProperties(KeyType::Rsa)
167 {}
168
169 virtual ~RSA_PrivateKeyGenerationProperties() = default;
170 };
171
172/// Represents a PKCS#11 RSA private key
173class BOTAN_PUBLIC_API(2,0) PKCS11_RSA_PrivateKey final :
174 public Object, public Private_Key, public RSA_PublicKey
175 {
176 public:
177 static const ObjectClass Class = ObjectClass::PrivateKey;
178
179 /// Creates a PKCS11_RSA_PrivateKey object from an existing PKCS#11 RSA private key
180 PKCS11_RSA_PrivateKey(Session& session, ObjectHandle handle);
181
182 /**
183 * Imports a RSA private key
184 * @param session the session to use
185 * @param priv_key_props the properties of the RSA private key
186 */
187 PKCS11_RSA_PrivateKey(Session& session, const RSA_PrivateKeyImportProperties& priv_key_props);
188
189 /**
190 * Generates a PKCS#11 RSA private key
191 * @param session the session to use
192 * @param bits length in bits of modulus n
193 * @param priv_key_props the properties of the RSA private key
194 * @note no persistent public key object will be created
195 */
196 PKCS11_RSA_PrivateKey(Session& session, uint32_t bits, const RSA_PrivateKeyGenerationProperties& priv_key_props);
197
198 /// @return the exported RSA private key
199 RSA_PrivateKey export_key() const;
200
201 secure_vector<uint8_t> private_key_bits() const override;
202
203 std::unique_ptr<PK_Ops::Decryption>
204 create_decryption_op(RandomNumberGenerator& rng,
205 const std::string& params,
206 const std::string& provider) const override;
207
208 std::unique_ptr<PK_Ops::Signature>
209 create_signature_op(RandomNumberGenerator& rng,
210 const std::string& params,
211 const std::string& provider) const override;
212 };
213
214using PKCS11_RSA_KeyPair = std::pair<PKCS11_RSA_PublicKey, PKCS11_RSA_PrivateKey>;
215
216/**
217* RSA key pair generation
218* @param session the session that should be used for the key generation
219* @param pub_props properties of the public key
220* @param priv_props properties of the private key
221*/
222BOTAN_PUBLIC_API(2,0) PKCS11_RSA_KeyPair generate_rsa_keypair(Session& session, const RSA_PublicKeyGenerationProperties& pub_props,
223 const RSA_PrivateKeyGenerationProperties& priv_props);
224}
225
226}
227#endif
228
229#endif
int(* final)(unsigned char *, CTX *)
#define BOTAN_PUBLIC_API(maj, min)
Definition compiler.h:31