Botan 3.7.1
Crypto and TLS for C&
Botan::PK_Signer Class Referencefinal

#include <pubkey.h>

Public Member Functions

AlgorithmIdentifier algorithm_identifier () const
 
std::string hash_function () const
 
PK_Signeroperator= (const PK_Signer &)=delete
 
PK_Signeroperator= (PK_Signer &&) noexcept
 
 PK_Signer (const PK_Signer &)=delete
 
 PK_Signer (const Private_Key &key, RandomNumberGenerator &rng, std::string_view padding, Signature_Format format=Signature_Format::Standard, std::string_view provider="")
 
 PK_Signer (PK_Signer &&) noexcept
 
void set_output_format (Signature_Format format)
 
std::vector< uint8_t > sign_message (const uint8_t in[], size_t length, RandomNumberGenerator &rng)
 
std::vector< uint8_t > sign_message (std::span< const uint8_t > in, RandomNumberGenerator &rng)
 
std::vector< uint8_t > signature (RandomNumberGenerator &rng)
 
size_t signature_length () const
 
void update (const uint8_t in[], size_t length)
 
void update (std::span< const uint8_t > in)
 
void update (std::string_view in)
 
void update (uint8_t in)
 
 ~PK_Signer ()
 

Detailed Description

Public Key Signer. Use the sign_message() functions for small messages. Use multiple calls update() to process large messages and generate the signature by finally calling signature().

Definition at line 155 of file pubkey.h.

Constructor & Destructor Documentation

◆ PK_Signer() [1/3]

Botan::PK_Signer::PK_Signer ( const Private_Key & key,
RandomNumberGenerator & rng,
std::string_view padding,
Signature_Format format = Signature_Format::Standard,
std::string_view provider = "" )

Construct a PK Signer.

Parameters
keythe key to use inside this signer
rngthe random generator to use
paddingthe padding/hash to use, eg "SHA-512" or "PSS(SHA-256)"
formatthe signature format to use
providerthe provider to use

Definition at line 253 of file pubkey.cpp.

257 :
258 m_sig_format(format) {
259 if(m_sig_format == Signature_Format::DerSequence) {
260 m_sig_element_size = key._signature_element_size_for_DER_encoding();
261 BOTAN_ARG_CHECK(m_sig_element_size.has_value(), "This key does not support DER signatures");
262 }
263
264 m_op = key.create_signature_op(rng, emsa, provider);
265 if(!m_op) {
266 throw Invalid_Argument(fmt("Key type {} does not support signature generation", key.algo_name()));
267 }
268}
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:29
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53

References Botan::Asymmetric_Key::_signature_element_size_for_DER_encoding(), Botan::Asymmetric_Key::algo_name(), BOTAN_ARG_CHECK, Botan::Private_Key::create_signature_op(), Botan::DerSequence, and Botan::fmt().

◆ ~PK_Signer()

Botan::PK_Signer::~PK_Signer ( )
default

◆ PK_Signer() [2/3]

Botan::PK_Signer::PK_Signer ( const PK_Signer & )
delete

◆ PK_Signer() [3/3]

Botan::PK_Signer::PK_Signer ( PK_Signer && )
defaultnoexcept

Member Function Documentation

◆ algorithm_identifier()

AlgorithmIdentifier Botan::PK_Signer::algorithm_identifier ( ) const

Return an AlgorithmIdentifier appropriate for identifying the signature method being generated by this PK_Signer. Throws an exception if this is not available for the current signature scheme.

Definition at line 270 of file pubkey.cpp.

270 {
271 return m_op->algorithm_identifier();
272}

◆ hash_function()

std::string Botan::PK_Signer::hash_function ( ) const

Return the hash function which is being used to create signatures. This should never return an empty string however it may return a string which does not map directly to a hash function, in particular if "Raw" (unhashed) encoding is being used.

Definition at line 274 of file pubkey.cpp.

274 {
275 return m_op->hash_function();
276}

◆ operator=() [1/2]

PK_Signer & Botan::PK_Signer::operator= ( const PK_Signer & )
delete

◆ operator=() [2/2]

PK_Signer & Botan::PK_Signer::operator= ( PK_Signer && )
defaultnoexcept

◆ set_output_format()

void Botan::PK_Signer::set_output_format ( Signature_Format format)
inline

Set the output format of the signature.

Parameters
formatthe signature format to use

Definition at line 238 of file pubkey.h.

238{ m_sig_format = format; }

◆ sign_message() [1/2]

std::vector< uint8_t > Botan::PK_Signer::sign_message ( const uint8_t in[],
size_t length,
RandomNumberGenerator & rng )
inline

Sign a message all in one go

Parameters
inthe message to sign as a byte array
lengththe length of the above byte array
rngthe rng to use
Returns
signature

Definition at line 186 of file pubkey.h.

186 {
187 this->update(in, length);
188 return this->signature(rng);
189 }
std::vector< uint8_t > signature(RandomNumberGenerator &rng)
Definition pubkey.cpp:356
int(* update)(CTX *, const void *, CC_LONG len)

References update.

Referenced by Botan::X509_Object::make_signed(), Botan::KeyPair::signature_consistency_check(), and Botan::TLS::Callbacks::tls_sign_message().

◆ sign_message() [2/2]

std::vector< uint8_t > Botan::PK_Signer::sign_message ( std::span< const uint8_t > in,
RandomNumberGenerator & rng )
inline

Sign a message.

Parameters
inthe message to sign
rngthe rng to use
Returns
signature

Definition at line 197 of file pubkey.h.

197 {
198 return sign_message(in.data(), in.size(), rng);
199 }
std::vector< uint8_t > sign_message(const uint8_t in[], size_t length, RandomNumberGenerator &rng)
Definition pubkey.h:186

References Botan::sign_message().

◆ signature()

std::vector< uint8_t > Botan::PK_Signer::signature ( RandomNumberGenerator & rng)

Get the signature of the so far processed message (provided by the calls to update()).

Parameters
rngthe rng to use
Returns
signature of the total message

Definition at line 356 of file pubkey.cpp.

356 {
357 std::vector<uint8_t> sig = m_op->sign(rng);
358
359 if(m_sig_format == Signature_Format::Standard) {
360 return sig;
361 } else if(m_sig_format == Signature_Format::DerSequence) {
362 BOTAN_ASSERT_NOMSG(m_sig_element_size.has_value());
363 return der_encode_signature(sig, 2, m_sig_element_size.value());
364 } else {
365 throw Internal_Error("PK_Signer: Invalid signature format enum");
366 }
367}
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:59

References BOTAN_ASSERT_NOMSG, Botan::DerSequence, and Botan::Standard.

◆ signature_length()

size_t Botan::PK_Signer::signature_length ( ) const

Return an upper bound on the length of the signatures this PK_Signer will produce

Definition at line 312 of file pubkey.cpp.

312 {
313 if(m_sig_format == Signature_Format::Standard) {
314 return m_op->signature_length();
315 } else if(m_sig_format == Signature_Format::DerSequence) {
316 size_t sig_len = m_op->signature_length();
317
318 size_t der_overhead = [sig_len]() {
319 /*
320 This was computed by DER encoding of some maximal value signatures
321 (since DER is variable length)
322
323 The first two cases covers all EC schemes since groups are at most 521
324 bits.
325
326 The other cases are only for finite field DSA which practically is only
327 used up to 3072 bit groups but the calculation is correct up to a
328 262096 (!) bit group so allow it. There are some intermediate sizes but
329 this function is allowed to (and indeed must) return an over-estimate
330 rather than an exact value since the actual length will change based on
331 the computed signature.
332 */
333
334 if(sig_len <= 120) {
335 // EC signatures <= 480 bits
336 return 8;
337 } else if(sig_len <= 248) {
338 // EC signatures > 480 bits (or very small DSA groups...)
339 return 9;
340 } else {
341 // Everything else. This is an over-estimate for groups under
342 // 2040 bits but exact otherwise
343
344 // This requires 15 bytes DER overhead and should never happen
345 BOTAN_ASSERT_NOMSG(sig_len < 65524);
346 return 14;
347 }
348 }();
349
350 return sig_len + der_overhead;
351 } else {
352 throw Internal_Error("PK_Signer: Invalid signature format enum");
353 }
354}

References BOTAN_ASSERT_NOMSG, Botan::DerSequence, and Botan::Standard.

◆ update() [1/4]

void Botan::PK_Signer::update ( const uint8_t in[],
size_t length )

Add a message part.

Parameters
inthe message part to add as a byte array
lengththe length of the above byte array

Definition at line 287 of file pubkey.cpp.

287 {
288 m_op->update({in, length});
289}

◆ update() [2/4]

void Botan::PK_Signer::update ( std::span< const uint8_t > in)
inline

Add a message part.

Parameters
inthe message part to add

Definition at line 218 of file pubkey.h.

218{ update(in.data(), in.size()); }

References update().

Referenced by update().

◆ update() [3/4]

void Botan::PK_Signer::update ( std::string_view in)

Add a message part.

Parameters
inthe message part to add

Definition at line 283 of file pubkey.cpp.

283 {
284 this->update(cast_char_ptr_to_uint8(in.data()), in.size());
285}
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition mem_ops.h:274

References Botan::cast_char_ptr_to_uint8(), and update.

◆ update() [4/4]

void Botan::PK_Signer::update ( uint8_t in)
inline

Add a message part (single byte).

Parameters
inthe byte to add

Definition at line 205 of file pubkey.h.

205{ update(&in, 1); }

References update().

Referenced by update().


The documentation for this class was generated from the following files: