Botan::PK_Signer Class Reference

#include <pubkey.h>

Public Member Functions
AlgorithmIdentifier	algorithm_identifier () const
std::string	hash_function () const
PK_Signer &	operator= (const PK_Signer &)=delete
PK_Signer &	operator= (PK_Signer &&) noexcept
	PK_Signer (const PK_Signer &)=delete
	PK_Signer (const Private_Key &key, RandomNumberGenerator &rng, std::string_view padding, Signature_Format format=Signature_Format::Standard, std::string_view provider="")
	PK_Signer (PK_Signer &&) noexcept
void	set_output_format (Signature_Format format)
std::vector< uint8_t >	sign_message (const uint8_t in[], size_t length, RandomNumberGenerator &rng)
std::vector< uint8_t >	sign_message (std::span< const uint8_t > in, RandomNumberGenerator &rng)
std::vector< uint8_t >	signature (RandomNumberGenerator &rng)
size_t	signature_length () const
void	update (const uint8_t in[], size_t length)
void	update (std::span< const uint8_t > in)
void	update (std::string_view in)
void	update (uint8_t in)
	~PK_Signer ()

Detailed Description

Public Key Signer. Use the sign_message() functions for small messages. Use multiple calls update() to process large messages and generate the signature by finally calling signature().

Definition at line 154 of file pubkey.h.

Constructor & Destructor Documentation

PK_Signer() [1/3]

Botan::PK_Signer::PK_Signer	(	const Private_Key &	key,
		RandomNumberGenerator &	rng,
		std::string_view	padding,
		Signature_Format	format = Signature_Format::Standard,
		std::string_view	provider = "" )

Construct a PK Signer.

Parameters

key	the key to use inside this signer
rng	the random generator to use
padding	the padding/hash to use, eg "SHA-512" or "PSS(SHA-256)"
format	the signature format to use
provider	the provider to use

Definition at line 251 of file pubkey.cpp.

                                              :
      m_sig_format(format), m_sig_element_size(key._signature_element_size_for_DER_encoding()) {
   if(m_sig_format == Signature_Format::DerSequence) {
      BOTAN_ARG_CHECK(m_sig_element_size.has_value(), "This key does not support DER signatures");
   }
 
   m_op = key.create_signature_op(rng, padding, provider);
   if(!m_op) {
      throw Invalid_Argument(fmt("Key type {} does not support signature generation", key.algo_name()));
   }
}

References Botan::Asymmetric_Key::algo_name(), BOTAN_ARG_CHECK, Botan::Private_Key::create_signature_op(), Botan::DerSequence, and Botan::fmt().

Referenced by operator=(), operator=(), PK_Signer(), PK_Signer(), and update().

~PK_Signer()

Botan::PK_Signer::~PK_Signer ( )

default

PK_Signer() [2/3]

Botan::PK_Signer::PK_Signer ( const PK_Signer & )

delete

References PK_Signer().

PK_Signer() [3/3]

Botan::PK_Signer::PK_Signer ( PK_Signer && )

defaultnoexcept

References PK_Signer().

Member Function Documentation

algorithm_identifier()

AlgorithmIdentifier Botan::PK_Signer::algorithm_identifier

(

)

const

Return an AlgorithmIdentifier appropriate for identifying the signature method being generated by this PK_Signer. Throws an exception if this is not available for the current signature scheme.

Definition at line 267 of file pubkey.cpp.

                                                          {
   return m_op->algorithm_identifier();
}

hash_function()

std::string Botan::PK_Signer::hash_function

(

)

const

Return the hash function which is being used to create signatures. This should never return an empty string however it may return a string which does not map directly to a hash function, in particular if "Raw" (unhashed) encoding is being used.

Definition at line 271 of file pubkey.cpp.

                                         {
   return m_op->hash_function();
}

operator=() [1/2]

PK_Signer & Botan::PK_Signer::operator= ( const PK_Signer & )

delete

References PK_Signer().

operator=() [2/2]

PK_Signer & Botan::PK_Signer::operator= ( PK_Signer && )

defaultnoexcept

References PK_Signer().

set_output_format()

void Botan::PK_Signer::set_output_format ( Signature_Format format )

inline

Set the output format of the signature.

Parameters

format

the signature format to use

Definition at line 237 of file pubkey.h.

{ m_sig_format = format; }

sign_message() [1/2]

std::vector< uint8_t > Botan::PK_Signer::sign_message ( const uint8_t in[], size_t length, RandomNumberGenerator & rng )

inline

Sign a message all in one go

Parameters

in	the message to sign as a byte array
length	the length of the above byte array
rng	the rng to use

Returns

signature

Definition at line 185 of file pubkey.h.

                                                                                                     {
         this->update(in, length);
         return this->signature(rng);
      }

References sign_message(), signature(), and update().

Referenced by Botan::X509_Object::make_signed(), sign_message(), sign_message(), Botan::KeyPair::signature_consistency_check(), and Botan::TLS::Callbacks::tls_sign_message().

sign_message() [2/2]

std::vector< uint8_t > Botan::PK_Signer::sign_message ( std::span< const uint8_t > in, RandomNumberGenerator & rng )

inline

Sign a message.

Parameters

in	the message to sign
rng	the rng to use

Returns

signature

Definition at line 196 of file pubkey.h.

                                                                                             {
         return sign_message(in.data(), in.size(), rng);
      }

References sign_message().

signature()

std::vector< uint8_t > Botan::PK_Signer::signature

(

RandomNumberGenerator &

rng

)

Get the signature of the so far processed message (provided by the calls to update()).

Parameters

rng	the rng to use

Returns

signature of the total message

Definition at line 353 of file pubkey.cpp.

                                                                  {
   std::vector<uint8_t> sig = m_op->sign(rng);
 
   if(m_sig_format == Signature_Format::Standard) {
      return sig;
   } else if(m_sig_format == Signature_Format::DerSequence) {
      BOTAN_ASSERT_NOMSG(m_sig_element_size.has_value());
      return der_encode_signature(sig, 2, m_sig_element_size.value());
   } else {
      throw Internal_Error("PK_Signer: Invalid signature format enum");
   }
}

References BOTAN_ASSERT_NOMSG, Botan::DerSequence, and Botan::Standard.

Referenced by sign_message().

signature_length()

size_t Botan::PK_Signer::signature_length

(

)

const

Return an upper bound on the length of the signatures this PK_Signer will produce

Definition at line 309 of file pubkey.cpp.

                                         {
   if(m_sig_format == Signature_Format::Standard) {
      return m_op->signature_length();
   } else if(m_sig_format == Signature_Format::DerSequence) {
      const size_t sig_len = m_op->signature_length();
 
      const size_t der_overhead = [sig_len]() {
         /*
         This was computed by DER encoding of some maximal value signatures
         (since DER is variable length)
 
         The first two cases covers all EC schemes since groups are at most 521
         bits.
 
         The other cases are only for finite field DSA which practically is only
         used up to 3072 bit groups but the calculation is correct up to a
         262096 (!) bit group so allow it. There are some intermediate sizes but
         this function is allowed to (and indeed must) return an over-estimate
         rather than an exact value since the actual length will change based on
         the computed signature.
         */
 
         if(sig_len <= 120) {
            // EC signatures <= 480 bits
            return 8;
         } else if(sig_len <= 248) {
            // EC signatures > 480 bits (or very small DSA groups...)
            return 9;
         } else {
            // Everything else. This is an over-estimate for groups under
            // 2040 bits but exact otherwise
 
            // This requires 15 bytes DER overhead and should never happen
            BOTAN_ASSERT_NOMSG(sig_len < 65524);
            return 14;
         }
      }();
 
      return sig_len + der_overhead;
   } else {
      throw Internal_Error("PK_Signer: Invalid signature format enum");
   }
}

References BOTAN_ASSERT_NOMSG, Botan::DerSequence, and Botan::Standard.

update() [1/4]

void Botan::PK_Signer::update	(	const uint8_t	in[],
		size_t	length )

Add a message part.

Parameters

in	the message part to add as a byte array
length	the length of the above byte array

Definition at line 284 of file pubkey.cpp.

                                                        {
   m_op->update({in, length});
}

update() [2/4]

void Botan::PK_Signer::update ( std::span< const uint8_t > in )

inline

Add a message part.

Parameters

in	the message part to add

Definition at line 217 of file pubkey.h.

{ update(in.data(), in.size()); }

References update().

Referenced by update().

update() [3/4]

void Botan::PK_Signer::update

(

std::string_view

in

)

Add a message part.

Parameters

in	the message part to add

Definition at line 280 of file pubkey.cpp.

                                        {
   this->update(as_span_of_bytes(in));
}

References Botan::as_span_of_bytes(), PK_Signer(), and update().

update() [4/4]

void Botan::PK_Signer::update ( uint8_t in )

inline

Add a message part (single byte).

Parameters

in	the byte to add

Definition at line 204 of file pubkey.h.

{ update(&in, 1); }

References update().

Referenced by sign_message(), update(), and update().

---

The documentation for this class was generated from the following files:

• src/lib/pubkey/pubkey.h
• src/lib/pubkey/pubkey.cpp